This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa File: AS212238.roa (raw, json) Hash identifier: kHbinmNPbB4Xw/3pJxbIIi7zI5gJDGykkGBAWJDZN4s= Subject key identifier: B3:7C:1C:48:C2:59:EC:25:06:51:42:38:E3:95:CB:D6:4C:7C:30:38 Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 5255332CAB55C7641B2AF64D0AA6B76F38363E75 Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa Signing time: Fri 05 Dec 2025 16:38:24 +0000 ROA not before: Fri 05 Dec 2025 16:33:24 +0000 ROA not after: Fri 04 Dec 2026 16:38:24 +0000 asID: 212238 IP address blocks: 82.21.2.0/24 maxlen: 24 82.21.56.0/24 maxlen: 24 82.21.59.0/24 maxlen: 24 82.21.68.0/24 maxlen: 24 82.21.70.0/24 maxlen: 24 82.21.87.0/24 maxlen: 24 82.21.108.0/24 maxlen: 24 82.21.133.0/24 maxlen: 24 82.21.141.0/24 maxlen: 24 82.21.142.0/24 maxlen: 24 82.21.151.0/24 maxlen: 24 82.21.158.0/24 maxlen: 24 82.21.159.0/24 maxlen: 24 82.21.168.0/24 maxlen: 24 82.21.175.0/24 maxlen: 24 82.21.189.0/24 maxlen: 24 82.21.191.0/24 maxlen: 24 82.21.193.0/24 maxlen: 24 82.21.211.0/24 maxlen: 24 82.21.243.0/24 maxlen: 24 82.22.65.0/24 maxlen: 24 82.22.79.0/24 maxlen: 24 82.22.85.0/24 maxlen: 24 82.22.87.0/24 maxlen: 24 82.22.147.0/24 maxlen: 24 82.22.212.0/24 maxlen: 24 82.22.222.0/24 maxlen: 24 82.22.243.0/24 maxlen: 24 82.22.253.0/24 maxlen: 24 82.23.17.0/24 maxlen: 24 82.23.18.0/24 maxlen: 24 82.23.21.0/24 maxlen: 24 82.23.22.0/24 maxlen: 24 82.23.37.0/24 maxlen: 24 82.23.38.0/24 maxlen: 24 82.23.119.0/24 maxlen: 24 82.23.120.0/24 maxlen: 24 82.23.121.0/24 maxlen: 24 82.23.122.0/24 maxlen: 24 82.23.126.0/24 maxlen: 24 82.23.145.0/24 maxlen: 24 82.23.146.0/24 maxlen: 24 82.23.217.0/24 maxlen: 24 82.23.229.0/24 maxlen: 24 82.23.233.0/24 maxlen: 24 82.23.243.0/24 maxlen: 24 82.23.253.0/24 maxlen: 24 82.23.254.0/24 maxlen: 24 82.23.255.0/24 maxlen: 24 82.24.34.0/24 maxlen: 24 82.24.46.0/24 maxlen: 24 82.24.112.0/24 maxlen: 24 82.24.126.0/24 maxlen: 24 82.24.182.0/24 maxlen: 24 82.24.215.0/24 maxlen: 24 82.24.239.0/24 maxlen: 24 82.24.243.0/24 maxlen: 24 82.24.253.0/24 maxlen: 24 82.25.34.0/24 maxlen: 24 82.25.212.0/24 maxlen: 24 82.25.219.0/24 maxlen: 24 82.25.243.0/24 maxlen: 24 82.25.253.0/24 maxlen: 24 82.26.237.0/24 maxlen: 24 82.26.253.0/24 maxlen: 24 82.27.130.0/24 maxlen: 24 82.27.213.0/24 maxlen: 24 82.27.222.0/24 maxlen: 24 82.27.225.0/24 maxlen: 24 82.27.234.0/24 maxlen: 24 82.27.238.0/24 maxlen: 24 82.27.253.0/24 maxlen: 24 82.29.92.0/24 maxlen: 24 82.29.94.0/24 maxlen: 24 82.29.96.0/24 maxlen: 24 82.29.97.0/24 maxlen: 24 82.29.100.0/24 maxlen: 24 82.29.101.0/24 maxlen: 24 82.29.125.0/24 maxlen: 24 82.29.202.0/24 maxlen: 24 82.29.215.0/24 maxlen: 24 82.29.217.0/24 maxlen: 24 82.29.228.0/24 maxlen: 24 82.29.233.0/24 maxlen: 24 82.29.242.0/24 maxlen: 24 82.29.243.0/24 maxlen: 24 82.38.129.