Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: cNkpwQeksusysdNZ8/D4Seyj0y3t9UjLqcL7qccLmvY=
Subject key identifier: 80:46:88:77:70:B6:F8:1F:99:80:AE:60:66:00:51:8A:62:5D:31:6E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5D074FEA147016EEC09FDDF8F44CEDA023D1387D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Mon 28 Jul 2025 07:38:45 +0000
ROA not before: Mon 28 Jul 2025 07:33:45 +0000
ROA not after: Mon 27 Jul 2026 07:38:45 +0000
asID: 212238
IP address blocks: 82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.242.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.242.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.229.0/24 maxlen: 24
82.23.232.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.126.0/24 maxlen: 24
82.24.182.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.34.0/24 maxlen: 24
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.243.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.243.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:07:4f:ea:14:70:16:ee:c0:9f:dd:f8:f4:4c:ed:a0:23:d1:38:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 28 07:33:45 2025 GMT
Not After : Jul 27 07:38:45 2026 GMT
Subject: CN=8046887770B6F81F9980AE606600518A625D316E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:45:2d:fb:22:0a:a8:d1:09:be:5a:6b:85:ed:
84:f2:64:fd:3c:48:14:c7:9c:be:70:cd:14:00:53:
19:91:e8:8e:00:48:cb:09:6c:c0:8d:54:75:c2:a1:
f4:97:ed:67:85:2c:bd:be:52:b0:5f:cf:93:ca:6c:
63:c9:01:44:c4:cc:11:68:9f:d4:e5:d7:f8:e9:0a:
c3:90:12:d0:4e:0c:bc:1e:5a:f0:2d:c1:97:e0:99:
45:94:25:d2:ce:9a:0c:fb:71:9d:d2:c6:de:9c:1d:
61:39:24:ad:19:3a:dd:f0:87:e0:cd:77:cc:54:e6:
b2:5a:86:96:c5:12:aa:60:eb:87:be:e4:68:7f:7e:
db:9e:26:36:3f:ac:6b:cc:3b:f8:5a:0b:ba:91:06:
f4:26:3e:4f:e0:58:0b:6d:e5:1b:53:ce:bc:d4:14:
77:3c:62:0a:f8:0f:dd:36:f9:3f:7a:c4:41:33:7c:
aa:b4:ef:f8:84:ee:01:66:77:24:b5:70:83:c1:e7:
54:20:e0:0b:55:65:93:0b:a3:9d:b9:16:1b:86:9b:
ad:1b:ee:b7:74:26:62:da:a3:67:06:e9:37:de:47:
f9:ab:81:22:87:e5:15:68:3d:7d:82:fb:4c:60:2a:
61:06:29:66:af:ef:77:b7:2a:09:a1:34:a8:15:95:
3d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:46:88:77:70:B6:F8:1F:99:80:AE:60:66:00:51:8A:62:5D:31:6E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.242.0/23
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.242.0/23
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.145.0-82.23.146.255
82.23.229.0/24
82.23.232.0/23
82.23.243.0/24
82.23.253.0-82.23.255.255
82.24.34.0/24
82.24.46.0/24
82.24.126.0/24
82.24.182.0/24
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.34.0/24
82.25.243.0/24
82.25.253.0/24
82.26.237.0/24
82.26.243.0/24
82.26.253.0/24
82.27.225.0/24
82.27.238.0/24
82.27.243.0/24
