Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: 4bMjL7e2jUuTuo8jMaynirphLKxTQdWxIkNd9NX6KEM=
Subject key identifier: C1:F9:9F:6F:4A:E8:81:C5:8E:E6:D5:C6:CB:DD:C1:87:99:38:75:18
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 59B24BFC77962EC2685EBD297F33D396F9C84409
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Wed 04 Jun 2025 18:44:52 +0000
ROA not before: Wed 04 Jun 2025 18:39:52 +0000
ROA not after: Wed 03 Jun 2026 18:44:52 +0000
asID: 212238
IP address blocks: 82.21.56.0/24 maxlen: 24
82.21.59.0/24 maxlen: 24
82.21.68.0/24 maxlen: 24
82.21.70.0/24 maxlen: 24
82.21.87.0/24 maxlen: 24
82.21.108.0/24 maxlen: 24
82.21.133.0/24 maxlen: 24
82.21.141.0/24 maxlen: 24
82.21.142.0/24 maxlen: 24
82.21.151.0/24 maxlen: 24
82.21.158.0/24 maxlen: 24
82.21.159.0/24 maxlen: 24
82.21.168.0/24 maxlen: 24
82.21.175.0/24 maxlen: 24
82.21.189.0/24 maxlen: 24
82.21.191.0/24 maxlen: 24
82.21.193.0/24 maxlen: 24
82.21.242.0/24 maxlen: 24
82.21.243.0/24 maxlen: 24
82.22.65.0/24 maxlen: 24
82.22.79.0/24 maxlen: 24
82.22.85.0/24 maxlen: 24
82.22.87.0/24 maxlen: 24
82.22.147.0/24 maxlen: 24
82.22.242.0/24 maxlen: 24
82.22.243.0/24 maxlen: 24
82.22.253.0/24 maxlen: 24
82.23.17.0/24 maxlen: 24
82.23.18.0/24 maxlen: 24
82.23.21.0/24 maxlen: 24
82.23.22.0/24 maxlen: 24
82.23.37.0/24 maxlen: 24
82.23.38.0/24 maxlen: 24
82.23.119.0/24 maxlen: 24
82.23.120.0/24 maxlen: 24
82.23.121.0/24 maxlen: 24
82.23.122.0/24 maxlen: 24
82.23.126.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.170.0/23 maxlen: 23
82.23.229.0/24 maxlen: 24
82.23.232.0/24 maxlen: 24
82.23.233.0/24 maxlen: 24
82.23.243.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.34.0/24 maxlen: 24
82.24.46.0/24 maxlen: 24
82.24.182.0/24 maxlen: 24
82.24.239.0/24 maxlen: 24
82.24.243.0/24 maxlen: 24
82.24.253.0/24 maxlen: 24
82.25.243.0/24 maxlen: 24
82.25.253.0/24 maxlen: 24
82.26.157.0/24 maxlen: 24
82.26.237.0/24 maxlen: 24
82.26.243.0/24 maxlen: 24
82.26.253.0/24 maxlen: 24
82.27.11.0/24 maxlen: 24
82.27.225.0/24 maxlen: 24
82.27.238.0/24 maxlen: 24
82.27.243.0/24 maxlen: 24
82.27.253.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
82.29.233.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
82.29.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:b2:4b:fc:77:96:2e:c2:68:5e:bd:29:7f:33:d3:96:f9:c8:44:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 4 18:39:52 2025 GMT
