Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: bdtfG4f6az+/SwODLEWItbKkKX5PNxproq5o4trbaCM=
Subject key identifier: 01:12:CF:50:31:02:01:06:91:30:D6:0D:A5:21:B4:6A:F6:4E:E7:5D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2A0C3D77B2680FF4A2F5F92C027E250B521ED28B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Sun 22 Jun 2025 05:10:59 +0000
ROA not before: Sun 22 Jun 2025 05:05:59 +0000
ROA not after: Sun 21 Jun 2026 05:10:59 +0000
asID: 212238
IP address blocks: 82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.242.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.242.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.170.0/23 maxlen: 23
82.23.229.0/24 maxlen: 24
82.23.232.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.126.0/24 maxlen: 24
82.24.144.0/23 maxlen: 23
82.24.182.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.34.0/24 maxlen: 24
82.25.42.0/23 maxlen: 23
82.25.44.0/23 maxlen: 23
82.25.46.0/23 maxlen: 23
82.25.142.0/23 maxlen: 23
82.25.190.0/24 maxlen: 24
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.157.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.243.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.11.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.243.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:0c:3d:77:b2:68:0f:f4:a2:f5:f9:2c:02:7e:25:0b:52:1e:d2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 22 05:05:59 2025 GMT
Not After : Jun 21 05:10:59 2026 GMT
Subject: CN=0112CF50310201069130D60DA521B46AF64EE75D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:17:e8:a3:ae:57:32:4b:3e:53:de:c8:75:21:
e2:b1:78:00:4b:56:81:73:44:7b:21:04:e1:e1:88:
54:4d:ba:6d:d6:75:98:84:ad:90:7a:8b:20:94:de:
78:b5:16:67:d3:0a:47:91:36:3b:52:e1:db:fc:08:
c2:bf:71:aa:8d:d7:79:75:e6:ac:c2:65:9a:39:45:
50:a4:99:b6:b4:1d:b7:af:6c:42:d5:8f:07:34:10:
c1:be:bf:b2:29:d8:61:f8:7d:0f:91:30:cd:e8:14:
b2:ff:32:29:b1:c8:4a:aa:61:f5:9c:8b:f3:fc:75:
b6:21:b9:69:1e:85:8f:c7:89:68:ed:6c:14:92:9b:
73:da:fc:78:4f:cb:99:35:1a:53:53:e6:73:6b:71:
2b:ce:11:f4:0f:fc:89:dc:4d:1a:8b:89:14:c1:83:
a8:ef:32:cc:95:cd:5d:9c:f5:e6:e8:b8:2d:84:2f:
01:b4:58:8d:82:dd:e3:f0:d3:17:b8:48:14:b7:2d:
be:25:70:47:99:d4:31:f1:24:0c:cd:50:eb:33:57:
9a:f7:16:5f:d1:df:ed:27:6e:67:a9:eb:00:40:e8:
62:4a:41:e1:9b:05:30:28:6f:5c:eb:a6:95:ac:05:
0d:b9:f2:e0:7e:71:a0:9b:24:a9:af:26:40:0d:71:
4f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:12:CF:50:31:02:01:06:91:30:D6:0D:A5:21:B4:6A:F6:4E:E7:5D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.242.0/23
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.242.0/23
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.145.0-82.23.146.255
82.23.170.0/23
82.23.229.0/24
82.23.232.0/23
82.23.243.0/24
82.23.253.0-82.23.255.255
82.24.34.0/24
82.24.46.0/24
82.24.126.0/24
82.24.144.0/23
82.24.182.0/24
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.34.0/24
82.25.42.0-82.25.47.255
82.25.142.0/23
82.25.190.0/24
