Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: c6f/E0k/j4W6LRr9n5I3iQGGIDDSBiEuZe3uKdVvmac=
Subject key identifier: 3E:89:25:42:1F:41:3A:46:B0:67:38:C2:62:15:1C:3D:62:20:EF:6C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0210DF79A024D36BFB317667BB2508D03BBDA2D3
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
Signing time: Wed 23 Jul 2025 13:55:14 +0000
ROA not before: Wed 23 Jul 2025 13:50:14 +0000
ROA not after: Wed 22 Jul 2026 13:55:14 +0000
asID: 3320
IP address blocks: 91.124.112.0/24 maxlen: 24
91.124.113.0/24 maxlen: 24
91.124.114.0/24 maxlen: 24
91.124.115.0/24 maxlen: 24
91.124.164.0/22 maxlen: 24
92.112.10.0/24 maxlen: 24
95.134.16.0/22 maxlen: 24
95.134.224.0/22 maxlen: 24
95.135.44.0/22 maxlen: 24
95.135.76.0/24 maxlen: 24
95.135.77.0/24 maxlen: 24
95.135.78.0/24 maxlen: 24
95.135.79.0/24 maxlen: 24
95.135.88.0/22 maxlen: 24
95.135.222.0/24 maxlen: 24
178.92.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:10:df:79:a0:24:d3:6b:fb:31:76:67:bb:25:08:d0:3b:bd:a2:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jul 23 13:50:14 2025 GMT
Not After : Jul 22 13:55:14 2026 GMT
Subject: CN=3E8925421F413A46B06738C262151C3D6220EF6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:44:e1:c4:44:40:da:98:3e:9b:aa:ce:17:7b:
49:3e:f5:6d:57:de:37:bc:cf:8a:8b:0b:d4:68:c7:
f6:bb:30:89:e9:bc:6e:06:27:8e:22:2d:e9:c5:05:
5f:74:3a:7d:4c:10:7a:92:ef:d6:74:fb:88:44:f0:
d3:95:00:cb:78:65:b0:76:fd:59:72:fc:79:ac:79:
32:20:5c:78:52:18:a8:c7:de:dd:e0:6c:4a:3f:70:
6b:3b:00:29:de:a7:10:a3:49:bc:55:d3:3a:59:47:
06:30:7d:b3:73:c9:54:b3:7b:6b:66:21:fb:d7:7c:
6a:be:a3:ec:07:2e:b7:a0:3e:c6:a7:b0:d1:0d:7f:
fb:13:4e:fb:84:65:70:83:c1:91:b6:f2:f0:92:99:
ab:ec:90:d4:3f:a3:e0:0c:4a:23:1e:2c:73:c2:56:
c9:8c:f4:90:dc:c1:b1:66:af:99:93:41:91:63:88:
13:4d:51:5f:f9:a8:ad:a1:3b:04:91:8e:e6:40:2f:
af:08:75:46:5a:8f:e4:93:1b:9a:17:ca:9f:e6:94:
16:5c:ec:39:39:77:58:a1:57:49:fc:3f:10:3d:20:
2c:30:13:ab:a8:51:63:e3:a8:51:92:d8:87:58:3e:
0c:ba:a7:8d:7f:b8:50:6f:f9:55:8f:37:6b:ed:a0:
3e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:89:25:42:1F:41:3A:46:B0:67:38:C2:62:15:1C:3D:62:20:EF:6C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.112.0/22
91.124.164.0/22
92.112.10.0/24
95.134.16.0/22
