Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/UMP8iTWEQcjNlwGo9ZUuTseC4tk.roa
File: UMP8iTWEQcjNlwGo9ZUuTseC4tk.roa (raw, json)
Hash identifier: ATctFfSh+K0khtL7h6Mhowg8vqYUmw7GgzZWU7Honr4=
Subject key identifier: 50:C3:FC:89:35:84:41:C8:CD:97:01:A8:F5:95:2E:4E:C7:82:E2:D9
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019DD3E2D78EA4A9D1794E03F2101F8F06BE
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/UMP8iTWEQcjNlwGo9ZUuTseC4tk.roa
Signing time: Tue 28 Apr 2026 11:39:12 +0000
ROA not before: Tue 28 Apr 2026 11:39:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62240
IP address blocks: 5.42.218.0/24 maxlen: 24
31.41.253.0/24 maxlen: 24
45.87.124.0/24 maxlen: 24
45.87.125.0/24 maxlen: 24
45.87.127.0/24 maxlen: 24
45.128.124.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
45.129.198.0/24 maxlen: 24
45.150.112.0/24 maxlen: 24
62.3.7.0/24 maxlen: 24
62.3.31.0/24 maxlen: 24
77.72.83.0/24 maxlen: 24
77.72.84.0/24 maxlen: 24
84.252.69.0/24 maxlen: 24
88.151.11.0/24 maxlen: 24
88.151.112.0/24 maxlen: 24
88.151.115.0/24 maxlen: 24
88.218.184.0/24 maxlen: 24
88.218.185.0/24 maxlen: 24
88.218.186.0/24 maxlen: 24
88.218.187.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
91.209.31.0/24 maxlen: 24
91.210.68.0/24 maxlen: 24
91.210.69.0/24 maxlen: 24
91.210.71.0/24 maxlen: 24
91.212.169.0/24 maxlen: 24
91.228.215.0/24 maxlen: 24
91.239.212.0/24 maxlen: 24
91.239.213.0/24 maxlen: 24
94.143.230.0/24 maxlen: 24
109.205.62.0/24 maxlen: 24
146.19.51.0/24 maxlen: 24
146.19.111.0/24 maxlen: 24
146.19.120.0/24 maxlen: 24
146.255.186.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
176.118.38.0/24 maxlen: 24
176.126.98.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.94.67.0/24 maxlen: 24
185.109.236.0/24 maxlen: 24
185.109.237.0/24 maxlen: 24
185.109.238.0/24 maxlen: 24
185.109.239.0/24 maxlen: 24
185.128.41.0/24 maxlen: 24
185.128.42.0/24 maxlen: 24
185.128.43.0/24 maxlen: 24
185.128.224.0/24 maxlen: 24
185.209.50.0/24 maxlen: 24
185.211.168.0/24 maxlen: 24
185.211.169.0/24 maxlen: 24
185.211.171.0/24 maxlen: 24
185.214.164.0/24 maxlen: 24
185.214.165.0/24 maxlen: 24
185.214.167.0/24 maxlen: 24
185.244.161.0/24 maxlen: 24
186.243.128.0/24 maxlen: 24
186.243.141.0/24 maxlen: 24
186.243.142.0/24 maxlen: 24
186.243.144.0/24 maxlen: 24
186.243.145.0/24 maxlen: 24
186.243.147.0/24 maxlen: 24