82.25.243.0/24
82.25.253.0/24
82.26.157.0/24
82.26.237.0/24
82.26.243.0/24
82.26.253.0/24
82.27.11.0/24
82.27.225.0/24
82.27.238.0/24
82.27.243.0/24
82.27.253.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.202.0/24
82.29.233.0/24
82.29.242.0/23
Signature Algorithm: sha256WithRSAEncryption
34:eb:ed:91:33:ae:b8:0d:d5:27:22:c1:5a:50:b5:ab:36:47:
74:63:1d:12:fa:4a:0b:f6:db:9a:86:df:b4:7d:10:b0:af:04:
bf:63:34:8d:a5:c5:ab:4e:32:4b:ac:b8:bc:0b:e6:22:03:35:
35:a0:85:12:11:fc:37:71:ba:74:7a:a1:ac:0a:71:a3:d7:4c:
c8:e1:d8:f6:87:27:85:40:cc:9e:7e:d5:25:e8:69:fc:ab:cd:
a5:e5:bc:24:e5:f4:49:c6:37:76:46:23:e2:bb:25:76:4b:f4:
57:f5:8a:d9:e0:fb:ab:d5:7f:e1:55:ca:da:09:f7:cb:13:02:
9a:93:c7:2f:b8:93:50:7f:25:29:2f:3e:d1:01:7b:ff:40:40:
a4:aa:a5:f1:b0:d7:fc:4b:59:71:b9:2f:69:b5:b8:95:c9:17:
17:1c:7c:99:c2:df:64:f5:2c:ff:42:76:83:dc:cd:c2:7a:26:
63:1c:a4:be:a2:12:37:f3:b3:26:29:b0:96:7b:d9:44:b0:b6:
e2:d7:99:ce:c2:8f:81:f8:d8:65:8b:5a:81:f0:ae:22:24:c4:
a3:d9:04:9b:ea:ae:4a:a1:9b:51:a0:03:0d:38:56:c0:57:ed:
1c:b7:4a:8e:2b:24:de:b2:3a:9c:c5:16:77:77:42:1c:0a:66:
83:a7:aa:af
-----BEGIN CERTIFICATE-----
MIIGwzCCBaugAwIBAgIUKgw9d7JoD/Si9fksAn4lC1Ie0oswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MjIwNTA1NTlaFw0yNjA2MjEwNTEwNTlaMDMxMTAvBgNV
BAMTKDAxMTJDRjUwMzEwMjAxMDY5MTMwRDYwREE1MjFCNDZBRjY0RUU3NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCF+ijrlcySz5T3sh1IeKxeABL
VoFzRHshBOHhiFRNum3WdZiErZB6iyCU3ni1FmfTCkeRNjtS4dv8CMK/caqN13l1
5qzCZZo5RVCkmba0HbevbELVjwc0EMG+v7Ip2GH4fQ+RMM3oFLL/MimxyEqqYfWc
i/P8dbYhuWkehY/HiWjtbBSSm3Pa/HhPy5k1GlNT5nNrcSvOEfQP/IncTRqLiRTB
g6jvMsyVzV2c9ebouC2ELwG0WI2C3ePw0xe4SBS3Lb4lcEeZ1DHxJAzNUOszV5r3
Fl/R3+0nbmep6wBA6GJKQeGbBTAob1zrppWsBQ258uB+caCbJKmvJkANcU8bAgMB
AAGjggPNMIIDyTAdBgNVHQ4EFgQUARLPUDECAQaRMNYNpSG0avZO510wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIB4AYIKwYBBQUHAQcBAf8EggHPMIIByzCCAccEAgAB
MIIBvwMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAMEAFIVhTAM
AwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9AwQAUhW/
AwQAUhXBAwQBUhXyAwQAUhZBAwQAUhZPAwQAUhZVAwQAUhZXAwQAUhaTAwQBUhby
AwQAUhb9MAwDBABSFxEDBABSFxIwDAMEAFIXFQMEAFIXFjAMAwQAUhclAwQAUhcm
MAwDBABSF3cDBABSF3oDBABSF34wDAMEAFIXkQMEAFIXkgMEAVIXqgMEAFIX5QME
AVIX6AMEAFIX8zALAwQAUhf9AwMDUhADBABSGCIDBABSGC4DBABSGH4DBAFSGJAD
BABSGLYDBABSGO8DBABSGPMDBABSGP0DBABSGSIwDAMEAVIZKgMEBFIZIAMEAVIZ
jgMEAFIZvgMEAFIZ8wMEAFIZ/QMEAFIanQMEAFIa7QMEAFIa8wMEAFIa/QMEAFIb
CwMEAFIb4QMEAFIb7gMEAFIb8wMEAFIb/QMEAFIdXAMEAFIdXgMEAVIdYAMEAVId
ZAMEAFIdygMEAFId6QMEAVId8jANBgkqhkiG9w0BAQsFAAOCAQEANOvtkTOuuA3V
JyLBWlC1qzZHdGMdEvpKC/bbmobftH0QsK8Ev2M0jaXFq04yS6y4vAvmIgM1NaCF
EhH8N3G6dHqhrApxo9dMyOHY9ocnhUDMnn7VJehp/KvNpeW8JOX0ScY3dkYj4rsl
dkv0V/WK2eD7q9V/4VXK2gn3yxMCmpPHL7iTUH8lKS8+0QF7/0BApKql8bDX/EtZ
cbkvabW4lckXFxx8mcLfZPUs/0J2g9zNwnomYxykvqISN/OzJimwlnvZRLC24teZ
zsKPgfjYZYtagfCuIiTEo9kEm+quSqGbUaADDThWwFftHLdKjisk3rI6nMUWd3dC
HApmg6eqrw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:51:58 2025 by rpki-client