Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: esADpgvDUkXLJA4w7tFODwz6nQD/ETW6vlrtOre8GIY=
Subject key identifier: D6:AE:33:C1:F4:2C:BC:EB:95:C6:5B:C7:CB:3B:B6:1D:84:7A:21:66
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4F08FA84D632720AEC7E071748D44D7CC22AECC1
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Mon 09 Jun 2025 19:33:10 +0000
ROA not before: Mon 09 Jun 2025 19:28:10 +0000
ROA not after: Mon 08 Jun 2026 19:33:10 +0000
asID: 212238
IP address blocks: 82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.242.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.242.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.170.0/23 maxlen: 23
82.23.229.0/24 maxlen: 24
82.23.232.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.126.0/24 maxlen: 24
82.24.144.0/23 maxlen: 23
82.24.182.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.157.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.243.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.11.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.243.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 14:20:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:08:fa:84:d6:32:72:0a:ec:7e:07:17:48:d4:4d:7c:c2:2a:ec:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 9 19:28:10 2025 GMT
Not After : Jun 8 19:33:10 2026 GMT
Subject: CN=D6AE33C1F42CBCEB95C65BC7CB3BB61D847A2166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:91:ba:59:5c:1f:3d:bd:43:d6:19:e0:20:a2:
4d:40:cb:94:c1:3f:22:67:ad:2b:cb:64:ab:e8:72:
ec:c0:0d:04:dc:35:0a:5f:6e:f9:f6:10:d4:f1:64:
a7:1d:d8:81:25:0b:96:30:43:b0:4f:10:82:d4:c1:
8f:56:de:78:43:63:13:f8:06:b3:2e:0c:46:02:f2:
78:aa:36:56:cb:1c:ed:4e:76:00:70:0e:78:6d:11:
74:f8:07:62:97:87:d3:34:98:91:04:f6:a5:09:66:
ee:96:72:6d:4e:c9:4c:71:93:b6:b0:fd:aa:46:ca:
be:82:1d:2e:f9:9d:53:36:c0:28:87:2e:85:d8:cf:
07:ba:53:6c:30:cc:9c:2e:c9:f1:90:ab:01:14:ef:
c2:b6:65:4b:38:d2:7b:73:68:13:38:15:89:f3:2f:
d6:16:34:60:15:7a:47:73:ec:9c:5a:cd:27:93:5d:
01:19:a7:df:43:8d:83:67:e2:b6:d2:9d:00:54:ed:
29:d0:b0:31:32:ec:18:72:cf:f9:e5:2f:6b:31:8b:
6d:b8:e7:eb:c5:d3:e3:ae:a3:a1:f9:0f:69:99:d3:
1b:c2:69:6d:c5:c0:74:10:fa:a5:44:11:a6:b8:22:
36:d8:bf:97:f1:79:5e:cc:98:e6:75:ec:a7:d4:65:
56:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AE:33:C1:F4:2C:BC:EB:95:C6:5B:C7:CB:3B:B6:1D:84:7A:21:66
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.242.0/23
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.242.0/23
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.145.0/24
82.23.170.0/23
82.23.229.0/24
82.23.232.0/23
82.23.243.0/24
82.23.253.0-82.23.255.255
82.24.34.0/24
82.24.46.0/24
82.24.126.0/24
82.24.144.0/23
82.24.182.0/24
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.243.0/24
82.25.253.0/24
82.26.157.0/24
82.26.237.0/24
82.26.243.0/24