186.243.149.0/24 maxlen: 24
186.243.150.0/24 maxlen: 24
186.243.151.0/24 maxlen: 24
186.243.155.0/24 maxlen: 24
186.243.185.0/24 maxlen: 24
186.243.186.0/24 maxlen: 24
186.243.189.0/24 maxlen: 24
186.243.191.0/24 maxlen: 24
186.243.192.0/24 maxlen: 24
186.243.194.0/24 maxlen: 24
186.243.198.0/24 maxlen: 24
186.243.228.0/24 maxlen: 24
186.243.233.0/24 maxlen: 24
186.243.234.0/24 maxlen: 24
186.243.235.0/24 maxlen: 24
186.243.237.0/24 maxlen: 24
186.243.239.0/24 maxlen: 24
186.243.240.0/24 maxlen: 24
186.243.242.0/24 maxlen: 24
186.243.254.0/24 maxlen: 24
186.243.255.0/24 maxlen: 24
186.246.56.0/24 maxlen: 24
186.246.57.0/24 maxlen: 24
186.246.60.0/24 maxlen: 24
186.246.80.0/24 maxlen: 24
186.246.100.0/24 maxlen: 24
186.246.103.0/24 maxlen: 24
186.246.104.0/24 maxlen: 24
186.246.123.0/24 maxlen: 24
186.246.124.0/24 maxlen: 24
186.246.125.0/24 maxlen: 24
186.246.127.0/24 maxlen: 24
193.0.62.0/24 maxlen: 24
193.17.65.0/24 maxlen: 24
193.33.188.0/24 maxlen: 24
193.104.177.0/24 maxlen: 24
193.200.61.0/24 maxlen: 24
193.228.129.0/24 maxlen: 24
193.228.131.0/24 maxlen: 24
194.59.222.0/24 maxlen: 24
194.60.76.0/24 maxlen: 24
194.110.251.0/24 maxlen: 24
195.35.105.0/24 maxlen: 24
195.64.103.0/24 maxlen: 24
195.69.161.0/24 maxlen: 24
195.69.162.0/24 maxlen: 24
195.211.164.0/24 maxlen: 24
212.6.36.0/24 maxlen: 24
212.107.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d3:e2:d7:8e:a4:a9:d1:79:4e:03:f2:10:1f:8f:06:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 28 11:39:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=50c3fc89358441c8cd9701a8f5952e4ec782e2d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e6:57:bf:79:3e:bc:de:2c:72:f0:33:f5:0f:
34:73:d5:25:bb:d3:69:d9:26:47:bb:23:df:5b:35:
96:cc:e9:a9:df:6e:95:fc:64:8f:38:02:a3:10:0b:
14:2a:2d:dd:ff:e2:de:e6:b5:b0:90:c6:65:61:be:
15:5c:40:aa:8e:16:99:4d:d7:e3:4a:a3:99:44:2e:
4b:28:e2:98:0f:d6:af:e3:fb:e2:51:61:1a:98:57:
79:5f:e8:9e:b2:fd:06:e7:1e:51:cb:4b:59:da:a8:
12:f7:2d:26:5f:f2:b6:a5:cc:e2:cf:b6:8f:1f:c8:
a7:c2:73:65:f1:24:9f:a8:3d:18:7e:b9:cf:7d:e7:
f3:7f:3d:7e:ad:dc:4f:35:c9:52:c8:74:f9:25:1f:
35:d0:4e:16:9e:1e:3f:e8:c4:bd:1a:fe:f8:57:0a:
da:03:e7:a9:df:00:5a:e2:84:c1:ff:06:1d:4a:63:
9a:77:12:5a:d0:49:9c:4a:4a:a3:0f:1f:ac:2d:93:
15:5a:3c:45:fc:6b:0e:04:d9:de:1f:5c:8a:32:aa:
4b:03:ee:0a:cd:ac:96:76:96:ac:c0:a1:9b:44:00:
d9:ef:d3:18:67:7f:5e:df:80:c4:06:62:2b:fd:79:
a5:65:0b:5e:ae:8a:a9:f7:44:0c:4d:2b:48:e2:90:
32:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:C3:FC:89:35:84:41:C8:CD:97:01:A8:F5:95:2E:4E:C7:82:E2:D9
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/UMP8iTWEQcjNlwGo9ZUuTseC4tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.218.0/24
31.41.253.0/24
45.87.124.0/23
45.87.127.0/24
45.128.124.0/24
45.128.128.0/24
45.129.198.0/24
45.150.112.0/24
62.3.7.0/24
62.3.31.0/24
77.72.83.0-77.72.84.255
84.252.69.0/24
88.151.11.0/24
88.151.112.0/24
88.151.115.0/24
88.218.184.0/22
91.190.158.0/24
91.209.31.0/24
91.210.68.0/23
91.210.71.0/24
91.212.169.0/24
91.228.215.0/24
91.239.212.0/23
94.143.230.0/24
109.205.62.0/24
146.19.51.0/24
146.19.111.0/24
146.19.120.0/24
146.255.186.0/24
176.116.17.0/24
176.118.38.0/24
176.126.98.0/24
176.126.102.0/24
185.94.67.0/24
185.109.236.0/22
185.128.41.0-185.128.43.255
185.128.224.0/24
185.209.50.0/24
185.211.168.0/23
185.211.171.0/24
185.214.164.0/23
185.214.167.0/24
185.244.161.0/24
186.243.128.0/24
186.243.141.0-186.243.142.255
186.243.144.0/23
186.243.147.0/24
186.243.149.0-186.243.151.255
186.243.155.0/24
186.243.185.0-186.243.186.255
186.243.189.0/24
186.243.191.0-186.243.192.255
186.243.194.0/24
186.243.198.0/24
186.243.228.0/24
186.243.233.0-186.243.235.255
186.243.237.0/24
186.243.239.0-186.243.240.255
186.243.242.0/24
186.243.254.0/23
186.246.56.0/23
186.246.60.0/24
186.246.80.0/24
186.246.100.0/24
186.246.103.0-186.246.104.255
186.246.123.0-186.246.125.255
186.246.127.0/24
193.0.62.0/24
193.17.65.0/24
193.33.188.0/24
193.104.177.0/24
193.200.61.0/24
193.228.129.0/24
193.228.131.0/24
194.59.222.0/24
194.60.76.0/24
194.110.251.0/24
195.35.105.0/24
195.64.103.0/24
195.69.161.0-195.69.162.255
195.211.164.0/24
212.6.36.0/24
212.107.25.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:22:21:52:c6:c7:10:21:9e:07:11:71:43:8d:93:10:b3:da:
1d:6a:da:29:a0:fe:9d:96:2d:77:9e:fb:07:97:f1:95:f4:8d:
ea:be:fe:4f:f1:96:09:43:b6:e1:13:2b:52:03:b4:e1:7a:e6:
86:3e:cf:7b:91:b5:e4:f4:2d:6c:2a:2e:05:a3:c1:36:09:8a:
e6:e5:de:49:c2:d5:5b:83:2f:b3:c8:0d:4c:8a:33:92:b8:3e:
90:04:a3:cd:ee:64:41:99:a2:cf:0d:90:12:c6:7c:b1:62:f7:
5b:52:93:c7:dd:fb:e6:1c:ed:6b:3c:81:b9:e4:b0:60:b2:38:
5a:b2:0a:a9:45:53:76:ef:7c:e7:08:f7:54:3c:a5:03:2b:b9:
a6:e0:c4:d5:a3:9f:e0:ca:fa:60:5c:f1:00:12:ef:b8:eb:1a:
74:f1:3f:14:85:a9:b4:a1:27:ee:9a:7d:55:aa:8b:90:6c:eb:
