Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: HDQ0VX6wx7S6nxPZMxVzLexlCOLBa34EYOYoN8NAnZs=
Subject key identifier: ED:0F:80:00:AF:B8:3F:15:CA:18:B8:BD:8F:51:A2:23:5B:00:87:9A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 253EFACB7EAE254350E5983A837E49F62150FD9F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Tue 12 May 2026 16:06:30 +0000
ROA not before: Tue 12 May 2026 16:01:30 +0000
ROA not after: Tue 11 May 2027 16:06:30 +0000
asID: 212238
IP address blocks: 82.21.2.0/24 maxlen: 24
82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.200.0/23 maxlen: 24
82.21.211.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.27.0/24 maxlen: 24
82.22.34.0/24 maxlen: 24
82.22.46.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.212.0/24 maxlen: 24
82.22.222.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.217.0/24 maxlen: 24
82.23.229.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.112.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
82.24.182.0/24 maxlen: 24
82.24.215.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.34.0/24 maxlen: 24
82.25.212.0/24 maxlen: 24
82.25.219.0/24 maxlen: 24
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.130.0/24 maxlen: 24
82.27.132.0/24 maxlen: 24
82.27.213.0/24 maxlen: 24
82.27.222.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.234.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.78.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.125.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.215.0/24 maxlen: 24
82.29.217.0/24 maxlen: 24
82.29.228.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
82.38.129.0/24 maxlen: 24
82.41.195.0/24 maxlen: 24
82.47.120.0/23 maxlen: 24
82.47.140.0/22 maxlen: 24
82.47.192.0/20 maxlen: 24
178.83.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:3e:fa:cb:7e:ae:25:43:50:e5:98:3a:83:7e:49:f6:21:50:fd:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 12 16:01:30 2026 GMT
Not After : May 11 16:06:30 2027 GMT
Subject: CN=ED0F8000AFB83F15CA18B8BD8F51A2235B00879A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:60:41:d3:3b:1b:8c:ea:3e:63:b9:8d:cf:20:
ee:01:1d:af:3a:0c:4e:da:dc:7e:9c:0c:d9:48:9b:
04:33:f6:55:0f:f4:76:67:a5:58:ff:16:9e:8c:11:
fe:0d:a4:17:d4:c3:2c:c1:d8:19:a3:29:32:b5:72:
e6:d0:b3:25:a5:4b:f5:b6:56:07:c8:88:e8:83:1c:
36:a1:2f:26:3d:7c:e4:b8:4d:2c:01:f1:2a:1d:7a:
e4:f2:b0:bb:44:8b:3a:8c:79:02:fd:ff:b2:3d:53:
37:11:4a:e6:a5:27:06:5a:41:74:6d:eb:d4:6a:dc:
c3:1a:43:5f:f9:2c:b2:54:85:0b:8d:9a:ae:0f:a8:
44:44:9e:a7:de:57:71:a0:14:e6:12:e1:ba:b8:2f:
21:27:9d:0e:16:cd:af:f2:0b:46:1b:6f:1f:78:7e:
c6:1a:ae:0c:71:99:1d:1f:7f:65:70:48:57:9b:07:
8a:3c:a1:ad:72:63:07:91:45:e9:ec:0f:36:3e:1b:
18:a6:95:77:ea:e1:2a:2c:2a:d6:8a:e4:79:dd:9b:
50:3c:61:98:6b:e8:c2:92:37:97:8b:7e:13:58:31:
03:d1:ec:1a:70:25:fa:fe:d1:e5:5b:af:18:75:7f:
33:29:b4:95:00:2b:d6:90:73:0c:8d:21:09:50:d0:
48:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:0F:80:00:AF:B8:3F:15:CA:18:B8:BD:8F:51:A2:23:5B:00:87:9A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.2.0/24
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.200.0/23
82.21.211.0/24
82.21.243.0/24
82.22.27.0/24
82.22.34.0/24
82.22.46.0/24
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.212.0/24
82.22.222.0/24
82.22.243.0/24
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.145.0-82.23.146.255
82.23.217.0/24
82.23.229.0/24
82.23.233.0/24
82.23.243.0/24
82.23.253.0-82.23.255.255
82.24.34.0/24
