Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: iZM50sCeAUN6+fmCp4UIHlBWt0rpTVEVT910z//x6mg=
Subject key identifier: CE:A7:40:39:D6:44:3D:B4:DC:0F:32:12:93:0D:F7:B2:D8:F1:37:A2
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 386082B5B23FDB4EDACE837F4109C5A057E1155C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Wed 20 May 2026 07:31:18 +0000
ROA not before: Wed 20 May 2026 07:26:18 +0000
ROA not after: Wed 19 May 2027 07:31:18 +0000
asID: 212238
IP address blocks: 82.21.2.0/24 maxlen: 24
82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.200.0/23 maxlen: 24
82.21.211.0/24 maxlen: 24
82.21.237.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.27.0/24 maxlen: 24
82.22.34.0/24 maxlen: 24
82.22.46.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.212.0/24 maxlen: 24
82.22.222.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.214.0/24 maxlen: 24
82.23.217.0/24 maxlen: 24
82.23.229.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.112.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
82.24.182.0/24 maxlen: 24
82.24.214.0/24 maxlen: 24
82.24.215.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.34.0/24 maxlen: 24
82.25.212.0/24 maxlen: 24
82.25.219.0/24 maxlen: 24
82.25.234.0/24 maxlen: 24
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.220.0/24 maxlen: 24
82.26.230.0/24 maxlen: 24
82.26.233.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.130.0/24 maxlen: 24
82.27.132.0/24 maxlen: 24
82.27.213.0/24 maxlen: 24
82.27.218.0/24 maxlen: 24
82.27.222.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.234.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.78.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.125.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.211.0/24 maxlen: 24
82.29.215.0/24 maxlen: 24
82.29.217.0/24 maxlen: 24
82.29.220.0/24 maxlen: 24
82.29.228.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
82.38.129.0/24 maxlen: 24
82.41.195.0/24 maxlen: 24
82.47.120.0/23 maxlen: 24
82.47.140.0/22 maxlen: 24
82.47.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:60:82:b5:b2:3f:db:4e:da:ce:83:7f:41:09:c5:a0:57:e1:15:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 20 07:26:18 2026 GMT
Not After : May 19 07:31:18 2027 GMT
Subject: CN=CEA74039D6443DB4DC0F3212930DF7B2D8F137A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:17:b5:b6:e0:5b:38:ce:9e:77:7e:01:53:bd:
f8:7b:99:25:d0:c7:ea:3a:b5:1c:f7:24:3a:4c:92:
6a:0d:dd:25:8e:33:99:71:0a:14:78:23:3f:38:4f:
23:72:be:d2:bd:a5:ec:18:cc:e7:93:6d:f8:83:0a:
9b:7d:be:79:88:eb:c9:d7:32:f7:29:da:3c:61:5c:
61:7c:f1:8f:04:76:fa:d1:f3:1a:8f:3a:49:39:d7:
aa:43:4c:15:fc:59:f7:a2:7b:39:15:f5:81:0b:07:
22:37:66:15:b6:28:66:b1:db:9f:07:ba:36:3b:50:
95:be:b8:02:7b:53:d3:2d:87:92:84:36:1c:63:f0:
f5:21:72:a9:12:5d:7f:df:05:85:af:e2:4e:cb:df:
32:90:12:92:8b:8f:e3:40:c7:20:ed:6e:fa:f1:0c:
48:3a:4f:2a:0f:1e:d9:52:8e:66:66:8b:47:a9:91:
c1:32:9d:9c:65:af:c0:26:f2:86:4d:85:46:ff:01:
b4:ec:16:d6:a4:a2:fe:ff:0c:01:c1:06:17:55:a6:
df:9a:79:19:56:6c:4f:6c:27:72:bd:6b:09:35:21:
78:13:36:e8:d1:a0:a2:79:a5:33:e1:fe:b7:7f:56:
1d:73:18:31:48:c8:b3:d8:e5:65:09:d2:e5:98:3b:
23:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A7:40:39:D6:44:3D:B4:DC:0F:32:12:93:0D:F7:B2:D8:F1:37:A2
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.2.0/24
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.200.0/23
82.21.211.0/24
82.21.237.0/24
82.21.243.0/24
82.22.27.0/24
82.22.34.0/24
82.22.46.0/24
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.212.0/24
82.22.222.0/24
82.22.243.0/24
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.145.0-82.23.146.255
82.23.214.0/24
82.23.217.0/24
82.23.229.0/24