95.134.224.0/22
95.135.44.0/22
95.135.76.0/22
95.135.88.0/22
95.135.222.0/24
178.92.172.0/22
Signature Algorithm: sha256WithRSAEncryption
20:1a:e4:fb:b8:d9:6f:5b:ba:9a:97:d5:cd:71:b1:3c:28:7f:
3a:a7:f1:5c:e3:fb:2f:9d:05:9c:3d:3b:45:96:e9:88:1e:ed:
c4:fd:09:41:c0:b9:43:a6:4d:08:ec:46:80:88:77:a4:41:52:
db:7f:fe:78:05:3d:8d:3f:e7:2c:85:22:26:e1:31:a5:6c:48:
5b:9f:31:3c:1e:1a:b7:54:87:c7:33:3d:93:a3:6b:97:75:4a:
53:25:91:0b:79:5c:75:77:5f:da:c7:50:9f:a8:13:35:fe:d3:
a5:21:ec:df:ae:95:06:f2:d7:5f:4d:a7:da:a2:2a:47:4b:2a:
59:68:27:4e:db:31:5d:41:69:6a:f4:eb:e6:ef:00:20:d8:70:
ce:ab:70:76:4c:9d:7f:f7:5a:99:cf:e7:43:c8:53:44:e6:28:
27:c6:d3:5a:93:34:56:30:cd:25:59:77:f4:02:62:3d:5d:75:
a5:88:bf:91:5b:a6:49:98:e2:e9:79:23:d6:8e:85:95:72:52:
e4:33:fa:ff:11:18:9e:5d:0b:a3:86:20:02:9a:1f:52:d8:86:
cb:39:1e:9c:9f:4e:49:2e:61:60:c6:64:47:fe:25:9e:6c:ca:
f0:d7:83:d1:42:f3:a7:43:6f:02:7c:b3:7e:00:8a:f6:49:c9:
64:14:e1:3f
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUAhDfeaAk02v7MXZnuyUI0Du9otMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MjMxMzUwMTRaFw0yNjA3MjIxMzU1MTRaMDMxMTAvBgNV
BAMTKDNFODkyNTQyMUY0MTNBNDZCMDY3MzhDMjYyMTUxQzNENjIyMEVGNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVROHEREDamD6bqs4Xe0k+9W1X
3je8z4qLC9Rox/a7MInpvG4GJ44iLenFBV90On1MEHqS79Z0+4hE8NOVAMt4ZbB2
/Vly/HmseTIgXHhSGKjH3t3gbEo/cGs7ACnepxCjSbxV0zpZRwYwfbNzyVSze2tm
IfvXfGq+o+wHLregPsansNENf/sTTvuEZXCDwZG28vCSmavskNQ/o+AMSiMeLHPC
VsmM9JDcwbFmr5mTQZFjiBNNUV/5qK2hOwSRjuZAL68IdUZaj+STG5oXyp/mlBZc
7Dk5d1ihV0n8PxA9ICwwE6uoUWPjqFGS2IdYPgy6p41/uFBv+VWPN2vtoD4/AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUPoklQh9BOkawZzjCYhUcPWIg72wwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAlt8cAME
Alt8pAMEAFxwCgMEAl+GEAMEAl+G4AMEAl+HLAMEAl+HTAMEAl+HWAMEAF+H3gME
ArJcrDANBgkqhkiG9w0BAQsFAAOCAQEAIBrk+7jZb1u6mpfVzXGxPCh/OqfxXOP7
L50FnD07RZbpiB7txP0JQcC5Q6ZNCOxGgIh3pEFS23/+eAU9jT/nLIUiJuExpWxI
W58xPB4at1SHxzM9k6Nrl3VKUyWRC3lcdXdf2sdQn6gTNf7TpSHs366VBvLXX02n
2qIqR0sqWWgnTtsxXUFpavTr5u8AINhwzqtwdkydf/damc/nQ8hTROYoJ8bTWpM0
VjDNJVl39AJiPV11pYi/kVumSZji6Xkj1o6FlXJS5DP6/xEYnl0Lo4YgApofUtiG
yzkenJ9OSS5hYMZkR/4lnmzK8NeD0ULzp0NvAnyzfgCK9knJZBThPw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:52 2025 by rpki-client