Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: tjih4+LMOUYWhiWzrltTU+5OBGkTo+CdHB46FkqAH3I=
Subject key identifier: 98:A1:07:7B:0C:44:A9:1F:9A:80:B5:BC:EC:1D:8C:D1:03:D4:DD:16
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 71E6AF3E18B3D14B1D1174A10F17D141B7C7BBE4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Fri 06 Mar 2026 14:55:33 +0000
ROA not before: Fri 06 Mar 2026 14:50:33 +0000
ROA not after: Fri 05 Mar 2027 14:55:33 +0000
asID: 212238
IP address blocks: 82.21.2.0/24 maxlen: 24
82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.211.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.27.0/24 maxlen: 24
82.22.34.0/24 maxlen: 24
82.22.46.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.212.0/24 maxlen: 24
82.22.222.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.217.0/24 maxlen: 24
82.23.229.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.112.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
82.24.182.0/24 maxlen: 24
82.24.215.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.34.0/24 maxlen: 24
82.25.212.0/24 maxlen: 24
82.25.219.0/24 maxlen: 24
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.130.0/24 maxlen: 24
82.27.132.0/24 maxlen: 24
82.27.213.0/24 maxlen: 24
82.27.222.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.234.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.78.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.125.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.215.0/24 maxlen: 24
82.29.217.0/24 maxlen: 24
82.29.228.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
82.38.129.0/24 maxlen: 24
178.83.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:e6:af:3e:18:b3:d1:4b:1d:11:74:a1:0f:17:d1:41:b7:c7:bb:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 6 14:50:33 2026 GMT
Not After : Mar 5 14:55:33 2027 GMT
Subject: CN=98A1077B0C44A91F9A80B5BCEC1D8CD103D4DD16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d4:61:eb:e5:14:b6:2c:3d:8e:d6:c2:da:9f:
10:f5:bd:55:f7:5d:f7:44:17:d0:c4:84:a0:8a:60:
cb:ed:c5:9e:e6:61:9b:e1:cf:e4:94:68:96:3e:35:
fa:29:54:f7:65:93:cd:f9:ce:76:a4:b8:b3:5b:0a:
98:2d:b9:0d:93:6c:6b:39:3a:ee:16:52:6e:b9:c5:
88:1c:fe:8d:41:e6:22:51:6e:9c:46:d9:a4:de:21:
9c:4b:d9:11:6f:d2:ea:a2:5b:0f:19:89:94:6a:7e:
31:46:91:b8:96:74:b3:fe:a4:e6:ee:01:76:f2:72:
e9:3a:2a:30:94:4f:de:9c:b1:97:93:6e:f9:42:75:
1a:3b:1d:a8:d3:a4:a8:69:cf:be:ac:92:50:cb:57:
45:77:1c:28:3b:8b:7e:f8:f2:3d:6b:86:3c:35:f1:
5c:7e:2b:bb:88:1e:ae:4e:fe:d6:98:a6:39:dd:27:
4c:50:ec:4c:b0:bc:45:32:da:99:a1:55:63:8b:85:
f2:59:ea:9e:51:32:e5:e3:3b:76:75:95:5f:90:6b:
f3:6e:5a:87:1d:ba:95:18:6b:3e:80:9a:83:7f:5a:
ea:52:4b:7b:0a:d1:f0:9c:f1:75:6e:94:de:3b:d1:
71:ee:29:39:92:c3:2a:66:a5:d4:2a:ca:88:ce:6b:
c3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A1:07:7B:0C:44:A9:1F:9A:80:B5:BC:EC:1D:8C:D1:03:D4:DD:16
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.2.0/24
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.211.0/24
82.21.243.0/24
82.22.27.0/24
82.22.34.0/24
82.22.46.0/24
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.212.0/24
82.22.222.0/24
82.22.243.0/24
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.145.0-82.23.146.255
82.23.217.0/24
82.23.229.0/24
82.23.233.0/24
82.23.243.0/24
82.23.253.0-82.23.255.255
82.24.34.0/24
82.24.46.0/24
82.24.112.0/24
