Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: UeZE6LfRz4qdgnDYCEJy2SSB0k4fj+/1xe5iSKnvZPs=
Subject key identifier: CC:D6:25:81:CE:30:6D:DE:D6:3A:4C:DA:9C:C8:1A:3E:91:7C:D9:52
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5D294DAAD11E481CE709213B44FFC1D63073384A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Thu 17 Apr 2025 00:00:39 +0000
ROA not before: Wed 16 Apr 2025 23:55:39 +0000
ROA not after: Thu 16 Apr 2026 00:00:39 +0000
asID: 212238
IP address blocks: 82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.242.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.242.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.229.0/24 maxlen: 24
82.23.232.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.182.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.52.0/22 maxlen: 22
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.157.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.243.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.11.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.243.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.43.0/24 maxlen: 24
82.29.44.0/24 maxlen: 24
82.29.50.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.109.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 01:27:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:29:4d:aa:d1:1e:48:1c:e7:09:21:3b:44:ff:c1:d6:30:73:38:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 16 23:55:39 2025 GMT
Not After : Apr 16 00:00:39 2026 GMT
Subject: CN=CCD62581CE306DDED63A4CDA9CC81A3E917CD952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:48:59:57:68:00:60:28:1b:dc:31:39:d7:de:
d9:e7:20:c6:c2:11:99:1c:cc:53:d4:26:6d:e1:f2:
a3:c1:00:a9:8a:cf:2c:69:47:34:21:e7:9c:a2:6c:
9a:dc:a9:4b:29:7d:55:40:27:6b:ec:6a:d4:58:75:
ca:7e:0d:92:1b:e0:aa:52:74:66:1e:e5:fe:0a:35:
64:f7:12:d0:1b:89:e0:d6:c7:f4:07:f2:37:8b:b9:
68:9e:40:74:5b:42:30:27:a3:70:26:16:76:aa:f8:
d2:a5:12:56:67:0c:f0:82:37:97:d2:d0:a7:55:df:
3e:df:4e:21:d5:21:b5:86:aa:8f:10:d2:0c:84:51:
88:9d:15:39:33:56:56:a6:73:a9:d1:28:27:fe:a8:
e9:63:6a:4c:a4:62:4a:81:31:e0:b0:14:4b:0b:54:
92:0a:53:5d:10:e9:d6:3e:11:b6:f5:fa:e3:f2:b3:
19:2a:23:71:c5:49:7f:45:28:99:f9:99:b8:71:00:
f3:02:7a:95:8c:aa:66:6f:70:dc:25:14:69:38:4f:
23:6a:08:9b:08:98:98:cd:64:40:b5:95:54:1f:81:
d4:4c:d2:74:23:09:d2:44:b7:51:b9:9f:81:a1:a4:
b4:e4:e4:26:b5:2d:d2:18:d6:ac:5f:6f:2d:58:42:
07:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D6:25:81:CE:30:6D:DE:D6:3A:4C:DA:9C:C8:1A:3E:91:7C:D9:52
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.242.0/23
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.242.0/23
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.229.0/24
82.23.232.0/23
82.23.243.0/24
82.24.34.0/24
82.24.46.0/24
82.24.182.0/24
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.52.0/22
82.25.243.0/24
82.25.253.0/24
82.26.157.0/24
82.26.237.0/24