6c:4a:c4:44:d2:3f:1a:e2:3c:4f:4b:c5:31:74:4a:b1:8a:0e:
a9:2b:c5:c4:da:1b:c8:a4:d0:a5:cd:53:88:e4:3a:c9:cc:02:
77:bc:2f:02:6b:28:b5:44:a5:27:44:09:24:3a:9b:5b:fc:4f:
1a:82:69:85:33:20:7d:06:63:b1:3a:93:ee:e3:b4:08:43:9a:
4a:eb:f3:d9
-----BEGIN CERTIFICATE-----
MIIHSzCCBjOgAwIBAgISAZ3T4teOpKnReU4D8hAfjwa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNDI4MTEzOTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGMzZmM4OTM1ODQ0MWM4Y2Q5NzAxYThmNTk1MmU0ZWM3ODJlMmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+ZXv3k+vN4scvAz9Q80c9Ulu9Np
2SZHuyPfWzWWzOmp326V/GSPOAKjEAsUKi3d/+Le5rWwkMZlYb4VXECqjhaZTdfj
SqOZRC5LKOKYD9av4/viUWEamFd5X+iesv0G5x5Ry0tZ2qgS9y0mX/K2pcziz7aP
H8inwnNl8SSfqD0YfrnPfefzfz1+rdxPNclSyHT5JR810E4Wnh4/6MS9Gv74Vwra
A+ep3wBa4oTB/wYdSmOadxJa0EmcSkqjDx+sLZMVWjxF/GsOBNneH1yKMqpLA+4K
zayWdpaswKGbRADZ79MYZ39e34DEBmIr/XmlZQteroqp90QMTStI4pAyuQIDAQAB
o4IEVzCCBFMwHQYDVR0OBBYEFFDD/Ik1hEHIzZcBqPWVLk7HguLZMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvVU1QOGlUV0VRY2pObHdHbzlaVXVUc2VDNHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICawYIKwYBBQUHAQcBAf8EggJaMIICVjCCAlIEAgABMIIC
SgMEAAUq2gMEAB8p/QMEAS1XfAMEAC1XfwMEAC2AfAMEAC2AgAMEAC2BxgMEAC2W
cAMEAD4DBwMEAD4DHzAMAwQATUhTAwQATUhUAwQAVPxFAwQAWJcLAwQAWJdwAwQA
WJdzAwQCWNq4AwQAW76eAwQAW9EfAwQBW9JEAwQAW9JHAwQAW9SpAwQAW+TXAwQB
W+/UAwQAXo/mAwQAbc0+AwQAkhMzAwQAkhNvAwQAkhN4AwQAkv+6AwQAsHQRAwQA
sHYmAwQAsH5iAwQAsH5mAwQAuV5DAwQCuW3sMAwDBAC5gCkDBAK5gCgDBAC5gOAD
BAC50TIDBAG506gDBAC506sDBAG51qQDBAC51qcDBAC59KEDBAC684AwDAMEALrz
jQMEALrzjgMEAbrzkAMEALrzkzAMAwQAuvOVAwQDuvOQAwQAuvObMAwDBAC687kD
BAC687oDBAC6870wDAMEALrzvwMEALrzwAMEALrzwgMEALrzxgMEALrz5DAMAwQA
uvPpAwQCuvPoAwQAuvPtMAwDBAC68+8DBAC68/ADBAC68/IDBAG68/4DBAG69jgD
BAC69jwDBAC69lADBAC69mQwDAMEALr2ZwMEALr2aDAMAwQAuvZ7AwQBuvZ8AwQA
uvZ/AwQAwQA+AwQAwRFBAwQAwSG8AwQAwWixAwQAwcg9AwQAweSBAwQAweSDAwQA
wjveAwQAwjxMAwQAwm77AwQAwyNpAwQAw0BnMAwDBADDRaEDBADDRaIDBADD06QD
BADUBiQDBADUaxkwDQYJKoZIhvcNAQELBQADggEBAB4iIVLGxxAhngcRcUONkxCz
2h1q2img/p2WLXee+weX8ZX0jeq+/k/xlglDtuETK1IDtOF65oY+z3uRteT0LWwq
LgWjwTYJiubl3knC1VuDL7PIDUyKM5K4PpAEo83uZEGZos8NkBLGfLFi91tSk8fd
++Yc7Ws8gbnksGCyOFqyCqlFU3bvfOcI91Q8pQMruabgxNWjn+DK+mBc8QAS77jr
GnTxPxSFqbShJ+6afVWqi5Bs62xKxETSPxriPE9LxTF0SrGKDqkrxcTaG8ik0KXN
U4jkOsnMAne8LwJrKLVEpSdECSQ6m1v8TxqCaYUzIH0GY7E6k+7jtAhDmkrr89k=
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:34 2026 by rpki-client