Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/5S25SMI8E9JaR6e1K9PJzYPwzq0.roa
File: 5S25SMI8E9JaR6e1K9PJzYPwzq0.roa (raw, json)
Hash identifier: NJujagGkJiaBOJNgPviLVr7Rb2pzjvY77Oqt5qKgVjY=
Subject key identifier: E5:2D:B9:48:C2:3C:13:D2:5A:47:A7:B5:2B:D3:C9:CD:83:F0:CE:AD
Certificate issuer: /CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Certificate serial: 019C4CD76EC40E715BC13BECECBEB6A0A925
Authority key identifier: D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/5S25SMI8E9JaR6e1K9PJzYPwzq0.roa
Signing time: Wed 11 Feb 2026 13:15:12 +0000
ROA not before: Wed 11 Feb 2026 13:15:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43996
IP address blocks: 5.57.16.0/21 maxlen: 21
5.57.16.0/22 maxlen: 22
5.57.16.0/24 maxlen: 24
5.57.17.0/24 maxlen: 24
5.57.18.0/24 maxlen: 24
5.57.19.0/24 maxlen: 24
5.57.22.0/24 maxlen: 24
5.57.23.0/24 maxlen: 24
37.10.0.0/24 maxlen: 24
37.10.4.0/22 maxlen: 22
37.10.4.0/24 maxlen: 24
37.10.5.0/24 maxlen: 24
37.10.6.0/24 maxlen: 24
37.10.7.0/24 maxlen: 24
37.10.13.0/24 maxlen: 24
37.10.24.0/23 maxlen: 23
37.10.24.0/24 maxlen: 24
37.10.25.0/24 maxlen: 24
37.10.26.0/24 maxlen: 24
37.10.27.0/24 maxlen: 24
37.10.28.0/24 maxlen: 24
37.10.32.0/24 maxlen: 24
37.10.33.0/24 maxlen: 24
37.10.34.0/24 maxlen: 24
37.10.35.0/24 maxlen: 24
37.10.36.0/24 maxlen: 24
37.10.37.0/24 maxlen: 24
37.10.38.0/24 maxlen: 24
37.10.56.0/23 maxlen: 23
37.10.56.0/24 maxlen: 24
37.10.57.0/24 maxlen: 24
37.10.58.0/24 maxlen: 24
37.10.60.0/23 maxlen: 23
37.10.60.0/24 maxlen: 24
37.10.61.0/24 maxlen: 24
37.10.63.0/24 maxlen: 24
91.195.236.0/24 maxlen: 24
91.195.237.0/24 maxlen: 24
91.206.232.0/23 maxlen: 23
91.206.232.0/24 maxlen: 24
91.206.233.0/24 maxlen: 24
185.28.220.0/23 maxlen: 23
185.28.220.0/24 maxlen: 24
185.28.221.0/24 maxlen: 24
185.28.222.0/24 maxlen: 24
185.28.223.0/24 maxlen: 24
2a01:5040::/36 maxlen: 36
2a01:5040::/48 maxlen: 48
2a01:5040:12::/48 maxlen: 48
2a01:5040:20::/48 maxlen: 48
2a01:5040:40::/48 maxlen: 48
2a01:5040:1000::/36 maxlen: 36
2a01:5040:1000::/48 maxlen: 48
2a01:5040:1020::/48 maxlen: 48
2a01:5040:2000::/36 maxlen: 36
2a01:5040:2000::/48 maxlen: 48
2a01:5040:2020::/48 maxlen: 48
2a01:5040:6000::/36 maxlen: 36
2a01:5040:a000::/36 maxlen: 36
2a01:5040:a000::/48 maxlen: 48
2a01:5040:a100::/48 maxlen: 48
2a01:5041:2::/48 maxlen: 48
2a01:5041:5::/48 maxlen: 48
2a01:5041:9::/48 maxlen: 48
2a01:5041:d::/48 maxlen: 48
2a01:5041:13::/48 maxlen: 48
2a01:5041:100::/40 maxlen: 40
2a01:5041:200::/40 maxlen: 40
2a01:5041:2001::/48 maxlen: 48
