Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: xScr60VoOz5Uk6PPafneAJ1TwT2XXmRKWuFWiorVG4A=
Subject key identifier: 62:E4:0F:83:5D:98:7E:58:1E:E4:AE:E8:A2:96:A5:D7:0D:41:C9:A7
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4BA79287AA25B6814E175DB50AC36CC3089C87E9
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Tue 28 Oct 2025 00:24:41 +0000
ROA not before: Tue 28 Oct 2025 00:19:41 +0000
ROA not after: Tue 27 Oct 2026 00:24:41 +0000
asID: 212238
IP address blocks: 82.21.2.0/24 maxlen: 24
82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.211.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.212.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.217.0/24 maxlen: 24
82.23.229.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.112.0/24 maxlen: 24
82.24.126.0/24 maxlen: 24
82.24.182.0/24 maxlen: 24
82.24.215.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.34.0/24 maxlen: 24
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.130.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.215.0/24 maxlen: 24
82.29.217.0/24 maxlen: 24
82.29.228.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:a7:92:87:aa:25:b6:81:4e:17:5d:b5:0a:c3:6c:c3:08:9c:87:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 28 00:19:41 2025 GMT
Not After : Oct 27 00:24:41 2026 GMT
Subject: CN=62E40F835D987E581EE4AEE8A296A5D70D41C9A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:52:7d:10:0d:59:a7:2b:9b:0e:a5:46:04:f4:
64:55:be:d6:e9:32:5e:f6:75:66:9c:9a:a4:96:63:
24:95:7e:12:35:c9:5e:70:69:bc:76:d9:68:73:52:
77:f5:22:4f:89:d2:11:71:de:51:3b:a7:80:d8:39:
24:2d:79:17:89:39:fb:42:de:13:56:d7:8d:7f:1a:
d4:e0:46:d3:f6:a6:b0:cf:ed:92:c1:84:b1:ed:df:
57:b0:75:00:1d:8e:a5:69:08:f4:6b:33:8c:fc:10:
e2:d9:3b:27:fd:1c:62:6b:bb:62:45:7d:da:0f:3c:
d3:96:bd:26:e7:a9:9d:15:a4:00:88:7a:17:75:5a:
87:a9:79:58:bd:12:f0:0c:98:71:2f:f4:dc:62:e1:
65:92:3e:8a:36:f7:ff:f3:da:cc:5f:54:91:62:e4:
ab:36:4c:11:d1:4a:80:21:eb:33:52:a1:e6:31:4a:
12:19:18:ed:d8:ef:19:21:70:5d:00:bf:8c:cf:b7:
89:d6:74:e6:59:13:c7:b5:f8:bc:8b:ba:a4:04:6d:
d9:34:06:49:87:c4:7e:18:ed:c5:5e:d5:af:d9:95:
04:a3:90:ce:bb:0d:9b:a9:47:36:4b:40:9e:63:b9:
11:a7:05:c9:01:b5:fb:29:a6:a2:26:c6:f9:1c:38:
56:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:E4:0F:83:5D:98:7E:58:1E:E4:AE:E8:A2:96:A5:D7:0D:41:C9:A7
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.2.0/24
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.211.0/24
82.21.243.0/24
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.212.0/24
82.22.243.0/24
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.145.0-82.23.146.255
82.23.217.0/24
82.23.229.0/24
82.23.233.0/24
82.23.243.0/24
82.23.253.0-82.23.255.255
82.24.34.0/24
82.24.46.0/24
82.24.112.0/24
82.24.126.0/24
82.24.182.0/24
82.24.215.0/24
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.34.0/24
82.25.243.0/24
82.25.253.0/24
82.26.237.0/24
