Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: 1wTpq//nmQ76ZusromtNVB0VtpqdiJGW51hHkQHX4z4=
Subject key identifier: CC:34:D3:2B:BC:B3:4F:1B:2E:7D:01:C3:C2:1D:D5:F9:1E:C8:21:58
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0ABEE249B349A7352459B32D3CB504DEE7D98128
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Wed 08 Oct 2025 10:47:54 +0000
ROA not before: Wed 08 Oct 2025 10:42:54 +0000
ROA not after: Wed 07 Oct 2026 10:47:54 +0000
asID: 212238
IP address blocks: 82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.211.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.212.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.217.0/24 maxlen: 24
82.23.229.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.112.0/24 maxlen: 24
82.24.126.0/24 maxlen: 24
82.24.182.0/24 maxlen: 24
82.24.215.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.34.0/24 maxlen: 24
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.130.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.215.0/24 maxlen: 24
82.29.217.0/24 maxlen: 24
82.29.228.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:be:e2:49:b3:49:a7:35:24:59:b3:2d:3c:b5:04:de:e7:d9:81:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 8 10:42:54 2025 GMT
Not After : Oct 7 10:47:54 2026 GMT
Subject: CN=CC34D32BBCB34F1B2E7D01C3C21DD5F91EC82158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:73:08:3d:56:75:9b:e6:b8:ba:d4:8b:e5:c6:
a3:8e:5d:3e:7d:df:6c:7b:1d:3d:18:8b:42:91:dc:
b9:7f:7c:2e:d5:c7:ba:09:73:cf:e9:1b:9d:d7:85:
f5:82:91:5b:98:aa:52:e2:7d:4a:2a:8f:b8:69:20:
00:a5:2f:a4:00:59:c4:cf:77:17:79:0d:99:76:13:
74:cd:cc:aa:e4:91:cd:1e:30:b1:8a:75:99:55:12:
2e:80:87:de:0b:7e:90:bb:6e:52:36:51:28:e3:2b:
80:45:27:c5:e9:63:7f:f4:43:7b:d5:cf:e8:d0:f5:
0d:a8:c1:e3:fb:08:64:69:53:00:d2:46:4b:79:b9:
22:23:91:1a:46:3a:66:a7:e1:02:86:7a:d0:89:25:
9c:c7:6c:7b:37:7a:45:3e:a3:57:5b:8a:5a:7e:57:
1c:de:39:3f:db:e2:55:16:4d:da:1f:76:10:f6:f6:
f5:c5:55:2b:37:51:20:21:54:a8:d3:0c:ca:1e:46:
ca:f7:a5:f4:d4:13:54:78:f3:9d:d4:b6:c1:5c:24:
7f:b1:49:ee:f4:92:59:fa:57:3a:88:c2:ea:ae:dc:
d3:38:76:2c:f1:c9:6c:a7:b7:67:13:de:b0:a2:24:
6f:a1:84:60:d1:98:55:20:1e:a7:4f:dd:01:73:a6:
1f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:34:D3:2B:BC:B3:4F:1B:2E:7D:01:C3:C2:1D:D5:F9:1E:C8:21:58
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.211.0/24
82.21.243.0/24
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.212.0/24
82.22.243.0/24
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.145.0-82.23.146.255
82.23.217.0/24
82.23.229.0/24
82.23.233.0/24
82.23.243.0/24
82.23.253.0-82.23.255.255
82.24.34.0/24
82.24.46.0/24
82.24.112.0/24
82.24.126.0/24
82.24.182.0/24
82.24.215.0/24
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.34.0/24
82.25.243.0/24
82.25.253.0/24
82.26.237.0/24
82.26.253.0/24
82.27.130.0/24
82.27.225.0/24
