Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: PXSZkQVmebYnot6VSucXBqlSKFLBXz11Ebst3Reucy8=
Subject key identifier: 93:C4:82:45:77:21:83:5A:A2:78:41:E4:9E:67:3E:A6:B9:C8:E6:76
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5ABA007205AA4D3ABC86CC6609BBD144847F0163
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Thu 11 Jun 2026 12:20:50 +0000
ROA not before: Thu 11 Jun 2026 12:15:50 +0000
ROA not after: Thu 10 Jun 2027 12:20:50 +0000
asID: 212238
IP address blocks: 82.21.2.0/24 maxlen: 24
82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.200.0/23 maxlen: 24
82.21.211.0/24 maxlen: 24
82.21.237.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.27.0/24 maxlen: 24
82.22.34.0/24 maxlen: 24
82.22.46.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.212.0/24 maxlen: 24
82.22.222.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.214.0/24 maxlen: 24
82.23.217.0/24 maxlen: 24
82.23.229.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.112.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
82.24.182.0/24 maxlen: 24
82.24.214.0/24 maxlen: 24
82.24.215.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.34.0/24 maxlen: 24
82.25.200.0/24 maxlen: 24
82.25.212.0/24 maxlen: 24
82.25.219.0/24 maxlen: 24
82.25.234.0/24 maxlen: 24
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.220.0/24 maxlen: 24
82.26.230.0/24 maxlen: 24
82.26.233.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.130.0/24 maxlen: 24
82.27.132.0/24 maxlen: 24
82.27.213.0/24 maxlen: 24
82.27.218.0/24 maxlen: 24
82.27.222.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.234.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.78.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.125.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.211.0/24 maxlen: 24
82.29.215.0/24 maxlen: 24
82.29.217.0/24 maxlen: 24
82.29.220.0/24 maxlen: 24
82.29.228.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
82.38.129.0/24 maxlen: 24
82.41.195.0/24 maxlen: 24
82.47.120.0/23 maxlen: 24
82.47.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 15:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:ba:00:72:05:aa:4d:3a:bc:86:cc:66:09:bb:d1:44:84:7f:01:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 11 12:15:50 2026 GMT
Not After : Jun 10 12:20:50 2027 GMT
Subject: CN=93C482457721835AA27841E49E673EA6B9C8E676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7d:60:5e:1d:bd:a0:b6:da:2c:0d:b9:c8:6b:
2e:20:2b:d8:b4:e4:4d:21:0f:c0:f8:fa:db:1b:d2:
7d:a6:44:a2:c0:a5:fc:79:54:ae:7d:21:c2:7e:2c:
ae:cb:5e:dc:f3:aa:b9:63:74:b2:bc:77:e8:a5:85:
e0:43:bb:f4:38:37:43:25:de:53:ba:43:11:4e:21:
8b:7e:38:ca:e9:14:f8:07:65:ee:a5:45:7a:fd:47:
5a:7b:f5:c8:2f:bb:75:f8:dd:f2:c7:38:bd:da:f6:
7a:92:23:9c:70:1f:fc:04:99:79:a8:91:f7:5f:b2:
0d:15:f1:e0:10:e3:5c:6f:86:75:1d:33:30:1e:d3:
38:b5:a1:07:a4:35:eb:71:7f:90:1c:1d:2b:95:13:
76:8a:9b:c9:6f:c3:f5:62:e1:31:ba:08:c2:28:db:
68:6e:4f:dc:c5:3e:6b:5f:d2:ba:89:93:11:00:5f:
f6:52:f0:ac:c2:2d:02:ee:d7:65:60:6f:3d:ac:03:
f8:24:43:ad:31:fb:31:d1:2e:a0:04:f3:5b:85:06:
09:03:f0:a9:85:d7:d8:fc:1d:58:2a:e5:f3:56:d8:
f5:44:b2:63:74:24:a5:fe:15:de:27:67:c8:f4:aa:
2d:aa:70:18:03:ca:f8:1b:34:31:dd:c2:b0:a3:8f:
2d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:C4:82:45:77:21:83:5A:A2:78:41:E4:9E:67:3E:A6:B9:C8:E6:76
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.2.0/24
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.200.0/23
82.21.211.0/24
82.21.237.0/24
82.21.243.0/24
82.22.27.0/24
82.22.34.0/24
82.22.46.0/24
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.212.0/24
82.22.222.0/24
82.22.243.0/24
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.145.0-82.23.146.255
82.23.214.0/24
