Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: CFv1Pue0Xg1kZ8BwA/0PF0hqwTG14wFRusV6rbOMX5s=
Subject key identifier: 47:59:C1:B1:2A:A9:47:21:4A:86:69:99:6F:4B:91:86:37:56:AA:75
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 411B6F08CFDEDD968F731736BC446B71079D4018
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
Signing time: Mon 20 Jan 2025 00:02:39 +0000
ROA not before: Sun 19 Jan 2025 23:57:39 +0000
ROA not after: Mon 19 Jan 2026 00:02:39 +0000
asID: 3320
IP address blocks: 46.202.0.0/24 maxlen: 24
91.124.6.0/24 maxlen: 24
91.124.7.0/24 maxlen: 24
91.124.19.0/24 maxlen: 24
91.124.20.0/24 maxlen: 24
91.124.21.0/24 maxlen: 24
91.124.22.0/24 maxlen: 24
91.124.23.0/24 maxlen: 24
91.124.26.0/24 maxlen: 24
91.124.27.0/24 maxlen: 24
91.124.28.0/24 maxlen: 24
91.124.34.0/24 maxlen: 24
91.124.38.0/24 maxlen: 24
91.124.40.0/24 maxlen: 24
91.124.41.0/24 maxlen: 24
91.124.42.0/24 maxlen: 24
91.124.43.0/24 maxlen: 24
91.124.44.0/24 maxlen: 24
91.124.45.0/24 maxlen: 24
91.124.46.0/24 maxlen: 24
91.124.47.0/24 maxlen: 24
92.112.6.0/24 maxlen: 24
92.112.7.0/24 maxlen: 24
92.112.8.0/24 maxlen: 24
92.112.10.0/24 maxlen: 24
92.112.69.0/24 maxlen: 24
92.112.141.0/24 maxlen: 24
92.112.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:1b:6f:08:cf:de:dd:96:8f:73:17:36:bc:44:6b:71:07:9d:40:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jan 19 23:57:39 2025 GMT
Not After : Jan 19 00:02:39 2026 GMT
Subject: CN=4759C1B12AA947214A8669996F4B91863756AA75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cb:a9:d0:33:1a:c2:20:f6:78:0a:6d:ea:0e:
1f:58:d9:90:18:44:5e:50:af:62:19:62:8f:7e:0e:
d2:c2:47:2e:bf:71:95:1a:60:fe:e8:2f:60:01:55:
c0:22:f2:11:04:36:96:c3:4f:00:f8:b1:b2:83:1b:
f4:85:12:32:c7:2f:de:fb:9a:58:35:a3:9b:28:74:
80:aa:db:85:c6:73:4c:7c:19:95:c4:49:1a:52:43:
33:30:e4:40:3a:3c:83:7b:10:ae:a4:16:34:d5:b9:
31:72:cf:32:90:86:7d:31:1d:24:81:ef:bf:48:64:
2c:2c:29:56:8b:60:6b:03:32:c5:14:a4:c0:ae:89:
56:dc:73:c2:0d:3b:aa:91:45:89:eb:ed:4f:2a:ff:
a9:a5:5d:d6:d3:8e:67:3e:a1:42:a3:84:2e:b6:47:
16:25:55:f2:74:20:25:e4:c2:e8:e6:04:0c:a4:41:
04:f3:b1:c8:22:21:88:f7:4d:40:bc:af:ef:44:64:
54:fc:2c:a0:70:04:5e:d8:df:9f:58:f4:cd:82:dd:
8b:0e:8a:3c:ae:a0:b5:03:28:6c:d8:bc:9e:67:54:
c2:ce:b9:30:db:d1:e8:3e:ed:8d:d0:b8:1d:fc:52:
ef:03:12:79:bb:d0:76:8d:06:07:a9:ca:9f:d0:04:
f4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:59:C1:B1:2A:A9:47:21:4A:86:69:99:6F:4B:91:86:37:56:AA:75
