Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: DiM+lSfKWVXGSkNzO4tOc56Soieqt1uZ2CNgeHpUChQ=
Subject key identifier: 8A:19:72:6F:1E:2A:A0:AE:BA:01:C9:55:47:48:9F:58:89:B5:BE:5D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5D959275C954CDA43BACE917D48274F21E61CB8A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Fri 03 Apr 2026 12:32:36 +0000
ROA not before: Fri 03 Apr 2026 12:27:36 +0000
ROA not after: Fri 02 Apr 2027 12:32:36 +0000
asID: 212238
IP address blocks: 82.21.2.0/24 maxlen: 24
82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.211.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.27.0/24 maxlen: 24
82.22.34.0/24 maxlen: 24
82.22.46.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.212.0/24 maxlen: 24
82.22.222.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.217.0/24 maxlen: 24
82.23.229.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.112.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
82.24.182.0/24 maxlen: 24
82.24.215.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.34.0/24 maxlen: 24
82.25.212.0/24 maxlen: 24
82.25.219.0/24 maxlen: 24
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.130.0/24 maxlen: 24
82.27.132.0/24 maxlen: 24
82.27.213.0/24 maxlen: 24
82.27.222.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.234.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.78.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.125.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.215.0/24 maxlen: 24
82.29.217.0/24 maxlen: 24
82.29.228.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
82.38.129.0/24 maxlen: 24
82.41.195.0/24 maxlen: 24
82.47.192.0/20 maxlen: 24
178.83.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:95:92:75:c9:54:cd:a4:3b:ac:e9:17:d4:82:74:f2:1e:61:cb:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 3 12:27:36 2026 GMT
Not After : Apr 2 12:32:36 2027 GMT
Subject: CN=8A19726F1E2AA0AEBA01C95547489F5889B5BE5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:30:10:7e:07:b2:fc:84:cb:d0:2d:af:98:fa:
57:90:a3:72:2c:2f:22:b4:c5:4e:07:89:cc:5a:c4:
61:c2:66:14:0c:b1:9b:c0:7e:8f:48:48:d9:f4:71:
47:8b:5d:1b:fb:4b:c6:fe:f5:cc:e8:53:51:01:fa:
cb:b9:13:1f:7c:15:28:05:a8:69:81:9a:90:53:14:
66:fa:76:90:22:3e:48:6e:57:05:38:b4:ec:7b:9e:
cd:b7:a2:18:3d:b6:a6:2e:44:4c:48:01:85:22:ed:
aa:6c:08:9f:97:16:24:b3:c2:89:30:67:f0:04:b6:
2c:10:72:10:31:98:4d:7a:58:73:e2:0d:c9:e2:e2:
84:0c:a1:1e:86:1d:24:aa:76:43:af:57:aa:33:26:
7e:7f:30:23:49:27:bd:53:fb:e7:3f:2c:7c:c9:71:
db:2f:24:b3:cb:1b:8c:2a:55:83:c7:b1:95:a5:d0:
ee:30:84:8a:32:9a:98:e6:32:f3:e9:bb:60:06:dc:
80:00:38:e7:13:18:d0:ab:86:cc:39:99:ad:b3:2a:
81:cd:72:9e:99:bc:ec:62:ef:af:79:46:80:96:21:
00:02:eb:a8:f4:0a:b8:89:00:48:26:47:43:6a:21:
9d:78:78:52:3a:12:58:53:48:d6:c0:0c:a4:50:dd:
d1:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:19:72:6F:1E:2A:A0:AE:BA:01:C9:55:47:48:9F:58:89:B5:BE:5D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.2.0/24
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.211.0/24
82.21.243.0/24
82.22.27.0/24
82.22.34.0/24
82.22.46.0/24
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.212.0/24
82.22.222.0/24
82.22.243.0/24
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.145.0-82.23.146.255
82.23.217.0/24
82.23.229.0/24
82.23.233.0/24
82.23.243.0/24
82.23.253.0-82.23.255.255
82.24.34.0/24
82.24.46.0/24
82.24.112.0/24
