Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: Obxsgy8qRpnzcEAV1V2NVmg787w8lkr++0fg/uGSO1U=
Subject key identifier: EB:00:FF:A3:6E:22:8B:EC:FF:11:F6:2A:11:47:D5:9C:64:51:61:8E
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 260AC2397A06B5628286093D4AE5A641054DF721
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
Signing time: Fri 31 Oct 2025 06:42:15 +0000
ROA not before: Fri 31 Oct 2025 06:37:15 +0000
ROA not after: Fri 30 Oct 2026 06:42:15 +0000
asID: 3320
IP address blocks: 91.124.112.0/24 maxlen: 24
91.124.113.0/24 maxlen: 24
91.124.114.0/24 maxlen: 24
91.124.115.0/24 maxlen: 24
91.124.164.0/22 maxlen: 24
92.112.10.0/24 maxlen: 24
95.134.16.0/22 maxlen: 24
95.134.61.0/24 maxlen: 24
95.134.112.0/24 maxlen: 24
95.134.178.0/24 maxlen: 24
95.134.180.0/24 maxlen: 24
95.134.192.0/24 maxlen: 24
95.134.205.0/24 maxlen: 24
95.134.224.0/22 maxlen: 24
95.134.233.0/24 maxlen: 24
95.135.44.0/22 maxlen: 24
95.135.76.0/24 maxlen: 24
95.135.77.0/24 maxlen: 24
95.135.78.0/24 maxlen: 24
95.135.79.0/24 maxlen: 24
95.135.88.0/22 maxlen: 24
95.135.222.0/24 maxlen: 24
178.92.85.0/24 maxlen: 24
178.92.88.0/24 maxlen: 24
178.92.93.0/24 maxlen: 24
178.92.106.0/24 maxlen: 24
178.92.172.0/22 maxlen: 24
178.92.199.0/24 maxlen: 24
178.92.207.0/24 maxlen: 24
178.92.248.0/24 maxlen: 24
178.93.17.0/24 maxlen: 24
178.93.19.0/24 maxlen: 24
178.93.28.0/24 maxlen: 24
178.93.31.0/24 maxlen: 24
178.93.35.0/24 maxlen: 24
178.93.59.0/24 maxlen: 24
178.93.208.0/24 maxlen: 24
178.93.224.0/24 maxlen: 24
178.93.254.0/24 maxlen: 24
178.94.38.0/24 maxlen: 24
178.94.54.0/24 maxlen: 24
178.94.68.0/24 maxlen: 24
178.94.123.0/24 maxlen: 24
178.95.11.0/24 maxlen: 24
178.95.15.0/24 maxlen: 24
178.95.16.0/24 maxlen: 24
178.95.21.0/24 maxlen: 24
178.95.27.0/24 maxlen: 24
178.95.93.0/24 maxlen: 24
178.95.103.0/24 maxlen: 24
178.95.112.0/24 maxlen: 24
178.95.127.0/24 maxlen: 24
178.95.128.0/24 maxlen: 24
178.95.129.0/24 maxlen: 24
178.95.130.0/24 maxlen: 24
178.95.132.0/24 maxlen: 24
178.95.134.0/24 maxlen: 24
178.95.136.0/24 maxlen: 24
178.95.140.0/22 maxlen: 24
178.95.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:0a:c2:39:7a:06:b5:62:82:86:09:3d:4a:e5:a6:41:05:4d:f7:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 31 06:37:15 2025 GMT
