Summary
- The awkward public name resolves cleanly to CoreIT. Registro.br assigns AS263606,
177.136.72.0/22and2804:fd4::/32to COREIT - DATACENTER, SERV GER E INFRA TI LTDA under CNPJ12.012.908/0001-02; a current company-data extract expands the legal name, marks it active and identifies its principal activity as data processing, application provision and internet hosting. - The network has strong present-tense proof. RIPEstat observed five IPv4 announcements covering 1,024 addresses and the full IPv6
/32during July 1-15, 2026, with visibility from all 326 reporting IPv4 peers and 321 of 322 IPv6 peers. Every captured origin check was RPKI valid. - A SENAC Ceara price-registration document from 2014 names the same CNPJ and specifies a substantial 24-hour data-centre offer covering links, cloud resources, physical servers, colocation, infrastructure management, backup and support hours. It proves that CoreIT was selected for a defined service catalogue, but its age prevents it from proving today's capacity or delivery quality.
- Energy Telecom's current pages describe a much wider operating model: hybrid, private and public cloud, managed cloud, backup, disaster recovery, custom monitoring and three regional contact numbers. They also claim large direct links from Fortaleza to Miami and Sao Paulo. Those claims are useful diligence targets, not substitutes for current circuit records, service measurements, copy-by-copy data location and named escalation owners.
The shortened network name points to a specific legal counterparty
DATACENTER, SERV GER E INFRA TI LTDA looks more like a clipped description than a company a customer could confidently put on a contract. In this case, the abbreviation is recoverable because the public identifiers agree.
The Registro.br record for AS263606 names the registrant as COREIT - DATACENTER, SERV GER E INFRA TI LTDA and publishes CNPJ 12.012.908/0001-02. The same record links the autonomous system to the IPv4 allocation 177.136.72.0/22 and IPv6 allocation 2804:fd4::/32. It names Leandro Cesar de Mattos Mariotto in the administrative contact chain and gives an Energy Telecom address for that contact. The ASN was registered in September 2013; the registrant record was most recently changed in January 2025.
A company-data extract for the same CNPJ, generated on July 15, 2026 from public Brazilian records, expands the legal name to COREIT - SERVICOS GERENCIADOS, DATA CENTER E INFRAESTRUTURA EM TI LTDA. It reports an active limited company opened on May 6, 2010, with R$2.24 million in registered capital and a headquarters at Avenida Santos Dumont 2626, shop 19, in Fortaleza. Its principal activity code, 6311-9/00, covers data processing, application-service provision and internet hosting. The extract names Leandro Cesar de Mattos Mariotto as administrator and M M Participacoes LTDA as a corporate shareholder.
That extract is a convenient secondary presentation, not a certified corporate document. Before signature, a customer should still obtain a current Receita Federal certificate, articles of association and proof that the signatory can bind the company. The important result here is narrower: the tax identifier on the company record is the same identifier holding the ASN and address space.
The Energy Telecom group page supplies the commercial relationship. It presents CoreIT as the group's data-centre and infrastructure business, alongside managed technology, cybersecurity, connectivity and training operations. It says the group uses one security operations centre and three network operations centres across Ceara, Rio Grande do Sul and Sao Paulo, with CoreIT providing the data-centre element. This explains why the current sales surface and network contacts use the Energy Telecom domain while the resource holder is CoreIT.
It also creates the first contractual question. A group can deliver an integrated service while allocating cloud hosting, carrier access, security monitoring and support to different companies. The order should identify the contracting entity for each layer, the entity that employs privileged operators, the owner or lessee of the equipment and circuits, and the party liable when one group member depends on another. A shared brand is operationally convenient; it is not a substitute for a responsibility map.
The public offer is an operating model, not a simple virtual machine
Energy Telecom's cloud page describes hybrid, private and public cloud, managed cloud, cloud-ready servers, backup, applications and security. The important feature is not the length of the list. It is the range of control boundaries inside it.
A private cloud can place compute under CoreIT's direct administration. A public-cloud engagement may instead put workloads in a global provider account while Energy Telecom designs and manages them. Hybrid cloud can combine both, with identity, monitoring, backup and network paths crossing the boundary. The page says the company manages cloud from strategy through implementation and support, but it does not publish a standard division of duties for operating systems, hypervisors, customer identities, encryption keys, patching, backup approval or cost control.