82.24.175.0/24
82.24.182.0/24
82.24.215.0/24
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.34.0/24
82.25.212.0/24
82.25.219.0/24
82.25.243.0/24
82.25.253.0/24
82.26.237.0/24
82.26.253.0/24
82.27.130.0/24
82.27.132.0/24
82.27.213.0/24
82.27.222.0/24
82.27.225.0/24
82.27.234.0/24
82.27.238.0/24
82.27.253.0/24
82.29.78.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.125.0/24
82.29.202.0/24
82.29.215.0/24
82.29.217.0/24
82.29.228.0/24
82.29.233.0/24
82.29.242.0/23
82.38.129.0/24
82.41.195.0/24
82.47.192.0/20
178.83.200.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:b9:11:49:35:33:da:41:b9:11:68:b4:05:e6:9c:76:d0:91:
3e:92:d1:f3:91:22:36:3b:40:1e:90:68:72:39:55:11:da:a4:
12:02:4e:23:d7:5b:e8:d2:d7:b7:90:88:0e:aa:23:60:ef:be:
b1:c2:1d:91:ab:d1:bb:94:57:48:0b:e9:44:fa:e0:89:f6:d6:
94:3d:aa:2d:b6:6c:b1:43:ba:31:51:16:61:5d:b9:32:10:21:
83:d7:f2:4f:d6:ee:a5:65:5a:20:f4:4d:a2:3a:03:c0:f0:4f:
2a:d8:14:f0:9a:a5:77:48:1e:30:69:70:3c:9f:fe:e3:ee:ff:
d5:24:3f:18:24:f2:1b:92:63:5c:43:8e:a4:e0:33:e9:bb:83:
5d:70:bc:c4:e7:58:be:50:32:6b:d4:c8:20:a6:2f:c0:8a:d1:
1b:2b:0d:28:b8:c8:62:ee:08:7f:5c:ae:1e:f5:79:b1:3c:4c:
36:bb:9a:cf:1c:6e:d8:7f:b8:c4:87:d6:61:be:15:b7:55:47:
a7:37:a0:ec:6e:8e:a6:c3:c9:81:a1:58:85:4b:9e:78:0e:9c:
5a:9b:7e:16:9e:91:71:2d:5f:b5:22:d6:e6:e3:e3:ef:f4:bc:
56:82:d9:09:4a:c1:5d:6d:b6:d2:f2:e2:7c:65:c3:31:86:b2:
fe:8a:21:18
-----BEGIN CERTIFICATE-----
MIIHITCCBgmgAwIBAgIUXZWSdclUzaQ7rOkX1IJ08h5hy4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDMxMjI3MzZaFw0yNzA0MDIxMjMyMzZaMDMxMTAvBgNV
BAMTKDhBMTk3MjZGMUUyQUEwQUVCQTAxQzk1NTQ3NDg5RjU4ODlCNUJFNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuMBB+B7L8hMvQLa+Y+leQo3Is
LyK0xU4HicxaxGHCZhQMsZvAfo9ISNn0cUeLXRv7S8b+9czoU1EB+su5Ex98FSgF
qGmBmpBTFGb6dpAiPkhuVwU4tOx7ns23ohg9tqYuRExIAYUi7apsCJ+XFiSzwokw
Z/AEtiwQchAxmE16WHPiDcni4oQMoR6GHSSqdkOvV6ozJn5/MCNJJ71T++c/LHzJ
cdsvJLPLG4wqVYPHsZWl0O4whIoympjmMvPpu2AG3IAAOOcTGNCrhsw5ma2zKoHN
cp6ZvOxi7695RoCWIQAC66j0CriJAEgmR0NqIZ14eFI6ElhTSNbADKRQ3dHtAgMB
AAGjggQrMIIEJzAdBgNVHQ4EFgQUihlybx4qoK66AclVR0ifWIm1vl0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIICPgYIKwYBBQUHAQcBAf8EggItMIICKTCCAiUEAgAB
MIICHQMEAFIVAgMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAME
AFIVhTAMAwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9
AwQAUhW/AwQAUhXBAwQAUhXTAwQAUhXzAwQAUhYbAwQAUhYiAwQAUhYuAwQAUhZB
AwQAUhZPAwQAUhZVAwQAUhZXAwQAUhaTAwQAUhbUAwQAUhbeAwQAUhbzAwQAUhb9
MAwDBABSFxEDBABSFxIwDAMEAFIXFQMEAFIXFjAMAwQAUhclAwQAUhcmMAwDBABS
F3cDBABSF3oDBABSF34wDAMEAFIXkQMEAFIXkgMEAFIX2QMEAFIX5QMEAFIX6QME
AFIX8zALAwQAUhf9AwMDUhADBABSGCIDBABSGC4DBABSGHADBABSGK8DBABSGLYD
BABSGNcDBABSGO8DBABSGPMDBABSGP0DBABSGSIDBABSGdQDBABSGdsDBABSGfMD
BABSGf0DBABSGu0DBABSGv0DBABSG4IDBABSG4QDBABSG9UDBABSG94DBABSG+ED
BABSG+oDBABSG+4DBABSG/0DBABSHU4DBABSHVwDBABSHV4DBAFSHWADBAFSHWQD
BABSHX0DBABSHcoDBABSHdcDBABSHdkDBABSHeQDBABSHekDBAFSHfIDBABSJoED
BABSKcMDBARSL8ADBACyU8gwDQYJKoZIhvcNAQELBQADggEBAFu5EUk1M9pBuRFo
tAXmnHbQkT6S0fORIjY7QB6QaHI5VRHapBICTiPXW+jS17eQiA6qI2DvvrHCHZGr
0buUV0gL6UT64In21pQ9qi22bLFDujFRFmFduTIQIYPX8k/W7qVlWiD0TaI6A8Dw
TyrYFPCapXdIHjBpcDyf/uPu/9UkPxgk8huSY1xDjqTgM+m7g11wvMTnWL5QMmvU
yCCmL8CK0RsrDSi4yGLuCH9crh71ebE8TDa7ms8cbth/uMSH1mG+FbdVR6c3oOxu
jqbDyYGhWIVLnngOnFqbfhaekXEtX7Ui1ubj4+/0vFaC2QlKwV1tttLy4nxlwzGG
sv6KIRg=
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:58:46 2026 by rpki-client