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.0.0/24
91.124.6.0/23
91.124.19.0-91.124.23.255
91.124.26.0-91.124.28.255
91.124.34.0/24
91.124.38.0/24
91.124.40.0/21
92.112.6.0-92.112.8.255
92.112.10.0/24
92.112.69.0/24
92.112.141.0/24
92.112.158.0/24
Signature Algorithm: sha256WithRSAEncryption
01:7d:52:37:fa:b3:f0:92:cd:df:e1:5a:a3:6f:76:f2:57:48:
90:e3:47:ff:26:20:d1:05:4c:59:f3:00:90:05:27:cb:5b:4a:
90:5c:30:39:23:98:1b:b9:c3:d7:aa:57:d3:8d:c6:62:1e:76:
9c:5f:b3:45:0b:2c:6d:e2:9e:47:b3:86:a6:0f:fa:18:c1:78:
eb:b8:c2:2b:10:61:c7:4c:72:13:32:db:d7:6c:cc:c2:63:06:
30:d4:34:6d:87:cf:64:2b:c7:3d:b1:c9:9b:7b:f4:fc:56:04:
58:0b:5b:d9:fe:0e:c7:9a:31:43:0f:92:18:e7:d0:b2:6a:32:
71:3e:73:be:8c:00:7a:67:50:ed:a7:44:17:57:d1:4a:27:03:
33:68:c3:9e:90:e9:3d:36:98:e2:55:5d:6b:10:18:60:9d:e9:
b1:d5:97:d3:c8:41:bc:12:74:39:f3:0c:a3:d0:aa:3f:da:f6:
2d:ed:d4:97:2b:6c:c3:a9:11:2d:a1:4b:28:a0:c4:ad:de:de:
d2:8f:20:21:97:b9:96:11:1f:f4:4e:1f:bc:52:46:c1:14:a4:
46:c2:e2:3c:71:1e:a2:c4:b6:e4:0e:0e:79:5e:da:4b:f7:73:
2e:3a:8a:7c:db:36:60:e3:a1:78:a5:04:1d:42:de:90:f2:89:
38:a7:a1:53
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIUQRtvCM/e3ZaPcxc2vERrcQedQBgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAxMTkyMzU3MzlaFw0yNjAxMTkwMDAyMzlaMDMxMTAvBgNV
BAMTKDQ3NTlDMUIxMkFBOTQ3MjE0QTg2Njk5OTZGNEI5MTg2Mzc1NkFBNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8y6nQMxrCIPZ4Cm3qDh9Y2ZAY
RF5Qr2IZYo9+DtLCRy6/cZUaYP7oL2ABVcAi8hEENpbDTwD4sbKDG/SFEjLHL977
mlg1o5sodICq24XGc0x8GZXESRpSQzMw5EA6PIN7EK6kFjTVuTFyzzKQhn0xHSSB
779IZCwsKVaLYGsDMsUUpMCuiVbcc8INO6qRRYnr7U8q/6mlXdbTjmc+oUKjhC62
RxYlVfJ0ICXkwujmBAykQQTzscgiIYj3TUC8r+9EZFT8LKBwBF7Y359Y9M2C3YsO
ijyuoLUDKGzYvJ5nVMLOuTDb0eg+7Y3QuB38Uu8DEnm70HaNBgepyp/QBPShAgMB
AAGjggJiMIICXjAdBgNVHQ4EFgQUR1nBsSqpRyFKhmmZb0uRhjdWqnUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB5BggrBgEFBQcBBwEB/wRqMGgwZgQCAAEwYAMEAC7KAAME
AVt8BjAMAwQAW3wTAwQDW3wQMAwDBAFbfBoDBABbfBwDBABbfCIDBABbfCYDBANb
fCgwDAMEAVxwBgMEAFxwCAMEAFxwCgMEAFxwRQMEAFxwjQMEAFxwnjANBgkqhkiG
9w0BAQsFAAOCAQEAAX1SN/qz8JLN3+Fao2928ldIkONH/yYg0QVMWfMAkAUny1tK
kFwwOSOYG7nD16pX043GYh52nF+zRQssbeKeR7OGpg/6GMF467jCKxBhx0xyEzLb
12zMwmMGMNQ0bYfPZCvHPbHJm3v0/FYEWAtb2f4Ox5oxQw+SGOfQsmoycT5zvowA
emdQ7adEF1fRSicDM2jDnpDpPTaY4lVdaxAYYJ3psdWX08hBvBJ0OfMMo9CqP9r2
Le3Ulytsw6kRLaFLKKDErd7e0o8gIZe5lhEf9E4fvFJGwRSkRsLiPHEeosS25A4O
eV7aS/dzLjqKfNs2YOOheKUEHULekPKJOKehUw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:30 2025 by rpki-client