Not After : Jun 3 18:44:52 2026 GMT
Subject: CN=C1F99F6F4AE881C58EE6D5C6CBDDC18799387518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:78:f5:90:d2:fa:92:f2:f1:28:72:44:19:fd:
54:98:f9:9b:76:ec:78:a0:50:24:9e:4e:4c:42:8b:
79:3b:73:05:e1:f3:2e:97:8b:a1:29:54:f9:98:5a:
26:ca:23:0a:79:ad:8a:be:45:27:af:a7:19:5a:5a:
ad:38:1f:91:a2:d0:aa:db:e5:a9:d7:63:fc:94:f9:
95:67:a7:74:cf:34:b2:a0:0e:bc:99:c5:f8:18:6a:
ec:36:91:10:6a:96:c5:72:4b:4c:74:0c:33:56:04:
12:45:7d:21:c0:8f:64:ca:a5:ba:f6:d0:e6:e8:2b:
f4:8c:5a:16:44:62:00:e4:15:fd:4c:11:3e:f0:af:
f2:39:bd:3d:b2:86:e2:65:09:d8:28:60:3f:47:28:
90:d3:1e:82:14:68:8c:b6:f7:b5:10:03:e2:54:b9:
20:f8:71:1c:2a:eb:7b:a0:ad:cd:af:e6:44:24:49:
65:13:2e:ef:34:0f:d0:8e:53:f8:0f:6d:76:ca:7d:
e6:2f:c3:8c:a9:f5:2c:85:4e:af:db:53:71:a9:b3:
41:6f:eb:c1:c1:f9:55:4c:17:e4:15:58:bd:64:d4:
03:88:95:37:44:7d:11:70:85:cf:c3:e6:0b:c1:89:
7e:4b:ba:e7:aa:21:1b:24:ac:86:96:e6:d4:c9:7a:
10:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F9:9F:6F:4A:E8:81:C5:8E:E6:D5:C6:CB:DD:C1:87:99:38:75:18
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.56.0/24
82.21.59.0/24
82.21.68.0/24
82.21.70.0/24
82.21.87.0/24
82.21.108.0/24
82.21.133.0/24
82.21.141.0-82.21.142.255
82.21.151.0/24
82.21.158.0/23
82.21.168.0/24
82.21.175.0/24
82.21.189.0/24
82.21.191.0/24
82.21.193.0/24
82.21.242.0/23
82.22.65.0/24
82.22.79.0/24
82.22.85.0/24
82.22.87.0/24
82.22.147.0/24
82.22.242.0/23
82.22.253.0/24
82.23.17.0-82.23.18.255
82.23.21.0-82.23.22.255
82.23.37.0-82.23.38.255
82.23.119.0-82.23.122.255
82.23.126.0/24
82.23.145.0/24
82.23.170.0/23
82.23.229.0/24
82.23.232.0/23
82.23.243.0/24
82.23.253.0-82.23.255.255
82.24.34.0/24
82.24.46.0/24
82.24.182.0/24
82.24.239.0/24
82.24.243.0/24
82.24.253.0/24
82.25.243.0/24
82.25.253.0/24
82.26.157.0/24
82.26.237.0/24
82.26.243.0/24
82.26.253.0/24
82.27.11.0/24
82.27.225.0/24
82.27.238.0/24
82.27.243.0/24
82.27.253.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.202.0/24
82.29.233.0/24
82.29.242.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:d5:9b:92:21:57:3c:c7:6a:27:06:93:e2:aa:96:a4:ce:0e:
b6:7e:b1:39:6a:2d:6e:6c:56:c2:6b:6a:ce:78:ed:ab:77:70:
88:c6:ce:d9:b8:2d:ac:ba:72:62:14:b7:b2:91:5e:52:e1:19:
47:31:96:d9:6f:7d:6e:1d:84:66:30:31:02:59:21:ee:6f:bb:
86:1d:55:e3:3f:bb:8c:11:df:8c:c6:a5:b9:db:61:a2:08:de:
30:89:ba:11:9d:13:19:3c:06:d7:fc:14:cd:16:13:db:40:b1:
61:9a:93:bf:c5:b9:ed:b4:36:f2:6c:9d:82:c7:c2:be:e8:c9:
1e:37:16:72:cb:a0:e2:99:42:9a:6c:da:4a:f4:bd:54:b9:63:
22:d0:fb:74:8c:db:fc:37:19:ed:25:70:f6:e8:6f:c6:a0:fa:
d2:8e:09:b2:68:31:c8:6f:39:3b:48:1a:3a:4c:08:9f:c0:31:
60:62:c7:c2:b1:cd:d9:36:3c:01:6a:cd:b6:2a:6d:5e:f2:e0:
2f:db:e6:01:2b:2f:12:72:f2:33:5c:3d:eb:57:b1:02:da:22:
91:3a:32:ba:cd:f6:b2:16:00:2d:25:e0:05:8e:5f:41:0c:a6:
a6:b7:b9:88:54:3e:cd:62:89:7d:0d:ac:8b:7b:d3:f9:f0:84:
70:54:e2:a3
-----BEGIN CERTIFICATE-----
MIIGjzCCBXegAwIBAgIUWbJL/HeWLsJoXr0pfzPTlvnIRAkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDQxODM5NTJaFw0yNjA2MDMxODQ0NTJaMDMxMTAvBgNV
BAMTKEMxRjk5RjZGNEFFODgxQzU4RUU2RDVDNkNCRERDMTg3OTkzODc1MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNePWQ0vqS8vEockQZ/VSY+Zt2
7HigUCSeTkxCi3k7cwXh8y6Xi6EpVPmYWibKIwp5rYq+RSevpxlaWq04H5Gi0Krb
5anXY/yU+ZVnp3TPNLKgDryZxfgYauw2kRBqlsVyS0x0DDNWBBJFfSHAj2TKpbr2
0OboK/SMWhZEYgDkFf1MET7wr/I5vT2yhuJlCdgoYD9HKJDTHoIUaIy297UQA+JU
uSD4cRwq63ugrc2v5kQkSWUTLu80D9COU/gPbXbKfeYvw4yp9SyFTq/bU3Gps0Fv
68HB+VVMF+QVWL1k1AOIlTdEfRFwhc/D5gvBiX5LuueqIRskrIaW5tTJehD/AgMB
AAGjggOZMIIDlTAdBgNVHQ4EFgQUwfmfb0rogcWO5tXGy93Bh5k4dRgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIBrAYIKwYBBQUHAQcBAf8EggGbMIIBlzCCAZMEAgAB
MIIBiwMEAFIVOAMEAFIVOwMEAFIVRAMEAFIVRgMEAFIVVwMEAFIVbAMEAFIVhTAM
AwQAUhWNAwQAUhWOAwQAUhWXAwQBUhWeAwQAUhWoAwQAUhWvAwQAUhW9AwQAUhW/
AwQAUhXBAwQBUhXyAwQAUhZBAwQAUhZPAwQAUhZVAwQAUhZXAwQAUhaTAwQBUhby
AwQAUhb9MAwDBABSFxEDBABSFxIwDAMEAFIXFQMEAFIXFjAMAwQAUhclAwQAUhcm
MAwDBABSF3cDBABSF3oDBABSF34DBABSF5EDBAFSF6oDBABSF+UDBAFSF+gDBABS
F/MwCwMEAFIX/QMDA1IQAwQAUhgiAwQAUhguAwQAUhi2AwQAUhjvAwQAUhjzAwQA
Uhj9AwQAUhnzAwQAUhn9AwQAUhqdAwQAUhrtAwQAUhrzAwQAUhr9AwQAUhsLAwQA
UhvhAwQAUhvuAwQAUhvzAwQAUhv9AwQAUh1cAwQAUh1eAwQBUh1gAwQBUh1kAwQA
Uh3KAwQAUh3pAwQBUh3yMA0GCSqGSIb3DQEBCwUAA4IBAQCL1ZuSIVc8x2onBpPi
qpakzg62frE5ai1ubFbCa2rOeO2rd3CIxs7ZuC2sunJiFLeykV5S4RlHMZbZb31u
HYRmMDECWSHub7uGHVXjP7uMEd+MxqW522GiCN4wiboRnRMZPAbX/BTNFhPbQLFh
mpO/xbnttDbybJ2Cx8K+6MkeNxZyy6DimUKabNpK9L1UuWMi0Pt0jNv8NxntJXD2
6G/GoPrSjgmyaDHIbzk7SBo6TAifwDFgYsfCsc3ZNjwBas22Km1e8uAv2+YBKy8S
cvIzXD3rV7EC2iKROjK6zfayFgAtJeAFjl9BDKamt7mIVD7NYol9DayLe9P58IRw
VOKj
-----END CERTIFICATE-----
Generated at Fri Jun 6 21:58:36 2025 by rpki-client