Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: JMBiYmKuGNFrEPsUICjUKoH10IgfuOnP+g6/4wqBX6E=
Subject key identifier: AA:0D:67:A1:16:D8:64:9E:F6:1E:88:D1:26:6C:2F:FE:35:48:5C:35
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 480DBA5753D30543BF28E97713B8286AEC39B11C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Sun 08 Feb 2026 13:48:41 +0000
ROA not before: Sun 08 Feb 2026 13:43:41 +0000
ROA not after: Sun 07 Feb 2027 13:48:41 +0000
asID: 212238
IP address blocks: 82.21.2.0/24 maxlen: 24
82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.211.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.27.0/24 maxlen: 24
82.22.34.0/24 maxlen: 24
82.22.46.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.212.0/24 maxlen: 24
82.22.222.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.217.0/24 maxlen: 24
82.23.229.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.112.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
82.24.182.0/24 maxlen: 24
82.24.215.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.34.0/24 maxlen: 24
82.25.212.0/24 maxlen: 24
82.25.219.0/24 maxlen: 24
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.130.0/24 maxlen: 24
82.27.132.0/24 maxlen: 24
82.27.213.0/24 maxlen: 24
82.27.222.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.234.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.125.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.215.0/24 maxlen: 24
82.29.217.0/24 maxlen: 24
82.29.228.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
82.38.129.0/24 maxlen: 24
178.83.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:0d:ba:57:53:d3:05:43:bf:28:e9:77:13:b8:28:6a:ec:39:b1:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 8 13:43:41 2026 GMT
Not After : Feb 7 13:48:41 2027 GMT
Subject: CN=AA0D67A116D8649EF61E88D1266C2FFE35485C35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5e:cf:8c:b1:73:32:f4:e7:7f:d8:a0:eb:63:
26:a5:07:73:ae:26:35:92:d7:3d:f9:1a:01:d7:32:
8f:16:d8:6c:f7:ad:05:43:78:e4:b3:e1:3b:9b:16:
3d:2b:78:60:85:5e:81:38:b6:1e:e1:eb:eb:dc:d4:
76:1d:00:cb:ee:03:55:2a:9d:57:29:2d:d3:12:69:
9a:80:48:ff:18:5c:a8:60:62:e1:5c:c7:b3:ef:98:
5a:28:1c:d9:b5:31:59:b4:0f:1d:59:1c:cd:23:07:
26:bd:1e:55:43:14:0d:c3:7e:b8:6f:5e:12:de:f0:
44:42:9f:eb:85:90:1c:b7:38:2c:4c:2d:4e:26:ea:
f3:34:33:92:30:e0:e8:a3:2d:8f:b6:2f:8e:f6:33:
3e:b3:c1:25:c8:a0:82:9d:83:47:3b:cf:81:0f:29:
ac:77:ef:3d:d9:c9:eb:98:29:9f:37:5d:11:d2:6c:
d5:ed:e7:39:b8:19:6c:de:d3:38:a3:3d:85:60:57:
c2:ef:22:f1:82:4c:9c:1f:44:56:4f:49:74:66:82:
05:7f:b4:c6:57:3d:3a:a8:8c:91:9e:fb:88:80:26:
56:7d:4b:77:65:2c:49:d7:5b:32:6f:64:a8:9f:49:
36:0f:14:9f:d1:b8:36:9f:03:67:0f:e3:69:87:3c:
22:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:0D:67:A1:16:D8:64:9E:F6:1E:88:D1:26:6C:2F:FE:35:48:5C:35
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.2.0/24
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.211.0/24
82.21.243.0/24
82.22.27.0/24
82.22.34.0/24
82.22.46.0/24
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.212.0/24
82.22.222.0/24
82.22.243.0/24
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.145.0-82.23.146.255
82.23.217.0/24
82.23.229.0/24
82.23.233.0/24
82.23.243.0/24
82.23.253.0-82.23.255.255
82.24.34.0/24
82.24.46.0/24
82.24.112.0/24
82.24.175.0/24