82.26.243.0/24
82.26.253.0/24
82.27.11.0/24
82.27.225.0/24
82.27.238.0/24
82.27.243.0/24
82.27.253.0/24
82.29.43.0-82.29.44.255
82.29.50.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.109.0/24
82.29.202.0/24
82.29.233.0/24
82.29.242.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:c9:c7:f0:90:7f:b2:8f:1e:ae:81:42:9e:82:aa:3a:c7:e5:
e2:5f:a8:79:d1:a7:36:57:1e:c0:7d:04:3e:94:34:e6:99:1e:
4f:e8:ef:80:fd:57:5e:56:a6:58:5a:99:51:d9:b9:a1:e8:ea:
91:0e:25:4c:80:19:3a:35:47:5e:f0:07:b2:96:db:49:72:74:
a4:a8:13:92:5c:a6:6b:40:b1:34:b0:ee:78:7b:0e:64:f4:69:
f8:ee:45:a7:cd:11:ae:20:03:22:76:d3:f6:7b:6c:a4:c1:2b:
b0:48:f2:37:e2:90:46:10:1a:fc:6d:47:01:a9:74:d7:63:fe:
1c:83:38:36:65:21:1e:d2:4b:93:f0:57:59:d9:c1:fc:a6:da:
5a:45:7f:c0:19:ad:5f:90:9c:13:7b:a0:7c:1f:38:d4:20:f3:
28:6d:5a:ef:18:34:3f:81:9a:b8:cd:ba:11:7d:70:4c:37:ff:
c5:26:86:62:bb:ca:b6:85:13:9e:fb:55:cc:65:52:9b:f8:92:
6f:e8:8d:4d:9b:a7:c1:6e:ed:13:54:b7:64:62:60:1f:b1:d3:
95:39:94:6a:33:03:13:e2:6b:c5:b4:61:21:a6:9c:3e:b2:e4:
87:b0:ca:14:cd:1e:95:b3:10:0e:ff:57:ee:30:9a:f6:9f:6b:
1e:a6:27:de
-----BEGIN CERTIFICATE-----
MIIGljCCBX6gAwIBAgIUXSlNqtEeSBznCSE7RP/B1jBzOEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MTYyMzU1MzlaFw0yNjA0MTYwMDAwMzlaMDMxMTAvBgNV
BAMTKENDRDYyNTgxQ0UzMDZEREVENjNBNENEQTlDQzgxQTNFOTE3Q0Q5NTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvSFlXaABgKBvcMTnX3tnnIMbC
EZkczFPUJm3h8qPBAKmKzyxpRzQh55yibJrcqUspfVVAJ2vsatRYdcp+DZIb4KpS
dGYe5f4KNWT3EtAbieDWx/QH8jeLuWieQHRbQjAno3AmFnaq+NKlElZnDPCCN5fS
0KdV3z7fTiHVIbWGqo8Q0gyEUYidFTkzVlamc6nRKCf+qOljakykYkqBMeCwFEsL
VJIKU10Q6dY+Ebb1+uPysxkqI3HFSX9FKJn5mbhxAPMCepWMqmZvcNwlFGk4TyNq
CJsImJjNZEC1lVQfgdRM0nQjCdJEt1G5n4GhpLTk5Ca1LdIY1qxfby1YQgdBAgMB
AAGjggOgMIIDnDAdBgNVHQ4EFgQUzNYlgc4wbd7WOkzanMgaPpF82VIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIBswYIKwYBBQUHAQcBAf8EggGiMIIBnjCCAZoEAgAB
MIIBkgMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAMEAFIVhTAM
AwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9AwQAUhW/
AwQAUhXBAwQBUhXyAwQAUhZBAwQAUhZPAwQAUhZVAwQAUhZXAwQAUhaTAwQBUhby
AwQAUhb9MAwDBABSFxEDBABSFxIwDAMEAFIXFQMEAFIXFjAMAwQAUhclAwQAUhcm
MAwDBABSF3cDBABSF3oDBABSF34DBABSF+UDBAFSF+gDBABSF/MDBABSGCIDBABS
GC4DBABSGLYDBABSGO8DBABSGPMDBABSGP0DBAJSGTQDBABSGfMDBABSGf0DBABS
Gp0DBABSGu0DBABSGvMDBABSGv0DBABSGwsDBABSG+EDBABSG+4DBABSG/MDBABS
G/0wDAMEAFIdKwMEAFIdLAMEAFIdMgMEAFIdXAMEAFIdXgMEAVIdYAMEAVIdZAME
AFIdbQMEAFIdygMEAFId6QMEAVId8jANBgkqhkiG9w0BAQsFAAOCAQEAi8nH8JB/
so8eroFCnoKqOsfl4l+oedGnNlcewH0EPpQ05pkeT+jvgP1XXlamWFqZUdm5oejq
kQ4lTIAZOjVHXvAHspbbSXJ0pKgTklyma0CxNLDueHsOZPRp+O5Fp80RriADInbT
9ntspMErsEjyN+KQRhAa/G1HAal012P+HIM4NmUhHtJLk/BXWdnB/KbaWkV/wBmt
X5CcE3ugfB841CDzKG1a7xg0P4GauM26EX1wTDf/xSaGYrvKtoUTnvtVzGVSm/iS
b+iNTZunwW7tE1S3ZGJgH7HTlTmUajMDE+JrxbRhIaacPrLkh7DKFM0elbMQDv9X
7jCa9p9rHqYn3g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:09 2025 by rpki-client