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:55:33:2c:ab:55:c7:64:1b:2a:f6:4d:0a:a6:b7:6f:38:36:3e:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Dec 5 16:33:24 2025 GMT Not After : Dec 4 16:38:24 2026 GMT Subject: CN=B37C1C48C259EC2506514238E395CBD64C7C3038 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:f3:74:a2:84:1d:a0:3f:1f:70:0b:3a:fd:cd: 65:a7:cf:95:97:e5:fc:3b:08:cb:21:09:da:68:86: ae:87:b8:4e:08:8a:98:f3:f5:c9:e2:cb:f2:0a:5e: ae:3a:98:9d:f2:2f:e5:b9:ed:33:7f:70:7e:4c:25: 96:14:25:16:5d:27:52:fe:32:c1:c5:b0:5f:9c:8a: 04:a1:4d:8a:8c:d4:6f:8b:e4:f8:56:20:32:a7:2b: 54:93:ac:78:37:2e:7a:6b:37:dc:4a:08:cd:c9:1a: 0a:f8:f6:c2:5c:1d:b5:e9:1a:0e:52:f3:1c:79:fb: 6c:22:72:86:69:d0:ce:60:08:a0:c7:b2:80:ef:30: 0b:67:d4:00:3e:86:cb:9d:5b:5a:66:a4:8f:72:57: 35:a2:41:dc:9f:97:5c:69:5e:0c:c1:15:5e:6d:22: 5f:2f:0e:b7:8a:01:80:c3:39:c8:33:dc:a2:c9:a6: f5:70:bd:5f:43:8d:bd:63:30:9c:6f:ff:81:de:22: 20:7c:da:14:b9:3a:a7:2f:9f:5e:c6:88:f2:6c:80: f5:82:a7:30:cf:e0:57:54:6c:5f:ec:71:63:cd:bf: ec:47:f0:ed:ee:cb:e5:b8:95:fe:f3:5a:f3:a9:14: e1:08:e7:f9:be:2d:4f:2b:37:4b:83:25:7e:9e:5f: 4d:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:7C:1C:48:C2:59:EC:25:06:51:42:38:E3:95:CB:D6:4C:7C:30:38 X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.21.2.0/24 82.21.56.0/24 82.21.59.0/24 82.21.68.0/24 82.21.70.0/24 82.21.87.0/24 82.21.108.0/24 82.21.133.0/24 82.21.141.0-82.21.142.255 82.21.151.0/24 82.21.158.0/23 82.21.168.0/24 82.21.175.0/24 82.21.189.0/24 82.21.191.0/24 82.21.193.0/24 82.21.211.0/24 82.21.243.0/24 82.22.65.0/24 82.22.79.0/24 82.22.85.0/24 82.22.87.0/24 82.22.147.0/24 82.22.212.0/24 82.22.222.0/24 82.22.243.0/24 82.22.253.0/24 82.23.17.0-82.23.18.255 82.23.21.0-82.23.22.255 82.23.37.0-82.23.38.255 82.23.119.0-82.23.122.255 82.23.126.0/24 82.23.145.0-82.23.146.255 82.23.217.0/24 82.23.229.0/24 82.23.233.0/24 82.23.243.0/24 82.23.253.0-82.23.255.255 82.24.34.0/24 82.24.46.0/24 82.24.112.0/24 82.24.126.0/24 82.24.182.0/24 82.24.215.0/24 82.24.239.0/24 82.24.243.0/24 82.24.253.0/24 82.25.34.0/24 82.25.212.0/24 82.25.219.0/24 82.25.243.0/24 82.25.253.0/24 82.26.237.0/24 82.26.253.0/24 82.27.130.0/24 82.27.213.0/24 82.27.222.0/24 82.27.225.0/24 82.27.234.0/24 82.27.238.0/24 82.27.253.0/24 82.29.92.0/24 82.29.94.0/24 82.29.96.0/23 82.29.100.0/23 82.29.125.0/24 82.29.202.0/24 82.29.215.0/24 82.29.217.0/24 82.29.228.0/24 82.29.233.0/24 82.29.242.0/23 82.38.129.0/24 Signature Algorithm: sha256WithRSAEncryption 9f:d8:26:ae:12:f9:8f:d3:68:0c:01:d3:c8:d3:f7:68:53:db: 