The data-centre service page extends the offer to container data centres, x86 and Power servers, virtual desktop infrastructure, hyperconvergence, storage, data protection and operational management across network, server and storage layers. It advertises custom monitoring, 24-hour support, managed replication with tailored recovery-time objectives and disaster-recovery services. The infrastructure page adds application delivery, storage, wireless, switching, wide-area optimisation, DNS contingency, load balancing, backup-policy review and advanced monitoring dashboards.
These pages describe a plausible regional managed-services platform. They do not say which components are standard products, individually engineered projects or third-party licences. Nor do they publish standard recovery-point objectives, maintenance windows, service credits, retention periods or export formats. That distinction matters when a buyer compares CoreIT with a self-service cloud platform. A managed provider may remove work from the customer's team, but only if the agreement names the work being transferred and the authority that accompanies it.
Automation deserves the same precision. Monitoring dashboards, cloud management, policy-driven backup and failover can reduce manual handling. They can also propagate a bad configuration or privileged-account compromise across several environments. Customers should ask which actions are automatic, which require approval, where automation credentials are held, how changes are logged, and how to suspend an unsafe action without losing the monitoring plane.
A detailed service award proves more than a client logo, but only for its period
There is public service proof outside the group's own descriptions. A SENAC Ceara price-registration document for competition 023/2014 names CoreIT and CNPJ 12.012.908/0001-02 as the selected supplier for specialised data-centre services. The registration ran from September 9, 2014 to September 9, 2015 and described a 24-hour, seven-day service for 12 months using rented hardware and software.
The schedule is unusually concrete. It prices internet and data links up to 1 Gbps, redundant links and public address blocks. It lists cloud memory, virtual processors and storage; Dell physical servers; colocation power, rack units and network points; and network and security equipment. Its management section covers Windows and Red Hat systems, Exchange, Active Directory, file servers, Oracle and Microsoft SQL databases, backup and Hyper-V. Separate hour banks cover consulting, implementation and support.
This is stronger evidence than an undated logo wall because the buyer, supplier, CNPJ, period and service units are visible. It shows that CoreIT could present and price a broad managed-infrastructure service under its own legal identity. The listed totals were estimated ceilings for categories in a price-registration arrangement, not evidence that SENAC ordered every unit or paid the maximum value. The document also says nothing about incident counts, achieved availability, recovery tests or customer satisfaction.
Age is the larger boundary. A 2014 award cannot establish the equipment, staff, carriers or procedures available in 2026. Its value is historical continuity and service specificity. A present buyer should request a current reference with comparable scope, recent availability and restoration reports, and a current asset and software schedule. That would connect the old, detailed service proof to today's broader sales claims.
AS263606 is live, dual-stack and cryptographically authorised
The network is the strongest current evidence attached to CoreIT. RIPEstat's announced-prefix observation saw AS263606 originate 177.136.72.0/23, each of the four component IPv4 /24s from 177.136.72.0/24 through 177.136.75.0/24, and 2804:fd4::/32 throughout July 1-15, 2026. The simultaneous /23 and more-specific /24 announcements overlap, so they must not be added as separate address holdings. Together the IPv4 routes sit inside the single Registro.br /22, which contains 1,024 addresses.
The ASN routing-status view reported all 326 participating IPv4 peers seeing the network and 321 of 322 participating IPv6 peers seeing it at the observation point. It dated the first observed CoreIT origin to September 2013 and reported the most recent route in July 2026. Those observations establish long-lived, widely visible control-plane activity. They do not measure latency, packet loss, congestion, application performance or data-centre uptime.
RIPEstat also reported 13 observed adjacent networks. Several had substantial collector visibility, including AS61832, AS270820, AS263665 and AS270551. Adjacency is useful evidence that CoreIT is not represented by an isolated registration. It is not a carrier invoice, traffic measurement or fibre-path diagram. The direction labels in public route observations describe how paths appeared, not the confidential commercial relationship between the parties.
Route-origin security is a positive part of the record. RIPEstat returned valid for each captured origin: 177.136.72.0/23, the four IPv4 /24s and 2804:fd4::/32. Applicable route-origin authorisations named AS263606 and allowed the observed prefix lengths. That gives networks enforcing origin validation a cryptographic basis to accept these origins.
RPKI does one narrow job. It does not prove that a route follows the intended carrier, that the endpoint is secure, or that a customer workload remains available. It does show that CoreIT has completed a useful piece of internet-resource governance that many small providers leave ambiguous.