82.27.238.0/24
82.27.253.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.202.0/24
82.29.215.0/24
82.29.217.0/24
82.29.228.0/24
82.29.233.0/24
82.29.242.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:c6:8c:37:e8:ef:30:8e:85:35:78:6c:9e:97:83:de:03:62:
56:65:e2:39:b7:13:4f:f0:73:65:a0:76:c2:00:7a:05:3c:a8:
1c:7d:fa:89:2c:2f:e3:31:4b:95:b8:26:8e:6b:0d:c8:ee:8d:
1a:d0:a4:36:7f:68:58:97:3a:ec:64:6e:89:cd:ae:c5:73:55:
ec:8d:8f:8e:50:9b:37:67:9c:3b:6d:bb:b5:46:86:de:45:60:
1a:98:cf:b8:7e:8a:8b:e4:90:70:ef:64:1b:d7:0b:83:74:f4:
1d:11:1e:a4:49:3b:d5:27:ac:85:db:ed:73:58:51:63:a0:6b:
36:2c:3d:7c:8f:46:ba:0c:2e:15:e3:1a:48:2c:41:3a:83:f3:
77:34:92:15:b1:f4:77:2c:55:f5:98:d3:01:61:0a:0b:79:e3:
ce:76:65:bb:35:b4:42:97:76:d7:10:8a:af:74:f3:f5:d2:77:
45:75:c6:65:14:20:61:d3:b4:fc:fe:1a:85:10:ac:4f:2f:c7:
7e:f8:f8:75:19:c8:21:e4:cb:dd:98:fb:4c:81:d2:6b:22:c2:
67:a2:0c:c9:5f:8a:8b:2b:c8:18:60:81:bc:36:b7:40:f2:12:
12:ac:e1:f0:1b:4d:31:f5:51:01:d5:2f:34:a5:18:65:f2:49:
9a:44:4e:b9
-----BEGIN CERTIFICATE-----
MIIGuzCCBaOgAwIBAgIUCr7iSbNJpzUkWbMtPLUE3ufZgSgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMDgxMDQyNTRaFw0yNjEwMDcxMDQ3NTRaMDMxMTAvBgNV
BAMTKENDMzREMzJCQkNCMzRGMUIyRTdEMDFDM0MyMURENUY5MUVDODIxNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCucwg9VnWb5ri61IvlxqOOXT59
32x7HT0Yi0KR3Ll/fC7Vx7oJc8/pG53XhfWCkVuYqlLifUoqj7hpIAClL6QAWcTP
dxd5DZl2E3TNzKrkkc0eMLGKdZlVEi6Ah94LfpC7blI2USjjK4BFJ8XpY3/0Q3vV
z+jQ9Q2oweP7CGRpUwDSRkt5uSIjkRpGOman4QKGetCJJZzHbHs3ekU+o1dbilp+
VxzeOT/b4lUWTdofdhD29vXFVSs3USAhVKjTDMoeRsr3pfTUE1R4853UtsFcJH+x
Se70kln6VzqIwuqu3NM4dizxyWynt2cT3rCiJG+hhGDRmFUgHqdP3QFzph+XAgMB
AAGjggPFMIIDwTAdBgNVHQ4EFgQUzDTTK7yzTxsufQHDwh3V+R7IIVgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIB2AYIKwYBBQUHAQcBAf8EggHHMIIBwzCCAb8EAgAB
MIIBtwMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAMEAFIVhTAM
AwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9AwQAUhW/
AwQAUhXBAwQAUhXTAwQAUhXzAwQAUhZBAwQAUhZPAwQAUhZVAwQAUhZXAwQAUhaT
AwQAUhbUAwQAUhbzAwQAUhb9MAwDBABSFxEDBABSFxIwDAMEAFIXFQMEAFIXFjAM
AwQAUhclAwQAUhcmMAwDBABSF3cDBABSF3oDBABSF34wDAMEAFIXkQMEAFIXkgME
AFIX2QMEAFIX5QMEAFIX6QMEAFIX8zALAwQAUhf9AwMDUhADBABSGCIDBABSGC4D
BABSGHADBABSGH4DBABSGLYDBABSGNcDBABSGO8DBABSGPMDBABSGP0DBABSGSID
BABSGfMDBABSGf0DBABSGu0DBABSGv0DBABSG4IDBABSG+EDBABSG+4DBABSG/0D
BABSHVwDBABSHV4DBAFSHWADBAFSHWQDBABSHcoDBABSHdcDBABSHdkDBABSHeQD
BABSHekDBAFSHfIwDQYJKoZIhvcNAQELBQADggEBAJvGjDfo7zCOhTV4bJ6Xg94D
YlZl4jm3E0/wc2WgdsIAegU8qBx9+oksL+MxS5W4Jo5rDcjujRrQpDZ/aFiXOuxk
bonNrsVzVeyNj45QmzdnnDttu7VGht5FYBqYz7h+iovkkHDvZBvXC4N09B0RHqRJ
O9UnrIXb7XNYUWOgazYsPXyPRroMLhXjGkgsQTqD83c0khWx9HcsVfWY0wFhCgt5
4852Zbs1tEKXdtcQiq908/XSd0V1xmUUIGHTtPz+GoUQrE8vx374+HUZyCHky92Y
+0yB0msiwmeiDMlfiosryBhggbw2t0DyEhKs4fAbTTH1UQHVLzSlGGXySZpETrk=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:29:49 2025 by rpki-client