82.24.182.0/24
82.24.215.0/24
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.34.0/24
82.25.212.0/24
82.25.219.0/24
82.25.243.0/24
82.25.253.0/24
82.26.237.0/24
82.26.253.0/24
82.27.130.0/24
82.27.132.0/24
82.27.213.0/24
82.27.222.0/24
82.27.225.0/24
82.27.234.0/24
82.27.238.0/24
82.27.253.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.125.0/24
82.29.202.0/24
82.29.215.0/24
82.29.217.0/24
82.29.228.0/24
82.29.233.0/24
82.29.242.0/23
82.38.129.0/24
178.83.200.0/24
Signature Algorithm: sha256WithRSAEncryption
07:bf:4a:99:f5:1c:a1:45:df:d7:35:1e:dd:16:37:29:42:3f:
70:b1:aa:46:d9:5e:be:42:ea:1d:9b:40:e5:17:16:1c:3d:93:
6a:e4:e4:07:a7:57:c1:dc:96:0a:cc:24:a8:e3:13:fd:06:54:
7f:8e:87:ab:6f:a7:44:0e:dd:83:91:6b:69:5b:d7:55:17:b9:
5e:d0:bb:97:ba:12:8e:c3:50:f9:75:e9:53:a4:cb:01:d1:e5:
74:05:7e:2a:bb:e7:3a:75:43:60:0b:77:c0:16:bc:30:9b:b8:
42:ae:50:7a:d7:33:3b:90:b4:39:be:5c:16:69:50:5f:c9:6d:
4a:63:a6:d8:61:d9:df:25:4f:c7:a7:a2:15:de:73:8b:dd:a7:
52:75:85:5e:d5:28:47:36:60:4a:14:61:92:5c:2d:df:da:e5:
9e:97:cd:75:bb:5a:50:f8:91:14:f7:3b:5a:ac:b7:e0:c8:2e:
a6:b0:3d:76:38:e6:af:e5:39:33:d8:95:30:fa:e1:48:6a:7b:
06:a7:87:82:1a:b7:44:57:d8:48:09:ad:af:0c:31:8d:6c:92:
5a:46:d7:b4:17:90:24:d8:dc:61:18:d3:b5:46:32:3a:e7:b0:
e5:bf:e3:be:c6:f6:62:03:ef:95:ba:40:ca:5a:1e:bd:b0:02:
cd:9b:91:c2
-----BEGIN CERTIFICATE-----
MIIHDzCCBfegAwIBAgIUSA26V1PTBUO/KOl3E7goauw5sRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMDgxMzQzNDFaFw0yNzAyMDcxMzQ4NDFaMDMxMTAvBgNV
BAMTKEFBMEQ2N0ExMTZEODY0OUVGNjFFODhEMTI2NkMyRkZFMzU0ODVDMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRXs+MsXMy9Od/2KDrYyalB3Ou
JjWS1z35GgHXMo8W2Gz3rQVDeOSz4TubFj0reGCFXoE4th7h6+vc1HYdAMvuA1Uq
nVcpLdMSaZqASP8YXKhgYuFcx7PvmFooHNm1MVm0Dx1ZHM0jBya9HlVDFA3Dfrhv
XhLe8ERCn+uFkBy3OCxMLU4m6vM0M5Iw4OijLY+2L472Mz6zwSXIoIKdg0c7z4EP
Kax37z3ZyeuYKZ83XRHSbNXt5zm4GWze0zijPYVgV8LvIvGCTJwfRFZPSXRmggV/
tMZXPTqojJGe+4iAJlZ9S3dlLEnXWzJvZKifSTYPFJ/RuDafA2cP42mHPCLVAgMB
AAGjggQZMIIEFTAdBgNVHQ4EFgQUqg1noRbYZJ72HojRJmwv/jVIXDUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIICLAYIKwYBBQUHAQcBAf8EggIbMIICFzCCAhMEAgAB
MIICCwMEAFIVAgMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAME
AFIVhTAMAwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9
AwQAUhW/AwQAUhXBAwQAUhXTAwQAUhXzAwQAUhYbAwQAUhYiAwQAUhYuAwQAUhZB
AwQAUhZPAwQAUhZVAwQAUhZXAwQAUhaTAwQAUhbUAwQAUhbeAwQAUhbzAwQAUhb9
MAwDBABSFxEDBABSFxIwDAMEAFIXFQMEAFIXFjAMAwQAUhclAwQAUhcmMAwDBABS
F3cDBABSF3oDBABSF34wDAMEAFIXkQMEAFIXkgMEAFIX2QMEAFIX5QMEAFIX6QME
AFIX8zALAwQAUhf9AwMDUhADBABSGCIDBABSGC4DBABSGHADBABSGK8DBABSGLYD
BABSGNcDBABSGO8DBABSGPMDBABSGP0DBABSGSIDBABSGdQDBABSGdsDBABSGfMD
BABSGf0DBABSGu0DBABSGv0DBABSG4IDBABSG4QDBABSG9UDBABSG94DBABSG+ED
BABSG+oDBABSG+4DBABSG/0DBABSHVwDBABSHV4DBAFSHWADBAFSHWQDBABSHX0D
BABSHcoDBABSHdcDBABSHdkDBABSHeQDBABSHekDBAFSHfIDBABSJoEDBACyU8gw
DQYJKoZIhvcNAQELBQADggEBAAe/Spn1HKFF39c1Ht0WNylCP3CxqkbZXr5C6h2b
QOUXFhw9k2rk5AenV8HclgrMJKjjE/0GVH+Oh6tvp0QO3YORa2lb11UXuV7Qu5e6
Eo7DUPl16VOkywHR5XQFfiq75zp1Q2ALd8AWvDCbuEKuUHrXMzuQtDm+XBZpUF/J
bUpjpthh2d8lT8enohXec4vdp1J1hV7VKEc2YEoUYZJcLd/a5Z6XzXW7WlD4kRT3
O1qst+DILqawPXY45q/lOTPYlTD64Uhqewanh4Iat0RX2EgJra8MMY1sklpG17QX
kCTY3GEY07VGMjrnsOW/477G9mID75W6QMpaHr2wAs2bkcI=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:57:25 2026 by rpki-client