82.26.253.0/24
82.27.130.0/24
82.27.225.0/24
82.27.238.0/24
82.27.253.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.202.0/24
82.29.215.0/24
82.29.217.0/24
82.29.228.0/24
82.29.233.0/24
82.29.242.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:14:e0:40:ce:71:9c:a5:28:cf:64:bb:50:71:5b:24:4d:bc:
96:aa:1f:bd:18:8d:ef:c9:52:e7:2c:40:c8:c0:57:c5:e2:dd:
02:7b:20:e1:91:7e:5d:e7:c4:a9:67:92:cd:7c:9a:a6:09:39:
f7:12:41:c7:c1:65:54:96:88:c0:2d:45:b2:2e:1c:70:c6:61:
0c:17:14:f3:2b:32:24:e4:84:1d:b0:51:9d:d5:3d:a8:36:55:
71:5a:f0:d9:40:62:00:68:b9:e9:fc:24:68:33:d1:31:ab:51:
e4:c0:45:1e:39:5c:dc:11:50:94:fb:a1:34:2d:1f:2b:7b:45:
54:06:de:3c:48:d2:d2:ee:ef:2f:84:57:bb:bc:91:73:0d:e2:
81:a1:3f:fe:df:c0:a9:bc:5b:d1:31:c6:b9:10:39:86:dd:1e:
b8:7e:78:88:c6:14:ee:24:a4:cc:a4:d4:df:ef:d5:6e:d1:b9:
59:11:97:ac:db:cc:83:e9:29:f6:4b:a4:30:fb:17:b1:41:64:
a1:57:3d:7c:84:dc:90:9d:e7:ba:0b:ad:40:32:11:c4:e5:53:
09:c7:24:f3:aa:58:f5:25:88:25:9c:af:7a:14:ac:9c:09:a9:
f9:98:60:44:9d:3c:40:ed:e8:69:a1:3b:3f:8f:8c:a0:00:99:
3f:95:8c:7d
-----BEGIN CERTIFICATE-----
MIIGwTCCBamgAwIBAgIUS6eSh6oltoFOF121CsNswwich+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMjgwMDE5NDFaFw0yNjEwMjcwMDI0NDFaMDMxMTAvBgNV
BAMTKDYyRTQwRjgzNUQ5ODdFNTgxRUU0QUVFOEEyOTZBNUQ3MEQ0MUM5QTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcUn0QDVmnK5sOpUYE9GRVvtbp
Ml72dWacmqSWYySVfhI1yV5wabx22WhzUnf1Ik+J0hFx3lE7p4DYOSQteReJOftC
3hNW141/GtTgRtP2prDP7ZLBhLHt31ewdQAdjqVpCPRrM4z8EOLZOyf9HGJru2JF
fdoPPNOWvSbnqZ0VpACIehd1WoepeVi9EvAMmHEv9Nxi4WWSPoo29//z2sxfVJFi
5Ks2TBHRSoAh6zNSoeYxShIZGO3Y7xkhcF0Av4zPt4nWdOZZE8e1+LyLuqQEbdk0
BkmHxH4Y7cVe1a/ZlQSjkM67DZupRzZLQJ5juRGnBckBtfsppqImxvkcOFa9AgMB
AAGjggPLMIIDxzAdBgNVHQ4EFgQUYuQPg12Yflge5K7oopal1w1ByacwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIB3gYIKwYBBQUHAQcBAf8EggHNMIIByTCCAcUEAgAB
MIIBvQMEAFIVAgMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAME
AFIVhTAMAwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9
AwQAUhW/AwQAUhXBAwQAUhXTAwQAUhXzAwQAUhZBAwQAUhZPAwQAUhZVAwQAUhZX
AwQAUhaTAwQAUhbUAwQAUhbzAwQAUhb9MAwDBABSFxEDBABSFxIwDAMEAFIXFQME
AFIXFjAMAwQAUhclAwQAUhcmMAwDBABSF3cDBABSF3oDBABSF34wDAMEAFIXkQME
AFIXkgMEAFIX2QMEAFIX5QMEAFIX6QMEAFIX8zALAwQAUhf9AwMDUhADBABSGCID
BABSGC4DBABSGHADBABSGH4DBABSGLYDBABSGNcDBABSGO8DBABSGPMDBABSGP0D
BABSGSIDBABSGfMDBABSGf0DBABSGu0DBABSGv0DBABSG4IDBABSG+EDBABSG+4D
BABSG/0DBABSHVwDBABSHV4DBAFSHWADBAFSHWQDBABSHcoDBABSHdcDBABSHdkD
BABSHeQDBABSHekDBAFSHfIwDQYJKoZIhvcNAQELBQADggEBACsU4EDOcZylKM9k
u1BxWyRNvJaqH70Yje/JUucsQMjAV8Xi3QJ7IOGRfl3nxKlnks18mqYJOfcSQcfB
ZVSWiMAtRbIuHHDGYQwXFPMrMiTkhB2wUZ3VPag2VXFa8NlAYgBouen8JGgz0TGr
UeTARR45XNwRUJT7oTQtHyt7RVQG3jxI0tLu7y+EV7u8kXMN4oGhP/7fwKm8W9Ex
xrkQOYbdHrh+eIjGFO4kpMyk1N/v1W7RuVkRl6zbzIPpKfZLpDD7F7FBZKFXPXyE
3JCd57oLrUAyEcTlUwnHJPOqWPUliCWcr3oUrJwJqfmYYESdPEDt6GmhOz+PjKAA
mT+VjH0=
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:11:05 2025 by rpki-client