82.26.253.0/24
82.27.11.0/24
82.27.225.0/24
82.27.238.0/24
82.27.243.0/24
82.27.253.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.202.0/24
82.29.233.0/24
82.29.242.0/23
Signature Algorithm: sha256WithRSAEncryption
32:3f:26:ca:28:3a:3f:9a:cc:b1:de:11:a5:16:43:3e:e2:6e:
3e:d9:23:12:a7:cd:af:d1:bb:4b:0c:30:ec:c7:11:b1:95:7e:
b5:47:85:b8:01:f5:cd:d1:53:42:b9:45:d4:d2:55:f0:1c:21:
b3:00:9e:f3:33:5a:4e:57:52:f5:10:92:73:45:e6:36:71:94:
02:d3:8e:20:ef:b5:0e:a6:ac:4c:a1:04:86:bf:0f:ca:9f:c6:
4b:44:4d:80:f0:b1:bf:5e:d1:71:9b:e7:e9:4e:f3:2b:ca:78:
43:f0:14:fd:cc:fe:90:ad:a4:7d:87:8f:66:8d:b7:36:82:a9:
34:a8:07:cf:de:2b:3b:52:f2:83:de:9f:25:08:90:55:e6:82:
58:97:15:14:db:ca:b2:00:b5:a9:f7:07:9e:92:9e:0e:90:79:
01:8c:62:bd:65:a1:96:37:25:0f:cf:e1:26:9f:ce:08:21:44:
29:dd:15:d1:b5:48:af:c0:8a:cb:73:32:ad:cc:4d:70:a9:62:
38:20:96:76:b8:65:fa:eb:0b:c1:f7:31:c1:2e:d3:76:fa:2e:
ea:c3:a2:fd:0e:d3:9b:d7:a2:4d:48:c5:5f:d5:f1:94:89:f0:
12:0a:49:ce:37:82:a0:91:8f:fc:06:c9:2d:ee:b4:65:dc:0a:
71:ba:38:7a
-----BEGIN CERTIFICATE-----
MIIGmzCCBYOgAwIBAgIUTwj6hNYycgrsfgcXSNRNfMIq7MEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDkxOTI4MTBaFw0yNjA2MDgxOTMzMTBaMDMxMTAvBgNV
BAMTKEQ2QUUzM0MxRjQyQ0JDRUI5NUM2NUJDN0NCM0JCNjFEODQ3QTIxNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmkbpZXB89vUPWGeAgok1Ay5TB
PyJnrSvLZKvocuzADQTcNQpfbvn2ENTxZKcd2IElC5YwQ7BPEILUwY9W3nhDYxP4
BrMuDEYC8niqNlbLHO1OdgBwDnhtEXT4B2KXh9M0mJEE9qUJZu6Wcm1OyUxxk7aw
/apGyr6CHS75nVM2wCiHLoXYzwe6U2wwzJwuyfGQqwEU78K2ZUs40ntzaBM4FYnz
L9YWNGAVekdz7JxazSeTXQEZp99DjYNn4rbSnQBU7SnQsDEy7Bhyz/nlL2sxi224
5+vF0+Ouo6H5D2mZ0xvCaW3FwHQQ+qVEEaa4IjbYv5fxeV7MmOZ17KfUZVYnAgMB
AAGjggOlMIIDoTAdBgNVHQ4EFgQU1q4zwfQsvOuVxlvHyzu2HYR6IWYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIBuAYIKwYBBQUHAQcBAf8EggGnMIIBozCCAZ8EAgAB
MIIBlwMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAMEAFIVhTAM
AwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9AwQAUhW/
AwQAUhXBAwQBUhXyAwQAUhZBAwQAUhZPAwQAUhZVAwQAUhZXAwQAUhaTAwQBUhby
AwQAUhb9MAwDBABSFxEDBABSFxIwDAMEAFIXFQMEAFIXFjAMAwQAUhclAwQAUhcm
MAwDBABSF3cDBABSF3oDBABSF34DBABSF5EDBAFSF6oDBABSF+UDBAFSF+gDBABS
F/MwCwMEAFIX/QMDA1IQAwQAUhgiAwQAUhguAwQAUhh+AwQBUhiQAwQAUhi2AwQA
UhjvAwQAUhjzAwQAUhj9AwQAUhnzAwQAUhn9AwQAUhqdAwQAUhrtAwQAUhrzAwQA
Uhr9AwQAUhsLAwQAUhvhAwQAUhvuAwQAUhvzAwQAUhv9AwQAUh1cAwQAUh1eAwQB
Uh1gAwQBUh1kAwQAUh3KAwQAUh3pAwQBUh3yMA0GCSqGSIb3DQEBCwUAA4IBAQAy
PybKKDo/msyx3hGlFkM+4m4+2SMSp82v0btLDDDsxxGxlX61R4W4AfXN0VNCuUXU
0lXwHCGzAJ7zM1pOV1L1EJJzReY2cZQC044g77UOpqxMoQSGvw/Kn8ZLRE2A8LG/
XtFxm+fpTvMrynhD8BT9zP6QraR9h49mjbc2gqk0qAfP3is7UvKD3p8lCJBV5oJY
lxUU28qyALWp9weekp4OkHkBjGK9ZaGWNyUPz+Emn84IIUQp3RXRtUivwIrLczKt
zE1wqWI4IJZ2uGX66wvB9zHBLtN2+i7qw6L9DtOb16JNSMVf1fGUifASCknON4Kg
kY/8Bskt7rRl3Apxujh6
-----END CERTIFICATE-----
Generated at Sat Jun 14 04:11:47 2025 by rpki-client