73:70:9a:8b:d8:18:b8:d6:d3:45:a8:3a:b7:bb:82:fc:ef:d2: bb:25:1e:e6:40:96:98:ce:53:a4:0f:4e:57:5e:cd:55:37:08: 00:f9:f6:ca:41:0f:6a:02:af:4a:17:d2:76:d3:3d:10:37:33: fe:15:9a:80:df:c2:81:70:38:57:26:ea:1a:e6:5b:74:f7:bd: 45:e2:97:d9:85:29:92:d8:e3:f4:d4:9f:0c:29:d7:2e:2d:e6: 10:16:13:62:3e:6d:b4:a6:b1:76:4d:6b:e5:2c:df:19:7c:73: 1c:f1:3d:4e:f0:31:6f:98:22:0f:c8:70:7a:c4:37:a4:d8:5f: 7a:d5:78:55:5e:5b:c2:b9:e7:2e:d4:6b:9b:ec:c2:4a:03:53: 0c:b2:a4:73:1c:7b:30:19:b5:54:89:59:93:a3:6e:29:92:ae: 9f:97:8c:21:77:22:b7:f9:ab:fb:42:28:41:cb:30:47:ca:ba: 2c:18:21:0d:06:5a:8b:06:ac:6b:0b:c2:68:30:3c:d9:3b:1c: e6:20:65:8a:41:bf:7b:25:1f:e9:f8:4d:04:d2:7a:a5:cb:1d: 85:f4:e8:55:df:b6:ae:d3:4c:df:1b:b7:d9:98:f1:6a:ed:13: 5d:bf:47:bc -----BEGIN CERTIFICATE----- MIIG8TCCBdmgAwIBAgIUUlUzLKtVx2QbKvZNCqa3bzg2PnUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNTEyMDUxNjMzMjRaFw0yNjEyMDQxNjM4MjRaMDMxMTAvBgNV BAMTKEIzN0MxQzQ4QzI1OUVDMjUwNjUxNDIzOEUzOTVDQkQ2NEM3QzMwMzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu83SihB2gPx9wCzr9zWWnz5WX 5fw7CMshCdpohq6HuE4Iipjz9cniy/IKXq46mJ3yL+W57TN/cH5MJZYUJRZdJ1L+ MsHFsF+cigShTYqM1G+L5PhWIDKnK1STrHg3LnprN9xKCM3JGgr49sJcHbXpGg5S 8xx5+2wicoZp0M5gCKDHsoDvMAtn1AA+hsudW1pmpI9yVzWiQdyfl1xpXgzBFV5t Il8vDreKAYDDOcgz3KLJpvVwvV9Djb1jMJxv/4HeIiB82hS5Oqcvn17GiPJsgPWC pzDP4FdUbF/scWPNv+xH8O3uy+W4lf7zWvOpFOEI5/m+LU8rN0uDJX6eX01/AgMB AAGjggP7MIID9zAdBgNVHQ4EFgQUs3wcSMJZ7CUGUUI445XL1kx8MDgwHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMIICDgYIKwYBBQUHAQcBAf8EggH9MIIB+TCCAfUEAgAB MIIB7QMEAFIVAgMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAME AFIVhTAMAwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9 AwQAUhW/AwQAUhXBAwQAUhXTAwQAUhXzAwQAUhZBAwQAUhZPAwQAUhZVAwQAUhZX AwQAUhaTAwQAUhbUAwQAUhbeAwQAUhbzAwQAUhb9MAwDBABSFxEDBABSFxIwDAME AFIXFQMEAFIXFjAMAwQAUhclAwQAUhcmMAwDBABSF3cDBABSF3oDBABSF34wDAME AFIXkQMEAFIXkgMEAFIX2QMEAFIX5QMEAFIX6QMEAFIX8zALAwQAUhf9AwMDUhAD BABSGCIDBABSGC4DBABSGHADBABSGH4DBABSGLYDBABSGNcDBABSGO8DBABSGPMD BABSGP0DBABSGSIDBABSGdQDBABSGdsDBABSGfMDBABSGf0DBABSGu0DBABSGv0D BABSG4IDBABSG9UDBABSG94DBABSG+EDBABSG+oDBABSG+4DBABSG/0DBABSHVwD BABSHV4DBAFSHWADBAFSHWQDBABSHX0DBABSHcoDBABSHdcDBABSHdkDBABSHeQD BABSHekDBAFSHfIDBABSJoEwDQYJKoZIhvcNAQELBQADggEBAJ/YJq4S+Y/TaAwB 08jT92hT23NwmovYGLjW00WoOre7gvzv0rslHuZAlpjOU6QPTldezVU3CAD59spB D2oCr0oX0nbTPRA3M/4VmoDfwoFwOFcm6hrmW3T3vUXil9mFKZLY4/TUnwwp1y4t 5hAWE2I+bbSmsXZNa+Us3xl8cxzxPU7wMW+YIg/IcHrEN6TYX3rVeFVeW8K55y7U a5vswkoDUwyypHMcezAZtVSJWZOjbimSrp+XjCF3Irf5q/tCKEHLMEfKuiwYIQ0G WosGrGsLwmgwPNk7HOYgZYpBv3slH+n4TQTSeqXLHYX06FXftq7TTN8bt9mY8Wrt E12/R7w= -----END CERTIFICATE-----Generated at Sat Dec 6 14:41:31 2025 by rpki-client