2a01:5041:2002::/48 maxlen: 48
2a01:5041:2005::/48 maxlen: 48
2a01:5041:2009::/48 maxlen: 48
2a01:5041:200d::/48 maxlen: 48
2a01:5041:2013::/48 maxlen: 48
2a01:5042::/32 maxlen: 32
2a01:5042:100::/40 maxlen: 40
2a01:5042:200::/40 maxlen: 40
2a01:5042:202::/48 maxlen: 48
2a01:5043::/32 maxlen: 32
2a01:5043:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4c:d7:6e:c4:0e:71:5b:c1:3b:ec:ec:be:b6:a0:a9:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Validity
Not Before: Feb 11 13:15:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e52db948c23c13d25a47a7b52bd3c9cd83f0cead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fe:99:4d:b3:d2:dd:46:fc:ae:1b:de:6d:df:
cc:b6:bc:9e:57:5c:28:c3:32:45:ed:23:01:56:ae:
2e:c9:21:8d:5b:79:6f:05:10:f1:b5:e8:e8:fb:e7:
df:ba:f3:33:2a:6d:f2:0f:5c:78:b4:a9:0e:96:cc:
91:f7:52:70:fb:01:bf:51:37:2c:43:12:e3:fa:f3:
3e:de:87:0d:c2:ce:41:ee:8b:f8:87:f6:d5:db:8e:
8e:79:fc:7a:ef:18:04:0f:25:f3:55:c8:03:1b:ac:
e6:4f:c3:04:19:77:ce:40:e8:b9:90:8e:3f:62:4b:
71:57:aa:34:bd:aa:2c:5a:37:dd:e3:6f:95:79:bb:
d3:a5:c0:8d:fc:03:72:9f:38:16:51:f4:ee:e9:20:
1a:47:23:09:1d:df:24:45:18:dc:d7:87:3d:85:1e:
82:b4:7b:40:6a:36:45:31:20:4c:46:93:26:2d:b6:
5a:9d:dc:b6:b1:d1:0b:d6:2f:50:55:19:dd:7b:00:
61:7d:bb:0a:61:59:31:e0:9b:b5:2c:22:2a:6a:ad:
c6:06:9d:74:6f:5e:9b:cb:1e:35:c4:77:28:16:d0:
ab:06:ad:ad:48:60:bd:c1:8a:af:50:49:63:21:c5:
02:d2:a5:4b:1e:6d:19:7f:9d:b0:2d:2b:9d:30:b4:
ab:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:2D:B9:48:C2:3C:13:D2:5A:47:A7:B5:2B:D3:C9:CD:83:F0:CE:AD
X509v3 Authority Key Identifier:
keyid:D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/5S25SMI8E9JaR6e1K9PJzYPwzq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.16.0/21
37.10.0.0/24
37.10.4.0/22
37.10.13.0/24
37.10.24.0-37.10.28.255
37.10.32.0-37.10.38.255
37.10.56.0-37.10.58.255
37.10.60.0/23
37.10.63.0/24
91.195.236.0/23
91.206.232.0/23
185.28.220.0/22
IPv6:
2a01:5040::-2a01:5040:2fff:ffff:ffff:ffff:ffff:ffff
2a01:5040:6000::/36
2a01:5040:a000::/36
2a01:5041:2::/48
2a01:5041:5::/48
2a01:5041:9::/48
2a01:5041:d::/48
2a01:5041:13::/48
2a01:5041:100::-2a01:5041:2ff:ffff:ffff:ffff:ffff:ffff
2a01:5041:2001::-2a01:5041:2002:ffff:ffff:ffff:ffff:ffff
2a01:5041:2005::/48
2a01:5041:2009::/48
2a01:5041:200d::/48
2a01:5041:2013::/48
2a01:5042::/31
Signature Algorithm: sha256WithRSAEncryption
68:32:22:ff:f1:46:cf:3f:88:29:90:c2:07:70:a1:42:54:42:
5c:8e:63:6d:02:d0:5f:48:a7:2b:b1:f6:ed:4a:8a:57:05:b3:
92:ba:b6:0d:46:0b:b5:50:72:4b:96:b7:4a:4e:b2:5b:d4:95:
ec:63:1b:56:8d:da:a6:82:f3:63:3c:31:a2:ca:55:6c:23:ce:
59:a9:aa:59:f0:d8:01:fe:2d:25:38:00:7e:9b:f7:bb:02:85:
a0:b6:f1:bb:d0:32:f0:3e:31:b2:8d:93:ce:7b:9d:4b:c8:db:
5d:84:b5:0f:1d:aa:4c:b4:71:b9:5c:d0:5e:c0:9d:f1:33:03:
8a:a7:6a:67:12:66:61:9f:72:9b:31:92:e9:b6:61:09:b6:50:
d2:56:ab:ba:9c:dc:01:e5:c9:14:01:a2:e1:fa:41:4a:29:ea:
39:75:26:5e:ee:65:b7:91:bf:fa:ed:91:e7:37:68:7c:70:b7:
b7:9b:2b:70:70:08:c8:d6:22:54:02:0f:02:50:0c:4b:8e:c6:
8b:e0:bb:50:1c:2b:01:34:2a:9f:03:c2:16:fc:31:83:2e:06:
93:39:e1:79:17:1c:6b:e0:4e:89:04:2d:f8:63:51:a4:47:c4:
46:fb:ef:cd:36:96:76:3c:61:f7:bd:a3:ae:a0:5a:a8:01:1c:
03:b1:d1:5f
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgISAZxM127EDnFbwTvs7L62oKklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTc4NWRlNjJkY2Y5ZTc5MzBiYWJkN2IxZDM5YzU4NTNk
MTk0NGYwHhcNMjYwMjExMTMxNTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTJkYjk0OGMyM2MxM2QyNWE0N2E3YjUyYmQzYzljZDgzZjBjZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/6ZTbPS3Ub8rhvebd/MtryeV1wo
wzJF7SMBVq4uySGNW3lvBRDxtejo++ffuvMzKm3yD1x4tKkOlsyR91Jw+wG/UTcs
QxLj+vM+3ocNws5B7ov4h/bV246Oefx67xgEDyXzVcgDG6zmT8MEGXfOQOi5kI4/
YktxV6o0vaosWjfd42+VebvTpcCN/ANynzgWUfTu6SAaRyMJHd8kRRjc14c9hR6C
tHtAajZFMSBMRpMmLbZandy2sdEL1i9QVRndewBhfbsKYVkx4Ju1LCIqaq3GBp10
b16byx41xHcoFtCrBq2tSGC9wYqvUEljIcUC0qVLHm0Zf52wLSudMLSrvQIDAQAB
o4IDEjCCAw4wHQYDVR0OBBYEFOUtuUjCPBPSWkentSvTyc2D8M6tMB8GA1UdIwQY
MBaAFNeXhd5i3Pnnkwur17HTnFhT0ZRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEt
NzU4NTVkYjcxNTFmLzEvNVMyNVNNSThFOUphUjZlMUs5UEp6WVB3enEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEtNzU4NTVkYjcxNTFm
LzEvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJgYIKwYBBQUHAQcBAf8EggEVMIIBETBmBAIAATBgAwQD
BTkQAwQAJQoAAwQCJQoEAwQAJQoNMAwDBAMlChgDBAAlChwwDAMEBSUKIAMEACUK
JjAMAwQDJQo4AwQAJQo6AwQBJQo8AwQAJQo/AwQBW8PsAwQBW87oAwQCuRzcMIGm
BAIAAjCBnzAPAwUGKgFQQAMGBCoBUEAgAwYEKgFQQGADBgQqAVBAoAMHACoBUEEA
AgMHACoBUEEABQMHACoBUEEACQMHACoBUEEADQMHACoBUEEAEzAQAwYAKgFQQQED
BgAqAVBBAjASAwcAKgFQQSABAwcAKgFQQSACAwcAKgFQQSAFAwcAKgFQQSAJAwcA
KgFQQSANAwcAKgFQQSATAwUBKgFQQjANBgkqhkiG9w0BAQsFAAOCAQEAaDIi//FG
zz+IKZDCB3ChQlRCXI5jbQLQX0inK7H27UqKVwWzkrq2DUYLtVByS5a3Sk6yW9SV
7GMbVo3apoLzYzwxospVbCPOWamqWfDYAf4tJTgAfpv3uwKFoLbxu9Ay8D4xso2T
znudS8jbXYS1Dx2qTLRxuVzQXsCd8TMDiqdqZxJmYZ9ymzGS6bZhCbZQ0larupzc
AeXJFAGi4fpBSinqOXUmXu5lt5G/+u2R5zdofHC3t5srcHAIyNYiVAIPAlAMS47G
i+C7UBwrATQqnwPCFvwxgy4GkznheRcca+BOiQQt+GNRpEfERvvvzTaWdjxh972j
rqBaqAEcA7HRXw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:35:58 2026 by rpki-client