82.23.217.0/24
82.23.229.0/24
82.23.233.0/24
82.23.243.0/24
82.23.253.0-82.23.255.255
82.24.34.0/24
82.24.46.0/24
82.24.112.0/24
82.24.175.0/24
82.24.182.0/24
82.24.214.0/23
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.34.0/24
82.25.200.0/24
82.25.212.0/24
82.25.219.0/24
82.25.234.0/24
82.25.243.0/24
82.25.253.0/24
82.26.220.0/24
82.26.230.0/24
82.26.233.0/24
82.26.237.0/24
82.26.253.0/24
82.27.130.0/24
82.27.132.0/24
82.27.213.0/24
82.27.218.0/24
82.27.222.0/24
82.27.225.0/24
82.27.234.0/24
82.27.238.0/24
82.27.253.0/24
82.29.78.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.125.0/24
82.29.202.0/24
82.29.211.0/24
82.29.215.0/24
82.29.217.0/24
82.29.220.0/24
82.29.228.0/24
82.29.233.0/24
82.29.242.0/23
82.38.129.0/24
82.41.195.0/24
82.47.120.0/23
82.47.140.0/22
Signature Algorithm: sha256WithRSAEncryption
43:df:82:6b:a5:63:7e:0e:8c:5d:0b:16:04:3d:37:c0:9f:38:
39:69:69:f3:29:75:73:56:cd:c2:1c:51:76:5b:fc:a8:1d:bd:
ad:76:1a:45:ae:f2:cd:96:f0:ec:71:e8:28:9e:e1:2e:ec:47:
ab:af:ca:6a:d2:ce:94:53:50:11:b8:fc:38:60:16:1b:b7:4c:
5a:94:34:f0:0f:16:84:c7:0b:f6:3a:b8:f5:67:84:3b:5c:23:
e9:27:b9:50:56:96:cc:f5:a0:f9:62:64:70:26:3d:1f:01:51:
da:d6:2b:73:da:be:1b:69:0d:62:8e:e1:7c:54:8c:2c:a0:c5:
9e:ac:97:37:1d:d6:fa:77:a3:97:54:e8:bb:75:45:6f:6e:82:
5c:82:f0:78:a1:c5:43:29:f2:99:d5:fe:2b:76:32:7e:75:db:
97:a8:d5:0b:4f:ad:df:cf:05:a5:9c:9d:b0:87:a9:81:e4:c3:
bf:50:ed:12:81:69:01:98:9e:d3:fe:87:01:e0:2e:54:c0:82:
d0:2e:b1:98:85:d4:ed:7f:d6:7b:69:be:7d:9b:fb:ff:e9:6b:
02:f9:18:b7:7f:b4:5b:40:e3:bb:ce:d0:64:49:df:57:73:48:
6d:60:d6:10:6f:bb:a8:da:9c:09:d5:a7:f4:00:4d:a0:ee:e1:
a0:d1:26:34
-----BEGIN CERTIFICATE-----
MIIHYzCCBkugAwIBAgIUWroAcgWqTTq8hsxmCbvRRIR/AWMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MTExMjE1NTBaFw0yNzA2MTAxMjIwNTBaMDMxMTAvBgNV
BAMTKDkzQzQ4MjQ1NzcyMTgzNUFBMjc4NDFFNDlFNjczRUE2QjlDOEU2NzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjfWBeHb2gttosDbnIay4gK9i0
5E0hD8D4+tsb0n2mRKLApfx5VK59IcJ+LK7LXtzzqrljdLK8d+ilheBDu/Q4N0Ml
3lO6QxFOIYt+OMrpFPgHZe6lRXr9R1p79cgvu3X43fLHOL3a9nqSI5xwH/wEmXmo
kfdfsg0V8eAQ41xvhnUdMzAe0zi1oQekNetxf5AcHSuVE3aKm8lvw/Vi4TG6CMIo
22huT9zFPmtf0rqJkxEAX/ZS8KzCLQLu12Vgbz2sA/gkQ60x+zHRLqAE81uFBgkD
8KmF19j8HVgq5fNW2PVEsmN0JKX+Fd4nZ8j0qi2qcBgDyvgbNDHdwrCjjy2vAgMB
AAGjggRtMIIEaTAdBgNVHQ4EFgQUk8SCRXchg1qieEHknmc+prnI5nYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIICgAYIKwYBBQUHAQcBAf8EggJvMIICazCCAmcEAgAB
MIICXwMEAFIVAgMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAME
AFIVhTAMAwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9
AwQAUhW/AwQAUhXBAwQBUhXIAwQAUhXTAwQAUhXtAwQAUhXzAwQAUhYbAwQAUhYi
AwQAUhYuAwQAUhZBAwQAUhZPAwQAUhZVAwQAUhZXAwQAUhaTAwQAUhbUAwQAUhbe
AwQAUhbzAwQAUhb9MAwDBABSFxEDBABSFxIwDAMEAFIXFQMEAFIXFjAMAwQAUhcl
AwQAUhcmMAwDBABSF3cDBABSF3oDBABSF34wDAMEAFIXkQMEAFIXkgMEAFIX1gME
AFIX2QMEAFIX5QMEAFIX6QMEAFIX8zALAwQAUhf9AwMDUhADBABSGCIDBABSGC4D
BABSGHADBABSGK8DBABSGLYDBAFSGNYDBABSGO8DBABSGPMDBABSGP0DBABSGSID
BABSGcgDBABSGdQDBABSGdsDBABSGeoDBABSGfMDBABSGf0DBABSGtwDBABSGuYD
BABSGukDBABSGu0DBABSGv0DBABSG4IDBABSG4QDBABSG9UDBABSG9oDBABSG94D
BABSG+EDBABSG+oDBABSG+4DBABSG/0DBABSHU4DBABSHVwDBABSHV4DBAFSHWAD
BAFSHWQDBABSHX0DBABSHcoDBABSHdMDBABSHdcDBABSHdkDBABSHdwDBABSHeQD
BABSHekDBAFSHfIDBABSJoEDBABSKcMDBAFSL3gDBAJSL4wwDQYJKoZIhvcNAQEL
BQADggEBAEPfgmulY34OjF0LFgQ9N8CfODlpafMpdXNWzcIcUXZb/Kgdva12GkWu
8s2W8Oxx6Cie4S7sR6uvymrSzpRTUBG4/DhgFhu3TFqUNPAPFoTHC/Y6uPVnhDtc
I+knuVBWlsz1oPliZHAmPR8BUdrWK3PavhtpDWKO4XxUjCygxZ6slzcd1vp3o5dU
6Lt1RW9uglyC8HihxUMp8pnV/it2Mn5125eo1QtPrd/PBaWcnbCHqYHkw79Q7RKB
aQGYntP+hwHgLlTAgtAusZiF1O1/1ntpvn2b+//pawL5GLd/tFtA47vO0GRJ31dz
SG1g1hBvu6janAnVp/QATaDu4aDRJjQ=
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:43:49 2026 by rpki-client