82.24.46.0/24
82.24.112.0/24
82.24.175.0/24
82.24.182.0/24
82.24.215.0/24
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.34.0/24
82.25.212.0/24
82.25.219.0/24
82.25.243.0/24
82.25.253.0/24
82.26.237.0/24
82.26.253.0/24
82.27.130.0/24
82.27.132.0/24
82.27.213.0/24
82.27.222.0/24
82.27.225.0/24
82.27.234.0/24
82.27.238.0/24
82.27.253.0/24
82.29.78.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.125.0/24
82.29.202.0/24
82.29.215.0/24
82.29.217.0/24
82.29.228.0/24
82.29.233.0/24
82.29.242.0/23
82.38.129.0/24
82.41.195.0/24
82.47.120.0/23
82.47.140.0/22
82.47.192.0/20
178.83.200.0/24
Signature Algorithm: sha256WithRSAEncryption
63:b0:d8:6b:19:06:a3:5a:f2:68:0d:65:48:08:e2:53:a6:20:
53:60:27:2e:56:7c:d7:18:65:4c:f9:8b:09:b6:bd:7f:44:3c:
00:4a:7b:34:6a:c1:c0:a5:e7:60:e8:ab:55:4b:2b:2b:22:ec:
74:94:c5:a8:e8:4f:97:55:85:c9:38:7f:df:7b:e7:12:bd:8d:
a0:f9:dd:33:a1:76:f1:ed:b1:d8:3b:b4:31:2c:01:0b:82:8d:
bf:27:2f:c0:ff:aa:8a:1b:b9:81:aa:d7:d5:dc:66:e2:61:e0:
86:f7:30:c8:14:04:7a:e9:7d:bf:4d:60:19:08:a6:50:bb:00:
9e:fd:7f:fe:87:3d:e5:98:96:e8:9b:31:77:a9:09:28:bf:6b:
57:d1:29:b2:de:14:1d:be:24:d7:12:23:94:4e:c2:5b:d0:dd:
40:01:2a:08:76:07:b5:4c:21:a2:e8:b4:c7:c9:bb:e9:28:cd:
20:78:b6:bf:9c:e9:dc:55:29:3e:71:38:81:c5:f0:16:32:4a:
01:34:0e:65:63:ac:36:eb:6d:6c:e5:4e:72:ef:50:09:9f:26:
d1:6f:da:81:90:e5:31:e5:c8:62:bc:54:67:12:71:e0:78:ac:
c8:a9:04:c7:7a:15:e8:56:a4:d2:7c:75:b2:ac:4c:11:c4:a9:
a9:29:20:c3
-----BEGIN CERTIFICATE-----
MIIHMzCCBhugAwIBAgIUJT76y36uJUNQ5Zg6g35J9iFQ/Z8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTIxNjAxMzBaFw0yNzA1MTExNjA2MzBaMDMxMTAvBgNV
BAMTKEVEMEY4MDAwQUZCODNGMTVDQTE4QjhCRDhGNTFBMjIzNUIwMDg3OUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwYEHTOxuM6j5juY3PIO4BHa86
DE7a3H6cDNlImwQz9lUP9HZnpVj/Fp6MEf4NpBfUwyzB2BmjKTK1cubQsyWlS/W2
VgfIiOiDHDahLyY9fOS4TSwB8SodeuTysLtEizqMeQL9/7I9UzcRSualJwZaQXRt
69Rq3MMaQ1/5LLJUhQuNmq4PqEREnqfeV3GgFOYS4bq4LyEnnQ4Wza/yC0Ybbx94
fsYargxxmR0ff2VwSFebB4o8oa1yYweRRensDzY+GximlXfq4SosKtaK5Hndm1A8
YZhr6MKSN5eLfhNYMQPR7BpwJfr+0eVbrxh1fzMptJUAK9aQcwyNIQlQ0Ej5AgMB
AAGjggQ9MIIEOTAdBgNVHQ4EFgQU7Q+AAK+4PxXKGLi9j1GiI1sAh5owHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIICUAYIKwYBBQUHAQcBAf8EggI/MIICOzCCAjcEAgAB
MIICLwMEAFIVAgMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAME
AFIVhTAMAwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9
AwQAUhW/AwQAUhXBAwQBUhXIAwQAUhXTAwQAUhXzAwQAUhYbAwQAUhYiAwQAUhYu
AwQAUhZBAwQAUhZPAwQAUhZVAwQAUhZXAwQAUhaTAwQAUhbUAwQAUhbeAwQAUhbz
AwQAUhb9MAwDBABSFxEDBABSFxIwDAMEAFIXFQMEAFIXFjAMAwQAUhclAwQAUhcm
MAwDBABSF3cDBABSF3oDBABSF34wDAMEAFIXkQMEAFIXkgMEAFIX2QMEAFIX5QME
AFIX6QMEAFIX8zALAwQAUhf9AwMDUhADBABSGCIDBABSGC4DBABSGHADBABSGK8D
BABSGLYDBABSGNcDBABSGO8DBABSGPMDBABSGP0DBABSGSIDBABSGdQDBABSGdsD
BABSGfMDBABSGf0DBABSGu0DBABSGv0DBABSG4IDBABSG4QDBABSG9UDBABSG94D
BABSG+EDBABSG+oDBABSG+4DBABSG/0DBABSHU4DBABSHVwDBABSHV4DBAFSHWAD
BAFSHWQDBABSHX0DBABSHcoDBABSHdcDBABSHdkDBABSHeQDBABSHekDBAFSHfID
BABSJoEDBABSKcMDBAFSL3gDBAJSL4wDBARSL8ADBACyU8gwDQYJKoZIhvcNAQEL
BQADggEBAGOw2GsZBqNa8mgNZUgI4lOmIFNgJy5WfNcYZUz5iwm2vX9EPABKezRq
wcCl52Doq1VLKysi7HSUxajoT5dVhck4f9975xK9jaD53TOhdvHtsdg7tDEsAQuC
jb8nL8D/qoobuYGq19XcZuJh4Ib3MMgUBHrpfb9NYBkIplC7AJ79f/6HPeWYluib
MXepCSi/a1fRKbLeFB2+JNcSI5ROwlvQ3UABKgh2B7VMIaLotMfJu+kozSB4tr+c
6dxVKT5xOIHF8BYySgE0DmVjrDbrbWzlTnLvUAmfJtFv2oGQ5THlyGK8VGcSceB4
rMipBMd6FehWpNJ8dbKsTBHEqakpIMM=
-----END CERTIFICATE-----
Generated at Tue May 12 23:09:14 2026 by rpki-client