Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: PiPoTImxT+V1t7LqWw+i9Mw7RivOY6KRpiL0wYPNonc=
Subject key identifier: 7A:3C:C3:0F:96:0B:96:A7:9F:EC:AF:0D:A7:02:C7:E2:98:12:0F:CC
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3FB2F3BCC0A7A56EE0C99B0DB9CFAC3B96D53F59
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Fri 29 Aug 2025 11:41:24 +0000
ROA not before: Fri 29 Aug 2025 11:36:24 +0000
ROA not after: Fri 28 Aug 2026 11:41:24 +0000
asID: 212238
IP address blocks: 82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.211.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.212.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.217.0/24 maxlen: 24
82.23.229.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.126.0/24 maxlen: 24
82.24.182.0/24 maxlen: 24
82.24.215.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.34.0/24 maxlen: 24
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.215.0/24 maxlen: 24
82.29.217.0/24 maxlen: 24
82.29.228.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Sep 2025 05:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:b2:f3:bc:c0:a7:a5:6e:e0:c9:9b:0d:b9:cf:ac:3b:96:d5:3f:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 29 11:36:24 2025 GMT
Not After : Aug 28 11:41:24 2026 GMT
Subject: CN=7A3CC30F960B96A79FECAF0DA702C7E298120FCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ad:b5:28:5e:41:cc:3f:b3:e3:ea:4d:2a:a8:
0c:9f:ba:04:81:04:a0:82:10:51:2d:b9:81:b7:90:
f1:64:ea:bd:52:79:0d:b5:87:52:34:41:b8:ec:4c:
f5:b0:17:7e:fd:d6:74:8c:ff:1e:d2:02:95:43:0d:
13:22:c4:e8:ba:eb:ba:95:dc:0d:69:d6:4c:74:a2:
78:95:9b:7e:1b:cd:8e:97:c7:10:1b:1a:f4:c7:65:
eb:1e:0c:f9:c2:08:e8:77:6a:c7:79:5b:da:e3:14:
db:1b:0f:1f:c7:80:ff:59:e2:85:0e:90:5f:67:28:
58:26:91:9d:e6:62:26:60:33:be:a7:38:c1:3f:78:
2f:a6:54:91:d1:b4:70:18:5d:e2:c4:c0:c2:08:12:
39:63:ac:8e:d0:6d:cd:b0:42:0f:eb:55:f1:26:03:
db:80:fb:2a:1a:24:7a:56:7f:57:37:a5:1a:fa:84:
36:ec:34:bc:b7:0f:26:19:97:2d:18:15:b8:f1:26:
3d:90:c1:5f:8c:29:03:21:13:89:16:d5:51:6a:69:
96:3e:01:fc:05:cc:c6:21:ab:c8:ee:64:8b:3d:c6:
d3:b8:75:00:9e:7d:d6:eb:f8:18:eb:8d:3a:68:38:
76:fb:bb:6d:65:97:22:ab:d8:fa:84:a8:ab:ed:b9:
32:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:3C:C3:0F:96:0B:96:A7:9F:EC:AF:0D:A7:02:C7:E2:98:12:0F:CC
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.211.0/24
82.21.243.0/24
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.212.0/24
82.22.243.0/24
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.145.0-82.23.146.255
82.23.217.0/24
82.23.229.0/24
82.23.233.0/24
82.23.243.0/24
82.23.253.0-82.23.255.255
82.24.34.0/24
82.24.46.0/24
82.24.126.0/24
82.24.182.0/24
82.24.215.0/24
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.34.0/24
82.25.243.0/24
82.25.253.0/24
82.26.237.0/24
82.26.253.0/24
82.27.225.0/24
82.27.238.0/24
