Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/z_6hxdNgIaeUzkR8JnVWzjM7idM.roa
File: z_6hxdNgIaeUzkR8JnVWzjM7idM.roa (raw, json)
Hash identifier: ErMSq+bASvyQhullSAhIe2XghR2G2U/b3aXnr+1z46o=
Subject key identifier: CF:FE:A1:C5:D3:60:21:A7:94:CE:44:7C:26:75:56:CE:33:3B:89:D3
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 0199CD4DE4673FFF318679D687DF7F93E20E
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/z_6hxdNgIaeUzkR8JnVWzjM7idM.roa
Signing time: Fri 10 Oct 2025 08:47:38 +0000
ROA not before: Fri 10 Oct 2025 08:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58272
IP address blocks: 37.18.0.0/24 maxlen: 24
37.18.23.0/24 maxlen: 24
37.18.25.0/24 maxlen: 24
37.18.60.0/24 maxlen: 24
37.18.63.0/24 maxlen: 24
37.18.78.0/24 maxlen: 24
37.18.82.0/24 maxlen: 24
37.18.103.0/24 maxlen: 24
37.18.106.0/24 maxlen: 24
37.18.125.0/24 maxlen: 24
37.18.126.0/24 maxlen: 24
37.230.130.0/24 maxlen: 24
37.230.132.0/24 maxlen: 24
37.230.134.0/24 maxlen: 24
37.230.135.0/24 maxlen: 24
37.230.140.0/24 maxlen: 24
37.230.145.0/24 maxlen: 24
37.230.151.0/24 maxlen: 24
37.230.163.0/24 maxlen: 24
37.230.176.0/24 maxlen: 24
37.230.177.0/24 maxlen: 24
37.230.178.0/24 maxlen: 24
37.230.182.0/24 maxlen: 24
37.230.183.0/24 maxlen: 24
37.230.187.0/24 maxlen: 24
37.230.200.0/24 maxlen: 24
37.230.208.0/24 maxlen: 24
37.230.226.0/24 maxlen: 24
37.230.227.0/24 maxlen: 24
37.230.230.0/24 maxlen: 24
37.230.231.0/24 maxlen: 24
37.230.238.0/24 maxlen: 24
37.230.254.0/24 maxlen: 24
37.230.255.0/24 maxlen: 24
46.243.138.0/24 maxlen: 24
46.243.139.0/24 maxlen: 24
46.243.140.0/24 maxlen: 24
46.243.148.0/24 maxlen: 24
46.243.149.0/24 maxlen: 24
46.243.150.0/24 maxlen: 24
46.243.163.0/24 maxlen: 24
46.243.204.0/24 maxlen: 24
46.243.214.0/24 maxlen: 24
46.243.215.0/24 maxlen: 24
46.243.220.0/24 maxlen: 24
46.243.221.0/24 maxlen: 24
46.243.222.0/24 maxlen: 24
46.243.223.0/24 maxlen: 24
46.243.224.0/24 maxlen: 24
46.243.225.0/24 maxlen: 24
46.243.236.0/24 maxlen: 24
46.243.237.0/24 maxlen: 24
46.243.238.0/24 maxlen: 24
46.243.239.0/24 maxlen: 24
46.243.240.0/24 maxlen: 24
46.243.241.0/24 maxlen: 24
46.243.242.0/24 maxlen: 24
46.243.243.0/24 maxlen: 24
46.243.246.0/23 maxlen: 23
46.243.246.0/24 maxlen: 24
46.243.247.0/24 maxlen: 24
46.243.248.0/24 maxlen: 24
46.243.249.0/24 maxlen: 24
46.243.250.0/24 maxlen: 24
46.243.251.0/24 maxlen: 24
128.0.71.0/24 maxlen: 24
141.101.132.0/24 maxlen: 24
141.101.133.0/24 maxlen: 24
141.101.134.0/24 maxlen: 24
141.101.135.0/24 maxlen: 24
141.101.136.0/24 maxlen: 24
141.101.138.0/23 maxlen: 23
141.101.143.0/24 maxlen: 24
141.101.144.0/24 maxlen: 24
141.101.145.0/24 maxlen: 24
141.101.146.0/24 maxlen: 24