82.24.175.0/24
82.24.182.0/24
82.24.215.0/24
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.34.0/24
82.25.212.0/24
82.25.219.0/24
82.25.243.0/24
82.25.253.0/24
82.26.237.0/24
82.26.253.0/24
82.27.130.0/24
82.27.132.0/24
82.27.213.0/24
82.27.222.0/24
82.27.225.0/24
82.27.234.0/24
82.27.238.0/24
82.27.253.0/24
82.29.78.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.125.0/24
82.29.202.0/24
82.29.215.0/24
82.29.217.0/24
82.29.228.0/24
82.29.233.0/24
82.29.242.0/23
82.38.129.0/24
178.83.200.0/24
Signature Algorithm: sha256WithRSAEncryption
73:d0:18:cd:02:b1:38:d3:60:d4:2f:e2:35:91:13:ce:13:b0:
14:54:00:a1:f4:48:19:24:4f:06:04:ce:33:18:14:4e:b0:06:
80:c5:c8:c1:7f:a7:f9:40:52:a2:99:53:39:03:a1:93:8f:dc:
5e:9c:cc:21:85:0c:9e:4a:59:0f:cc:20:29:c9:9c:1c:1f:09:
d9:c1:17:24:7c:0f:9a:75:9d:11:ff:cc:52:86:ea:57:c0:82:
09:c1:fe:bf:82:8b:fb:ac:46:fc:b4:9d:4e:e7:d3:87:f4:77:
34:9b:ec:52:07:40:da:e6:55:b4:e1:1d:d6:b9:da:a5:d8:06:
2d:d4:8f:fe:77:f0:3b:07:8f:54:01:ac:45:20:2a:42:5a:81:
5a:66:8e:f3:75:f1:4c:e5:0d:00:aa:b0:ec:a7:a6:f5:01:5d:
c0:b6:4f:a9:f1:20:37:ca:0d:c6:42:d1:ba:60:bb:8b:6a:ed:
e5:be:89:e3:b2:79:25:69:64:36:89:53:4c:38:18:cd:8c:8d:
e4:57:1a:ec:52:c5:65:c4:81:b7:69:f7:6c:e5:39:43:cf:1c:
24:54:34:c7:37:7f:7f:ba:2a:54:b2:d3:74:8a:d3:60:38:eb:
a9:42:30:25:88:02:1e:ba:3a:df:e5:16:a5:85:a2:a5:12:f5:
fa:81:d0:95
-----BEGIN CERTIFICATE-----
MIIHFTCCBf2gAwIBAgIUceavPhiz0UsdEXShDxfRQbfHu+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDYxNDUwMzNaFw0yNzAzMDUxNDU1MzNaMDMxMTAvBgNV
BAMTKDk4QTEwNzdCMEM0NEE5MUY5QTgwQjVCQ0VDMUQ4Q0QxMDNENEREMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM1GHr5RS2LD2O1sLanxD1vVX3
XfdEF9DEhKCKYMvtxZ7mYZvhz+SUaJY+NfopVPdlk835znakuLNbCpgtuQ2TbGs5
Ou4WUm65xYgc/o1B5iJRbpxG2aTeIZxL2RFv0uqiWw8ZiZRqfjFGkbiWdLP+pObu
AXbycuk6KjCUT96csZeTbvlCdRo7HajTpKhpz76sklDLV0V3HCg7i3748j1rhjw1
8Vx+K7uIHq5O/taYpjndJ0xQ7EywvEUy2pmhVWOLhfJZ6p5RMuXjO3Z1lV+Qa/Nu
WocdupUYaz6AmoN/WupSS3sK0fCc8XVulN470XHuKTmSwypmpdQqyojOa8N7AgMB
AAGjggQfMIIEGzAdBgNVHQ4EFgQUmKEHewxEqR+agLW87B2M0QPU3RYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIICMgYIKwYBBQUHAQcBAf8EggIhMIICHTCCAhkEAgAB
MIICEQMEAFIVAgMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAME
AFIVhTAMAwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9
AwQAUhW/AwQAUhXBAwQAUhXTAwQAUhXzAwQAUhYbAwQAUhYiAwQAUhYuAwQAUhZB
AwQAUhZPAwQAUhZVAwQAUhZXAwQAUhaTAwQAUhbUAwQAUhbeAwQAUhbzAwQAUhb9
MAwDBABSFxEDBABSFxIwDAMEAFIXFQMEAFIXFjAMAwQAUhclAwQAUhcmMAwDBABS
F3cDBABSF3oDBABSF34wDAMEAFIXkQMEAFIXkgMEAFIX2QMEAFIX5QMEAFIX6QME
AFIX8zALAwQAUhf9AwMDUhADBABSGCIDBABSGC4DBABSGHADBABSGK8DBABSGLYD
BABSGNcDBABSGO8DBABSGPMDBABSGP0DBABSGSIDBABSGdQDBABSGdsDBABSGfMD
BABSGf0DBABSGu0DBABSGv0DBABSG4IDBABSG4QDBABSG9UDBABSG94DBABSG+ED
BABSG+oDBABSG+4DBABSG/0DBABSHU4DBABSHVwDBABSHV4DBAFSHWADBAFSHWQD
BABSHX0DBABSHcoDBABSHdcDBABSHdkDBABSHeQDBABSHekDBAFSHfIDBABSJoED
BACyU8gwDQYJKoZIhvcNAQELBQADggEBAHPQGM0CsTjTYNQv4jWRE84TsBRUAKH0
SBkkTwYEzjMYFE6wBoDFyMF/p/lAUqKZUzkDoZOP3F6czCGFDJ5KWQ/MICnJnBwf
CdnBFyR8D5p1nRH/zFKG6lfAggnB/r+Ci/usRvy0nU7n04f0dzSb7FIHQNrmVbTh
Hda52qXYBi3Uj/538DsHj1QBrEUgKkJagVpmjvN18UzlDQCqsOynpvUBXcC2T6nx
IDfKDcZC0bpgu4tq7eW+ieOyeSVpZDaJU0w4GM2MjeRXGuxSxWXEgbdp92zlOUPP
HCRUNMc3f3+6KlSy03SK02A466lCMCWIAh66Ot/lFqWFoqUS9fqB0JU=
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:29:12 2026 by rpki-client