82.23.233.0/24
82.23.243.0/24
82.23.253.0-82.23.255.255
82.24.34.0/24
82.24.46.0/24
82.24.112.0/24
82.24.175.0/24
82.24.182.0/24
82.24.214.0/23
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.34.0/24
82.25.212.0/24
82.25.219.0/24
82.25.234.0/24
82.25.243.0/24
82.25.253.0/24
82.26.220.0/24
82.26.230.0/24
82.26.233.0/24
82.26.237.0/24
82.26.253.0/24
82.27.130.0/24
82.27.132.0/24
82.27.213.0/24
82.27.218.0/24
82.27.222.0/24
82.27.225.0/24
82.27.234.0/24
82.27.238.0/24
82.27.253.0/24
82.29.78.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.125.0/24
82.29.202.0/24
82.29.211.0/24
82.29.215.0/24
82.29.217.0/24
82.29.220.0/24
82.29.228.0/24
82.29.233.0/24
82.29.242.0/23
82.38.129.0/24
82.41.195.0/24
82.47.120.0/23
82.47.140.0/22
82.47.192.0/20
Signature Algorithm: sha256WithRSAEncryption
9e:25:60:10:29:91:c3:43:55:92:92:87:31:0e:57:16:eb:00:
b7:f6:5b:e9:2c:99:ba:4e:63:b7:36:b0:3c:1c:b0:8d:cb:91:
4b:fe:a6:56:71:ea:df:98:75:10:86:af:f4:dc:2e:5c:97:38:
05:b4:e3:23:18:72:c9:1c:51:c4:32:c2:0b:f0:c8:63:1a:9c:
f2:b1:f8:da:c0:61:2d:1d:6c:71:bf:1a:8c:5a:06:34:f6:7b:
53:87:d0:9c:cd:21:ea:73:b1:5b:1d:3f:2f:db:f4:b1:77:d4:
82:f4:9d:0b:42:62:c0:d9:62:5b:6b:23:99:16:c3:f2:d6:16:
ed:8d:6b:97:9f:74:d2:ce:d4:45:fc:67:a9:88:74:40:a5:f1:
d3:74:5f:ca:24:ed:b3:db:a6:d5:b2:b4:ae:e0:a2:ea:39:01:
f8:65:61:ba:bf:f8:a2:e7:7b:e8:49:f6:07:1c:7e:dd:f2:3b:
b5:9e:07:f9:75:70:59:a1:db:e8:a9:26:19:24:b1:57:24:2e:
b3:f1:79:4d:f6:bf:90:a5:66:c4:13:38:56:a0:0b:03:90:95:
94:b8:d6:f4:5b:ae:b3:b4:73:bc:84:64:21:eb:e5:ab:c1:c4:
9f:03:56:5f:60:b9:b3:b2:da:31:fd:51:43:17:40:01:91:b2:
ac:67:5e:7c
-----BEGIN CERTIFICATE-----
MIIHYzCCBkugAwIBAgIUOGCCtbI/207azoN/QQnFoFfhFVwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MjAwNzI2MThaFw0yNzA1MTkwNzMxMThaMDMxMTAvBgNV
BAMTKENFQTc0MDM5RDY0NDNEQjREQzBGMzIxMjkzMERGN0IyRDhGMTM3QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUF7W24Fs4zp53fgFTvfh7mSXQ
x+o6tRz3JDpMkmoN3SWOM5lxChR4Iz84TyNyvtK9pewYzOeTbfiDCpt9vnmI68nX
Mvcp2jxhXGF88Y8EdvrR8xqPOkk516pDTBX8WfeiezkV9YELByI3ZhW2KGax258H
ujY7UJW+uAJ7U9Mth5KENhxj8PUhcqkSXX/fBYWv4k7L3zKQEpKLj+NAxyDtbvrx
DEg6TyoPHtlSjmZmi0epkcEynZxlr8Am8oZNhUb/AbTsFtakov7/DAHBBhdVpt+a
eRlWbE9sJ3K9awk1IXgTNujRoKJ5pTPh/rd/Vh1zGDFIyLPY5WUJ0uWYOyNpAgMB
AAGjggRtMIIEaTAdBgNVHQ4EFgQUzqdAOdZEPbTcDzISkw33stjxN6IwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIICgAYIKwYBBQUHAQcBAf8EggJvMIICazCCAmcEAgAB
MIICXwMEAFIVAgMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAME
AFIVhTAMAwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9
AwQAUhW/AwQAUhXBAwQBUhXIAwQAUhXTAwQAUhXtAwQAUhXzAwQAUhYbAwQAUhYi
AwQAUhYuAwQAUhZBAwQAUhZPAwQAUhZVAwQAUhZXAwQAUhaTAwQAUhbUAwQAUhbe
AwQAUhbzAwQAUhb9MAwDBABSFxEDBABSFxIwDAMEAFIXFQMEAFIXFjAMAwQAUhcl
AwQAUhcmMAwDBABSF3cDBABSF3oDBABSF34wDAMEAFIXkQMEAFIXkgMEAFIX1gME
AFIX2QMEAFIX5QMEAFIX6QMEAFIX8zALAwQAUhf9AwMDUhADBABSGCIDBABSGC4D
BABSGHADBABSGK8DBABSGLYDBAFSGNYDBABSGO8DBABSGPMDBABSGP0DBABSGSID
BABSGdQDBABSGdsDBABSGeoDBABSGfMDBABSGf0DBABSGtwDBABSGuYDBABSGukD
BABSGu0DBABSGv0DBABSG4IDBABSG4QDBABSG9UDBABSG9oDBABSG94DBABSG+ED
BABSG+oDBABSG+4DBABSG/0DBABSHU4DBABSHVwDBABSHV4DBAFSHWADBAFSHWQD
BABSHX0DBABSHcoDBABSHdMDBABSHdcDBABSHdkDBABSHdwDBABSHeQDBABSHekD
BAFSHfIDBABSJoEDBABSKcMDBAFSL3gDBAJSL4wDBARSL8AwDQYJKoZIhvcNAQEL
BQADggEBAJ4lYBApkcNDVZKShzEOVxbrALf2W+ksmbpOY7c2sDwcsI3LkUv+plZx
6t+YdRCGr/TcLlyXOAW04yMYcskcUcQywgvwyGManPKx+NrAYS0dbHG/GoxaBjT2
e1OH0JzNIepzsVsdPy/b9LF31IL0nQtCYsDZYltrI5kWw/LWFu2Na5efdNLO1EX8
Z6mIdECl8dN0X8ok7bPbptWytK7gouo5AfhlYbq/+KLne+hJ9gccft3yO7WeB/l1
cFmh2+ipJhkksVckLrPxeU32v5ClZsQTOFagCwOQlZS41vRbrrO0c7yEZCHr5avB
xJ8DVl9gubOy2jH9UUMXQAGRsqxnXnw=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:11:30 2026 by rpki-client