82.27.253.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.202.0/24
82.29.233.0/24
82.29.242.0/23
Signature Algorithm: sha256WithRSAEncryption
12:9c:09:7e:28:7e:98:c5:45:ae:64:0f:d3:0d:99:e5:cc:d6:
67:22:d6:3d:f2:a2:51:5f:1a:c0:2c:58:f7:71:1d:c3:ed:a5:
1f:c1:03:f7:d6:c8:71:58:ca:c3:a9:3e:56:43:72:3f:47:08:
0d:42:6e:7e:06:91:2a:a0:a4:f7:4b:bf:61:b8:70:aa:70:56:
e8:70:9a:5b:d8:c0:24:27:ce:61:b2:c7:2b:91:cf:22:07:6a:
5b:8b:ec:e9:a2:50:52:26:d9:92:67:e1:d3:21:d1:4b:10:b7:
e3:6b:17:fd:22:d9:39:80:7a:6f:cc:65:46:3b:ee:8c:90:d0:
05:bd:f2:38:b2:83:6b:96:3e:cc:8a:31:e7:03:da:e0:af:8a:
86:4c:45:94:eb:dc:22:e8:b6:ba:da:38:90:1a:e7:3e:28:2a:
82:4a:98:09:26:98:1f:19:32:3d:00:58:01:47:c2:78:4d:bf:
ec:c3:86:0e:e5:cd:71:8c:81:34:55:ae:37:3b:cb:c0:8c:ef:
f1:ec:ee:1c:b2:18:0d:f4:9e:81:96:be:ac:3c:8f:07:92:d1:
15:36:13:1c:2d:d1:39:4b:e7:ad:b8:62:f2:1c:6f:7e:35:48:
82:93:b0:72:cd:78:19:26:1a:c8:b3:e4:86:d4:d3:e4:59:74:
53:32:75:0d
-----BEGIN CERTIFICATE-----
MIIGkTCCBXmgAwIBAgIUXQdP6hRwFu7An9349EztoCPROH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjgwNzMzNDVaFw0yNjA3MjcwNzM4NDVaMDMxMTAvBgNV
BAMTKDgwNDY4ODc3NzBCNkY4MUY5OTgwQUU2MDY2MDA1MThBNjI1RDMxNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnRS37Igqo0Qm+WmuF7YTyZP08
SBTHnL5wzRQAUxmR6I4ASMsJbMCNVHXCofSX7WeFLL2+UrBfz5PKbGPJAUTEzBFo
n9Tl1/jpCsOQEtBODLweWvAtwZfgmUWUJdLOmgz7cZ3Sxt6cHWE5JK0ZOt3wh+DN
d8xU5rJahpbFEqpg64e+5Gh/ftueJjY/rGvMO/haC7qRBvQmPk/gWAtt5RtTzrzU
FHc8Ygr4D902+T96xEEzfKq07/iE7gFmdyS1cIPB51Qg4AtVZZMLo525FhuGm60b
7rd0JmLao2cG6TfeR/mrgSKH5RVoPX2C+0xgKmEGKWav73e3KgmhNKgVlT03AgMB
AAGjggObMIIDlzAdBgNVHQ4EFgQUgEaId3C2+B+ZgK5gZgBRimJdMW4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIBrgYIKwYBBQUHAQcBAf8EggGdMIIBmTCCAZUEAgAB
MIIBjQMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAMEAFIVhTAM
AwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9AwQAUhW/
AwQAUhXBAwQBUhXyAwQAUhZBAwQAUhZPAwQAUhZVAwQAUhZXAwQAUhaTAwQBUhby
AwQAUhb9MAwDBABSFxEDBABSFxIwDAMEAFIXFQMEAFIXFjAMAwQAUhclAwQAUhcm
MAwDBABSF3cDBABSF3oDBABSF34wDAMEAFIXkQMEAFIXkgMEAFIX5QMEAVIX6AME
AFIX8zALAwQAUhf9AwMDUhADBABSGCIDBABSGC4DBABSGH4DBABSGLYDBABSGO8D
BABSGPMDBABSGP0DBABSGSIDBABSGfMDBABSGf0DBABSGu0DBABSGvMDBABSGv0D
BABSG+EDBABSG+4DBABSG/MDBABSG/0DBABSHVwDBABSHV4DBAFSHWADBAFSHWQD
BABSHcoDBABSHekDBAFSHfIwDQYJKoZIhvcNAQELBQADggEBABKcCX4ofpjFRa5k
D9MNmeXM1mci1j3yolFfGsAsWPdxHcPtpR/BA/fWyHFYysOpPlZDcj9HCA1Cbn4G
kSqgpPdLv2G4cKpwVuhwmlvYwCQnzmGyxyuRzyIHaluL7OmiUFIm2ZJn4dMh0UsQ
t+NrF/0i2TmAem/MZUY77oyQ0AW98jiyg2uWPsyKMecD2uCvioZMRZTr3CLotrra
OJAa5z4oKoJKmAkmmB8ZMj0AWAFHwnhNv+zDhg7lzXGMgTRVrjc7y8CM7/Hs7hyy
GA30noGWvqw8jweS0RU2Exwt0TlL5624YvIcb341SIKTsHLNeBkmGsiz5IbU0+RZ
dFMydQ0=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:39:01 2025 by rpki-client