82.27.253.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.202.0/24
82.29.215.0/24
82.29.217.0/24
82.29.228.0/24
82.29.233.0/24
82.29.243.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:95:0b:e7:67:37:4e:52:be:38:0a:f8:14:15:f8:b6:c5:c3:
73:8c:75:e0:1b:07:16:e1:9e:2d:fc:36:b3:fa:57:7d:82:c4:
26:df:60:38:c3:66:dc:bd:14:fd:5f:a6:29:ce:66:a3:e4:37:
e2:33:d9:a5:3c:93:21:08:c2:63:8d:3a:c2:27:18:82:81:8a:
8a:b9:12:04:49:cd:20:8d:ec:3e:cc:76:2e:18:21:86:38:63:
ef:56:bf:55:72:6a:62:2c:3e:88:06:9c:8a:b2:cd:2c:3a:60:
9d:da:b6:63:09:bd:91:d3:be:b6:61:0f:8b:a9:7d:14:ad:79:
aa:f8:2f:f5:d7:4f:10:24:b9:be:38:13:36:69:ab:27:99:e9:
79:39:21:38:78:ea:e9:e8:68:3e:87:5f:55:c6:7b:f2:a2:de:
50:bb:a5:4d:c9:14:b4:c4:4b:8f:2f:47:17:8d:cb:00:94:ae:
9c:be:ba:a0:6a:e6:82:1e:78:b2:74:bc:22:20:38:5e:8e:c0:
ab:8f:8d:4b:ec:db:9a:84:7e:c3:49:95:3d:0f:44:5a:ca:e8:
24:7b:3f:70:c9:30:d7:66:79:1c:ba:27:ac:72:39:d5:69:45:
ed:38:ed:83:60:81:be:09:ae:45:80:d6:61:0d:d1:72:2b:d2:
69:a3:6c:4f
-----BEGIN CERTIFICATE-----
MIIGrzCCBZegAwIBAgIUP7LzvMCnpW7gyZsNuc+sO5bVP1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MjkxMTM2MjRaFw0yNjA4MjgxMTQxMjRaMDMxMTAvBgNV
BAMTKDdBM0NDMzBGOTYwQjk2QTc5RkVDQUYwREE3MDJDN0UyOTgxMjBGQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNrbUoXkHMP7Pj6k0qqAyfugSB
BKCCEFEtuYG3kPFk6r1SeQ21h1I0QbjsTPWwF3791nSM/x7SApVDDRMixOi667qV
3A1p1kx0oniVm34bzY6XxxAbGvTHZeseDPnCCOh3asd5W9rjFNsbDx/HgP9Z4oUO
kF9nKFgmkZ3mYiZgM76nOME/eC+mVJHRtHAYXeLEwMIIEjljrI7Qbc2wQg/rVfEm
A9uA+yoaJHpWf1c3pRr6hDbsNLy3DyYZly0YFbjxJj2QwV+MKQMhE4kW1VFqaZY+
AfwFzMYhq8juZIs9xtO4dQCefdbr+BjrjTpoOHb7u21llyKr2PqEqKvtuTI1AgMB
AAGjggO5MIIDtTAdBgNVHQ4EFgQUejzDD5YLlqef7K8NpwLH4pgSD8wwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIBzAYIKwYBBQUHAQcBAf8EggG7MIIBtzCCAbMEAgAB
MIIBqwMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAMEAFIVhTAM
AwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9AwQAUhW/
AwQAUhXBAwQAUhXTAwQAUhXzAwQAUhZBAwQAUhZPAwQAUhZVAwQAUhZXAwQAUhaT
AwQAUhbUAwQAUhbzAwQAUhb9MAwDBABSFxEDBABSFxIwDAMEAFIXFQMEAFIXFjAM
AwQAUhclAwQAUhcmMAwDBABSF3cDBABSF3oDBABSF34wDAMEAFIXkQMEAFIXkgME
AFIX2QMEAFIX5QMEAFIX6QMEAFIX8zALAwQAUhf9AwMDUhADBABSGCIDBABSGC4D
BABSGH4DBABSGLYDBABSGNcDBABSGO8DBABSGPMDBABSGP0DBABSGSIDBABSGfMD
BABSGf0DBABSGu0DBABSGv0DBABSG+EDBABSG+4DBABSG/0DBABSHVwDBABSHV4D
BAFSHWADBAFSHWQDBABSHcoDBABSHdcDBABSHdkDBABSHeQDBABSHekDBABSHfMw
DQYJKoZIhvcNAQELBQADggEBAB2VC+dnN05SvjgK+BQV+LbFw3OMdeAbBxbhni38
NrP6V32CxCbfYDjDZty9FP1fpinOZqPkN+Iz2aU8kyEIwmONOsInGIKBioq5EgRJ
zSCN7D7Mdi4YIYY4Y+9Wv1VyamIsPogGnIqyzSw6YJ3atmMJvZHTvrZhD4upfRSt
ear4L/XXTxAkub44EzZpqyeZ6Xk5ITh46unoaD6HX1XGe/Ki3lC7pU3JFLTES48v
RxeNywCUrpy+uqBq5oIeeLJ0vCIgOF6OwKuPjUvs25qEfsNJlT0PRFrK6CR7P3DJ
MNdmeRy6J6xyOdVpRe047YNggb4JrkWA1mEN0XIr0mmjbE8=
-----END CERTIFICATE-----
Generated at Sun Aug 31 14:17:54 2025 by rpki-client