Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/2ww3-1iPyJp9naIibFAtJRu0mgo.roa
File: 2ww3-1iPyJp9naIibFAtJRu0mgo.roa (raw, json)
Hash identifier: oRj8C5H/08pt3FBq39dVrtZrnH4OQTOc89jlQXeR0Us=
Subject key identifier: DB:0C:37:FB:58:8F:C8:9A:7D:9D:A2:22:6C:50:2D:25:1B:B4:9A:0A
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 019E1D18FACF409C3BD76DA04DE5031BFA14
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/2ww3-1iPyJp9naIibFAtJRu0mgo.roa
Signing time: Tue 12 May 2026 16:50:36 +0000
ROA not before: Tue 12 May 2026 16:50:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 77.83.244.0/24 maxlen: 24
92.118.168.0/24 maxlen: 24
95.81.72.0/24 maxlen: 24
95.81.73.0/24 maxlen: 24
95.81.74.0/24 maxlen: 24
95.81.75.0/24 maxlen: 24
160.20.158.0/24 maxlen: 24
160.20.159.0/24 maxlen: 24
185.113.138.0/24 maxlen: 24
193.221.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1d:18:fa:cf:40:9c:3b:d7:6d:a0:4d:e5:03:1b:fa:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: May 12 16:50:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=db0c37fb588fc89a7d9da2226c502d251bb49a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c7:2f:b9:c1:19:cc:a6:5f:ea:a9:66:02:fb:
e5:8f:d1:dc:97:fd:64:18:17:1d:4c:ca:c6:06:10:
96:39:fd:92:08:59:dc:22:59:2e:75:51:74:b7:25:
4c:0e:5e:88:57:2a:3f:16:f2:96:7b:24:67:50:3f:
df:a6:38:ad:8e:2b:1a:0e:c9:1b:db:ab:91:95:b0:
2b:9d:ab:db:63:b0:21:c9:9f:f9:5e:69:68:32:ed:
11:f3:d7:8a:6e:9c:13:16:47:3e:9e:aa:4a:07:46:
df:4c:9d:74:ce:05:67:69:e6:56:c0:8a:37:41:be:
27:d8:1c:55:ed:17:1b:dd:98:d5:2d:1e:c1:d4:e7:
96:d6:ad:46:3b:b8:5f:bf:80:c2:b2:32:d5:e4:5c:
e0:3a:73:53:0c:43:37:8b:8a:60:15:79:b8:62:cc:
42:d8:ed:97:62:42:5e:2e:7c:b5:d6:be:c1:ce:ae:
81:13:9c:ea:b3:c8:65:55:16:bd:86:69:b3:db:9c:
12:b4:70:2a:5d:8f:dd:b3:03:5b:27:b6:2e:4c:15:
23:c3:45:51:3d:66:01:a6:1d:70:33:12:43:68:b8:
fc:34:15:ab:ad:1b:eb:18:c3:18:19:41:de:b5:02:
61:50:d2:97:40:db:00:5f:76:dd:2f:69:4d:25:8b:
eb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0C:37:FB:58:8F:C8:9A:7D:9D:A2:22:6C:50:2D:25:1B:B4:9A:0A
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/2ww3-1iPyJp9naIibFAtJRu0mgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.244.0/24
92.118.168.0/24
95.81.72.0/22
160.20.158.0/23
185.113.138.0/24
193.221.202.0/24
Signature Algorithm: sha256WithRSAEncryption
50:ad:34:e0:c0:d5:fa:66:ff:f8:e7:bc:e5:90:cd:64:99:e6:
84:1c:fd:90:ee:e8:01:8c:dd:42:58:69:7a:b5:02:ae:37:40:
f4:f7:6d:70:7b:01:e1:ef:5e:42:24:27:be:b1:02:18:45:4b:
13:60:f7:c4:f8:fa:23:96:0c:55:1c:32:4d:8e:71:0c:ff:0e:
4f:ec:9d:c3:d3:5a:3d:93:5e:0b:cc:75:ab:7e:c6:18:7e:b1:
bd:58:d3:f6:2a:3e:2f:88:26:7c:3d:e6:26:7f:b5:73:08:37:
ad:40:61:ad:71:6d:b9:99:88:36:5d:c2:3b:b2:14:c0:ff:c6:
42:1d:5e:06:43:72:17:90:02:78:35:af:36:e2:d8:94:01:b5:
12:ee:d2:8f:6f:2d:8b:10:b8:4e:c8:72:f3:21:71:ab:0c:56:
01:48:c3:da:6d:e3:d0:1b:34:56:30:63:95:1d:91:a5:bf:f0:
b1:17:eb:c0:ba:30:bf:c0:85:2f:40:d0:3b:da:fd:22:f3:8e:
17:b8:28:d4:66:ea:2e:e1:64:f6:6a:10:26:14:73:28:04:da:
5d:a6:0c:69:97:15:bb:3b:fa:03:f2:8b:cb:f4:f8:e2:be:36:
5c:f6:c6:bf:a1:e7:25:28:3f:12:70:a2:37:36:f2:87:4a:c4:
b3:46:38:6d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ4dGPrPQJw7122gTeUDG/oUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjYwNTEyMTY1MDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjBjMzdmYjU4OGZjODlhN2Q5ZGEyMjI2YzUwMmQyNTFiYjQ5YTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ccvucEZzKZf6qlmAvvlj9Hcl/1k
GBcdTMrGBhCWOf2SCFncIlkudVF0tyVMDl6IVyo/FvKWeyRnUD/fpjitjisaDskb
26uRlbArnavbY7AhyZ/5XmloMu0R89eKbpwTFkc+nqpKB0bfTJ10zgVnaeZWwIo3
Qb4n2BxV7Rcb3ZjVLR7B1OeW1q1GO7hfv4DCsjLV5FzgOnNTDEM3i4pgFXm4YsxC
2O2XYkJeLny11r7Bzq6BE5zqs8hlVRa9hmmz25wStHAqXY/dswNbJ7YuTBUjw0VR
PWYBph1wMxJDaLj8NBWrrRvrGMMYGUHetQJhUNKXQNsAX3bdL2lNJYvrwQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNsMN/tYj8iafZ2iImxQLSUbtJoKMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvMnd3My0xaVB5SnA5bmFJaWJGQXRKUnUwbWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATVP0AwQA
XHaoAwQCX1FIAwQBoBSeAwQAuXGKAwQAwd3KMA0GCSqGSIb3DQEBCwUAA4IBAQBQ
rTTgwNX6Zv/457zlkM1kmeaEHP2Q7ugBjN1CWGl6tQKuN0D0921wewHh715CJCe+
sQIYRUsTYPfE+PojlgxVHDJNjnEM/w5P7J3D01o9k14LzHWrfsYYfrG9WNP2Kj4v
iCZ8PeYmf7VzCDetQGGtcW25mYg2XcI7shTA/8ZCHV4GQ3IXkAJ4Na824tiUAbUS
7tKPby2LELhOyHLzIXGrDFYBSMPabePQGzRWMGOVHZGlv/CxF+vAujC/wIUvQNA7
2v0i844XuCjUZuou4WT2ahAmFHMoBNpdpgxplxW7O/oD8ovL9PjivjZc9sa/oecl
KD8ScKI3NvKHSsSzRjht
-----END CERTIFICATE-----
Generated at Tue May 12 22:17:17 2026 by rpki-client