Not After : Oct 30 06:42:15 2026 GMT
Subject: CN=EB00FFA36E228BECFF11F62A1147D59C6451618E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:85:bb:f3:ef:b8:40:de:64:af:c2:a8:35:5c:
5c:7c:64:80:3b:c1:ec:44:b3:15:3e:7a:d9:e7:6c:
d3:17:16:62:7a:0e:33:5e:50:af:46:9b:16:6b:b6:
23:b4:a2:e2:81:95:ef:aa:2d:d0:4c:0d:a6:23:14:
2d:20:c3:b1:e3:e8:84:c3:76:3d:66:c4:ab:7a:9e:
d9:5a:43:b0:67:cf:a8:c7:8f:9c:f1:af:9a:8f:52:
79:63:cb:77:b8:1e:8a:78:90:32:76:dc:d6:bc:cc:
be:c8:bf:30:6d:24:cc:22:bc:f3:ea:7c:4a:96:e6:
90:ff:1a:49:88:0b:df:36:49:6b:7a:26:92:ad:77:
9f:c9:78:c3:d6:ee:45:e8:9c:c1:8a:71:c3:55:f2:
2d:bd:f4:18:d5:35:a6:ca:02:b5:29:6c:53:3b:0e:
67:69:4c:72:9e:ef:ae:89:bf:ea:d0:81:92:52:29:
c9:e5:9b:bb:fa:72:88:2f:e1:8e:04:62:d6:e2:d3:
00:63:0f:06:de:60:8a:27:62:e7:38:48:89:4a:3b:
06:1d:43:15:d3:d7:b9:c0:1f:cc:46:ed:a4:e0:eb:
f9:37:c7:e2:4e:71:9f:98:41:16:af:0c:8b:90:67:
bb:b5:3d:b8:79:4b:ff:70:92:29:d1:1d:30:07:f1:
0d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:00:FF:A3:6E:22:8B:EC:FF:11:F6:2A:11:47:D5:9C:64:51:61:8E
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.112.0/22
91.124.164.0/22
92.112.10.0/24
95.134.16.0/22
95.134.61.0/24
95.134.112.0/24
95.134.178.0/24
95.134.180.0/24
95.134.192.0/24
95.134.205.0/24
95.134.224.0/22
95.134.233.0/24
95.135.44.0/22
95.135.76.0/22
95.135.88.0/22
95.135.222.0/24
178.92.85.0/24
178.92.88.0/24
178.92.93.0/24
178.92.106.0/24
178.92.172.0/22
178.92.199.0/24
178.92.207.0/24
178.92.248.0/24
178.93.17.0/24
178.93.19.0/24
178.93.28.0/24
178.93.31.0/24
178.93.35.0/24
178.93.59.0/24
178.93.208.0/24
178.93.224.0/24
178.93.254.0/24
178.94.38.0/24
178.94.54.0/24
178.94.68.0/24
178.94.123.0/24
178.95.11.0/24
178.95.15.0-178.95.16.255
178.95.21.0/24
178.95.27.0/24
178.95.93.0/24
178.95.103.0/24
178.95.112.0/24
178.95.127.0-178.95.130.255
178.95.132.0/24
178.95.134.0/24
178.95.136.0/24
178.95.140.0/22
178.95.194.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:cb:c4:e1:df:ce:61:d4:41:ad:60:3c:85:e6:ac:dc:c5:c4:
fc:68:0b:b5:f8:53:c0:4c:68:59:01:58:ac:e1:b3:5d:dc:99:
fa:20:05:a1:d7:05:6d:f7:1d:f9:f5:16:f9:59:a7:5b:c5:ee:
26:49:65:e4:de:23:cc:82:c1:65:56:0f:5c:96:c6:8c:ac:f5:
0a:57:7a:eb:d0:0d:e7:dc:49:d2:0a:b4:07:14:be:53:07:2b:
c4:56:cf:a8:1c:8b:3f:7d:b0:9b:22:76:db:96:ad:7f:f1:a1:
4f:b6:cf:37:5c:88:03:3a:3b:c0:6b:7d:c5:c2:ea:08:65:7f:
c7:b9:68:33:0f:c9:b0:b2:0b:5a:89:27:fa:92:87:2e:06:ec:
b4:6b:d7:bb:98:9f:07:e2:8b:7a:e4:7e:7e:ed:19:1f:1d:c7:
d9:28:86:c0:a9:e3:12:3e:62:00:5e:6a:54:20:ef:fc:90:35:
12:90:6c:42:80:68:d2:60:d8:20:9a:85:20:29:42:ff:77:b6:
78:09:13:ab:0c:7e:a9:bb:11:59:92:00:f8:06:1a:1a:54:74:
ec:2e:a6:0d:77:d4:75:e6:27:1e:20:e1:51:25:fb:20:b2:52:
93:f3:6f:5c:f1:27:e3:11:92:8f:1b:08:5a:76:62:e8:57:bf:
df:ec:9a:73
-----BEGIN CERTIFICATE-----
MIIGPjCCBSagAwIBAgIUJgrCOXoGtWKChgk9SuWmQQVN9yEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMzEwNjM3MTVaFw0yNjEwMzAwNjQyMTVaMDMxMTAvBgNV
BAMTKEVCMDBGRkEzNkUyMjhCRUNGRjExRjYyQTExNDdENTlDNjQ1MTYxOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+hbvz77hA3mSvwqg1XFx8ZIA7
wexEsxU+etnnbNMXFmJ6DjNeUK9GmxZrtiO0ouKBle+qLdBMDaYjFC0gw7Hj6ITD
dj1mxKt6ntlaQ7Bnz6jHj5zxr5qPUnljy3e4Hop4kDJ23Na8zL7IvzBtJMwivPPq
fEqW5pD/GkmIC982SWt6JpKtd5/JeMPW7kXonMGKccNV8i299BjVNabKArUpbFM7
DmdpTHKe766Jv+rQgZJSKcnlm7v6cogv4Y4EYtbi0wBjDwbeYIonYuc4SIlKOwYd
QxXT17nAH8xG7aTg6/k3x+JOcZ+YQRavDIuQZ7u1Pbh5S/9wkinRHTAH8Q31AgMB
AAGjggNIMIIDRDAdBgNVHQ4EFgQU6wD/o24ii+z/EfYqEUfVnGRRYY4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAV0GCCsGAQUFBwEHAQH/BIIBTDCCAUgwggFEBAIAATCC
ATwDBAJbfHADBAJbfKQDBABccAoDBAJfhhADBABfhj0DBABfhnADBABfhrIDBABf
hrQDBABfhsADBABfhs0DBAJfhuADBABfhukDBAJfhywDBAJfh0wDBAJfh1gDBABf
h94DBACyXFUDBACyXFgDBACyXF0DBACyXGoDBAKyXKwDBACyXMcDBACyXM8DBACy
XPgDBACyXREDBACyXRMDBACyXRwDBACyXR8DBACyXSMDBACyXTsDBACyXdADBACy
XeADBACyXf4DBACyXiYDBACyXjYDBACyXkQDBACyXnsDBACyXwswDAMEALJfDwME
ALJfEAMEALJfFQMEALJfGwMEALJfXQMEALJfZwMEALJfcDAMAwQAsl9/AwQAsl+C
AwQAsl+EAwQAsl+GAwQAsl+IAwQCsl+MAwQAsl/CMA0GCSqGSIb3DQEBCwUAA4IB
AQALy8Th385h1EGtYDyF5qzcxcT8aAu1+FPATGhZAVis4bNd3Jn6IAWh1wVt9x35
9Rb5Wadbxe4mSWXk3iPMgsFlVg9clsaMrPUKV3rr0A3n3EnSCrQHFL5TByvEVs+o
HIs/fbCbInbblq1/8aFPts83XIgDOjvAa33FwuoIZX/HuWgzD8mwsgtaiSf6kocu
Buy0a9e7mJ8H4ot65H5+7RkfHcfZKIbAqeMSPmIAXmpUIO/8kDUSkGxCgGjSYNgg
moUgKUL/d7Z4CROrDH6puxFZkgD4BhoaVHTsLqYNd9R15iceIOFRJfsgslKT829c
8SfjEZKPGwhadmLoV7/f7Jpz
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:04:56 2025 by rpki-client