141.101.147.0/24 maxlen: 24
141.101.148.0/24 maxlen: 24
141.101.149.0/24 maxlen: 24
141.101.150.0/24 maxlen: 24
141.101.153.0/24 maxlen: 24
141.101.154.0/24 maxlen: 24
141.101.155.0/24 maxlen: 24
141.101.156.0/24 maxlen: 24
141.101.157.0/24 maxlen: 24
141.101.158.0/24 maxlen: 24
141.101.159.0/24 maxlen: 24
141.101.160.0/24 maxlen: 24
141.101.161.0/24 maxlen: 24
141.101.162.0/24 maxlen: 24
141.101.163.0/24 maxlen: 24
141.101.164.0/24 maxlen: 24
141.101.165.0/24 maxlen: 24
141.101.166.0/24 maxlen: 24
141.101.167.0/24 maxlen: 24
141.101.168.0/24 maxlen: 24
141.101.169.0/24 maxlen: 24
141.101.170.0/24 maxlen: 24
141.101.171.0/24 maxlen: 24
141.101.172.0/24 maxlen: 24
141.101.173.0/24 maxlen: 24
141.101.174.0/24 maxlen: 24
141.101.179.0/24 maxlen: 24
141.101.189.0/24 maxlen: 24
141.101.190.0/24 maxlen: 24
141.101.191.0/24 maxlen: 24
141.101.198.0/24 maxlen: 24
141.101.209.0/24 maxlen: 24
141.101.216.0/24 maxlen: 24
141.101.230.0/24 maxlen: 24
141.101.233.0/24 maxlen: 24
141.101.235.0/24 maxlen: 24
141.101.237.0/24 maxlen: 24
141.101.238.0/24 maxlen: 24
141.101.242.0/24 maxlen: 24
141.101.245.0/24 maxlen: 24
141.101.252.0/24 maxlen: 24
141.101.253.0/24 maxlen: 24
141.101.254.0/24 maxlen: 24
141.101.255.0/24 maxlen: 24
178.170.136.0/24 maxlen: 24
178.170.137.0/24 maxlen: 24
178.170.138.0/24 maxlen: 24
178.170.139.0/24 maxlen: 24
178.170.140.0/24 maxlen: 24
178.170.141.0/24 maxlen: 24
178.170.142.0/24 maxlen: 24
178.170.144.0/24 maxlen: 24
178.170.145.0/24 maxlen: 24
178.170.146.0/24 maxlen: 24
178.170.172.0/24 maxlen: 24
178.170.187.0/24 maxlen: 24
178.170.188.0/24 maxlen: 24
185.4.148.0/24 maxlen: 24
185.4.149.0/24 maxlen: 24
185.4.150.0/24 maxlen: 24
185.4.151.0/24 maxlen: 24
188.72.80.0/24 maxlen: 24
188.72.81.0/24 maxlen: 24
188.72.82.0/24 maxlen: 24
188.72.83.0/24 maxlen: 24
188.72.84.0/24 maxlen: 24
188.72.85.0/24 maxlen: 24
188.72.86.0/24 maxlen: 24
188.72.87.0/24 maxlen: 24
188.72.89.0/24 maxlen: 24
188.72.95.0/24 maxlen: 24
188.72.97.0/24 maxlen: 24
188.72.98.0/24 maxlen: 24
188.72.101.0/24 maxlen: 24
188.72.102.0/24 maxlen: 24
188.72.114.0/24 maxlen: 24
188.72.115.0/24 maxlen: 24
188.72.116.0/24 maxlen: 24
188.72.119.0/24 maxlen: 24
188.72.124.0/24 maxlen: 24
188.72.125.0/24 maxlen: 24
217.150.88.0/24 maxlen: 24
217.150.89.0/24 maxlen: 24
217.150.90.0/24 maxlen: 24
217.150.91.0/24 maxlen: 24
217.150.92.0/24 maxlen: 24
217.150.93.0/24 maxlen: 24
217.150.94.0/24 maxlen: 24
217.150.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 08:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:cd:4d:e4:67:3f:ff:31:86:79:d6:87:df:7f:93:e2:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Oct 10 08:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cffea1c5d36021a794ce447c267556ce333b89d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:29:63:50:17:a0:b0:25:ee:08:72:09:8a:c0:
b0:34:aa:0e:27:60:08:4a:af:dc:47:b0:22:3c:c9:
0a:f4:db:85:70:cc:fc:6e:39:5f:2d:63:ec:9f:4a:
25:73:08:ce:dc:b2:ae:f7:07:39:1d:d1:53:74:f1:
ad:ae:26:c2:07:e5:cd:9c:6e:7a:cc:61:7b:45:8e:
53:fa:2f:9e:2f:02:9c:4b:7e:34:24:f0:c8:93:51:
f6:6a:ad:70:bc:8c:99:b9:42:8d:ad:e0:7c:9e:cc:
84:33:fe:36:13:84:b3:55:b2:55:ea:c0:50:a0:3c:
e0:52:3c:aa:ac:ba:4a:2e:ea:3c:eb:59:f2:d5:24:
ad:3e:08:cc:cd:17:e8:1b:1b:ab:31:9d:0c:7e:73:
7e:2a:ad:b8:ee:f7:ef:29:3a:ca:b2:58:6a:1b:71:
3f:70:dd:e1:3c:ea:5e:39:3a:7c:ac:4a:8c:73:11:
c7:f0:21:85:2a:e7:0c:9b:4b:85:d2:e8:54:e2:94:
28:e3:eb:4f:fe:d5:ef:c8:99:b0:39:a5:bb:cf:e3:
36:ec:9b:52:7d:39:26:f1:7f:47:cd:9c:7f:f1:7e:
13:71:b7:1f:1b:c3:ae:38:6f:37:9e:59:a7:fe:f7:
0d:89:47:46:73:de:bc:d0:09:00:64:5a:eb:98:22:
9e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:FE:A1:C5:D3:60:21:A7:94:CE:44:7C:26:75:56:CE:33:3B:89:D3
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/z_6hxdNgIaeUzkR8JnVWzjM7idM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.0.0/24
37.18.23.0/24
37.18.25.0/24
37.18.60.0/24
37.18.63.0/24
37.18.78.0/24
37.18.82.0/24
37.18.103.0/24
37.18.106.0/24
37.18.125.0-37.18.126.255
37.230.130.0/24
37.230.132.0/24
37.230.134.0/23
37.230.140.0/24
37.230.145.0/24
37.230.151.0/24
37.230.163.0/24
37.230.176.0-37.230.178.255
37.230.182.0/23
37.230.187.0/24
37.230.200.0/24
37.230.208.0/24
37.230.226.0/23
37.230.230.0/23
37.230.238.0/24
37.230.254.0/23
46.243.138.0-46.243.140.255
46.243.148.0-46.243.150.255
46.243.163.0/24
46.243.204.0/24
46.243.214.0/23
46.243.220.0-46.243.225.255
46.243.236.0-46.243.243.255
46.243.246.0-46.243.251.255
128.0.71.0/24
141.101.132.0-141.101.136.255
141.101.138.0/23
141.101.143.0-141.101.150.255
141.101.153.0-141.101.174.255
141.101.179.0/24
141.101.189.0-141.101.191.255
141.101.198.0/24
141.101.209.0/24
141.101.216.0/24
141.101.230.0/24
141.101.233.0/24
141.101.235.0/24
141.101.237.0-141.101.238.255
141.101.242.0/24
141.101.245.0/24
141.101.252.0/22
178.170.136.0-178.170.142.255
178.170.144.0-178.170.146.255
178.170.172.0/24
178.170.187.0-178.170.188.255
185.4.148.0/22
188.72.80.0/21
188.72.89.0/24
188.72.95.0/24
188.72.97.0-188.72.98.255
188.72.101.0-188.72.102.255
188.72.114.0-188.72.116.255
188.72.119.0/24
188.72.124.0/23
217.150.88.0/21
Signature Algorithm: sha256WithRSAEncryption
65:d5:01:09:0d:19:8f:31:d0:31:37:d3:11:55:23:69:9e:0d:
c5:81:f0:c7:72:13:c4:75:79:c4:cd:ad:f9:06:41:9b:6f:11:
10:ee:75:be:18:b3:6f:1d:73:dc:70:3c:0b:85:54:b0:7e:d5:
f7:e4:d5:d0:5d:bc:d8:4d:10:1f:67:47:b7:94:ce:13:3e:cf:
84:d8:dd:32:c5:7d:92:80:24:15:e9:99:6c:54:8e:ca:ac:f7:
91:ea:12:cf:71:1b:f8:8b:bb:58:53:b6:29:c2:0e:d8:06:e0:
68:86:00:79:08:09:a8:08:4b:50:12:55:ae:73:2f:2c:47:e5:
6a:3f:b8:98:5c:1a:2a:86:b6:01:60:80:ff:8a:c6:ec:1c:e8:
39:21:22:83:13:ea:a3:6b:8f:96:f3:92:df:57:ad:d3:ff:d3:
4c:dc:a6:d5:40:5e:ca:bb:27:bd:d1:30:ba:db:25:39:f9:71:
0f:7c:05:6e:2d:44:a9:03:23:56:59:be:44:db:bd:85:1b:fc:
f4:eb:27:9c:cd:8e:1c:3f:63:24:87:9b:51:1e:7e:31:7d:32:
49:08:b9:52:67:17:65:50:3e:86:e2:a2:d4:f6:9a:b3:71:a2:
7c:6f:bc:bf:2d:49:13:02:2e:dd:db:49:9d:2a:1a:e9:6c:6d:
a5:5a:0e:54
-----BEGIN CERTIFICATE-----
MIIHFzCCBf+gAwIBAgISAZnNTeRnP/8xhnnWh99/k+IOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUxMDEwMDg0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmZlYTFjNWQzNjAyMWE3OTRjZTQ0N2MyNjc1NTZjZTMzM2I4OWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySljUBegsCXuCHIJisCwNKoOJ2AI
Sq/cR7AiPMkK9NuFcMz8bjlfLWPsn0olcwjO3LKu9wc5HdFTdPGtribCB+XNnG56
zGF7RY5T+i+eLwKcS340JPDIk1H2aq1wvIyZuUKNreB8nsyEM/42E4SzVbJV6sBQ
oDzgUjyqrLpKLuo861ny1SStPgjMzRfoGxurMZ0MfnN+Kq247vfvKTrKslhqG3E/
cN3hPOpeOTp8rEqMcxHH8CGFKucMm0uF0uhU4pQo4+tP/tXvyJmwOaW7z+M27JtS
fTkm8X9HzZx/8X4TcbcfG8OuOG83nlmn/vcNiUdGc9680AkAZFrrmCKeuwIDAQAB
o4IEIzCCBB8wHQYDVR0OBBYEFM/+ocXTYCGnlM5EfCZ1Vs4zO4nTMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvel82aHhkTmdJYWVVemtSOEpuVld6ak03aWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICNwYIKwYBBQUHAQcBAf8EggImMIICIjCCAh4EAgABMIIC
FgMEACUSAAMEACUSFwMEACUSGQMEACUSPAMEACUSPwMEACUSTgMEACUSUgMEACUS
ZwMEACUSajAMAwQAJRJ9AwQAJRJ+AwQAJeaCAwQAJeaEAwQBJeaGAwQAJeaMAwQA
JeaRAwQAJeaXAwQAJeajMAwDBAQl5rADBAAl5rIDBAEl5rYDBAAl5rsDBAAl5sgD
BAAl5tADBAEl5uIDBAEl5uYDBAAl5u4DBAEl5v4wDAMEAS7zigMEAC7zjDAMAwQC
LvOUAwQALvOWAwQALvOjAwQALvPMAwQBLvPWMAwDBAIu89wDBAEu8+AwDAMEAi7z
7AMEAi7z8DAMAwQBLvP2AwQCLvP4AwQAgABHMAwDBAKNZYQDBACNZYgDBAGNZYow
DAMEAI1ljwMEAI1lljAMAwQAjWWZAwQAjWWuAwQAjWWzMAwDBACNZb0DBAaNZYAD
BACNZcYDBACNZdEDBACNZdgDBACNZeYDBACNZekDBACNZeswDAMEAI1l7QMEAI1l
7gMEAI1l8gMEAI1l9QMEAo1l/DAMAwQDsqqIAwQAsqqOMAwDBASyqpADBACyqpID
BACyqqwwDAMEALKquwMEALKqvAMEArkElAMEA7xIUAMEALxIWQMEALxIXzAMAwQA
vEhhAwQAvEhiMAwDBAC8SGUDBAC8SGYwDAMEAbxIcgMEALxIdAMEALxIdwMEAbxI
fAMEA9mWWDANBgkqhkiG9w0BAQsFAAOCAQEAZdUBCQ0ZjzHQMTfTEVUjaZ4NxYHw
x3ITxHV5xM2t+QZBm28REO51vhizbx1z3HA8C4VUsH7V9+TV0F282E0QH2dHt5TO
Ez7PhNjdMsV9koAkFemZbFSOyqz3keoSz3Eb+Iu7WFO2KcIO2AbgaIYAeQgJqAhL
UBJVrnMvLEflaj+4mFwaKoa2AWCA/4rG7BzoOSEigxPqo2uPlvOS31et0//TTNym
1UBeyrsnvdEwutslOflxD3wFbi1EqQMjVlm+RNu9hRv89OsnnM2OHD9jJIebUR5+
MX0ySQi5UmcXZVA+huKi1Paas3GifG+8vy1JEwIu3dtJnSoa6WxtpVoOVA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:08:58 2025 by rpki-client