The capacity story needs a current topology document
Energy Telecom's cloud and data-centre pages make two unusually specific connectivity claims. They describe a 70 Gb direct link from the CoreIT data centre in Fortaleza to IBM Cloud in Miami and a 170 Gb direct link between Fortaleza and Sao Paulo, both intended for critical projects requiring low latency and security.
Specific numbers are valuable because they can be checked. The public pages do not state whether Gb means installed port speed, aggregate capacity, protected capacity or a design ceiling. They do not identify carriers, circuit count, path separation, utilisation or commissioning dates. A private circuit may also be invisible in public BGP adjacency.
The PeeringDB entry for AS263606 cannot settle the question. It describes a regional cable, DSL or ISP network with an open peering policy, four IPv4 prefixes, no IPv6 prefix, a 100-1000 Mbps traffic band and no listed public exchange or facility connection. But the network details were last updated in July 2022, and the contact details in 2018. Its zero IPv6 count is plainly behind the live IPv6 announcement visible in 2026. Its old traffic band and empty connection tables therefore cannot disprove newer private links.
The right response is verification, not arithmetic. A critical customer should request a current logical topology, the contracted and usable capacity of each path, normal and failure routing, physical entrance diversity, carrier demarcation points, saturation monitoring and recent failover results. The observed BGP network is real. The large private-link claim belongs in the service schedule only after its capacity and dependencies are defined.
A Fortaleza facility does not locate every copy of customer data
CoreIT's legal address, Brazilian resource registration and the group's description of its own Fortaleza data centre support a local operating presence. They do not by themselves prove where a particular customer's primary disk, replica, backup, telemetry or support record will reside.
The cloud offer explicitly includes public and hybrid cloud. It also describes a direct path to IBM Cloud in Miami. Neither fact means customer data must leave Brazil: a link can carry many kinds of traffic, and architecture is customer-specific. They do mean that Brazilian registration cannot be treated as a complete residency promise. Public-cloud regions, recovery copies, management platforms, ticket attachments and security tools each need a location and transfer decision.
The group's privacy policy distinguishes its role as a controller from its role as an operator acting on customer instructions for network and security monitoring. It says contracted operators can include cloud-infrastructure and security-tool providers, and that data may be shared among group entities when needed for integrated service. It also describes multifactor authentication for critical systems, encryption for sensitive and restricted data, continuous monitoring and a formal incident process. The policy identifies a DPO contact and says the group's information-security management system is certified to ISO/IEC 27001:2022.
Those are useful governance statements, but the policy covers personal data handled by the group; it is not a workload-specific hosting schedule. The public page does not name every subprocessor, the geographic location of each service, the certification body or the certificate scope. Buyers should request the certificate and statement of applicability, then build a data map covering production, replicas, backups, logs, monitoring, support and deletion. It should identify the legal entity, location, administrator, encryption-key owner, retention period and exit method for each copy.
Data sovereignty is therefore a property of the purchased design, not of the provider's postal address. CoreIT may be able to deliver a strongly local service, a deliberately international hybrid service or both. The contract must say which one the customer is buying.
Local support becomes assurance only when authority and clocks are visible
The Energy Telecom site presents several signs of a staffed support surface. It links to a service-desk system, publishes separate telephone numbers for the North and Northeast, Southeast and Central-West, and South, and gives a commercial email address. The data-centre and infrastructure pages promise monitoring and support 24 hours a day, every day, while the group page describes geographically distributed operations centres.
For customers in Brazil, that model could offer a practical advantage over a distant cloud queue. Portuguese-language staff in the same legal and commercial environment may coordinate physical access, network changes and application recovery with fewer hand-offs. The older SENAC schedule also shows that CoreIT previously priced dedicated support, implementation and consulting hours alongside infrastructure.
Availability language still needs a clock and an owner. Public pages do not define incident severities, acknowledgement targets, restoration targets, escalation authority, maintenance exclusions or credits. They also do not show how many engineers with network, storage, virtualisation, database and security privileges are available on each shift. Three contact numbers do not prove three independent teams, and multiple operations centres do not by themselves prove that each can take over another's work.
A useful support schedule should name the legal employer or subcontractor for each team, the primary and secondary incident commander, severity definitions, acknowledgement and restoration objectives, clock-pausing rules, customer dependencies and remedies. It should distinguish monitoring from intervention: seeing a failed service is different from having permission and skill to restore it. Customers should test the arrangement through a planned after-hours escalation and a witnessed restore before a production emergency supplies the first rehearsal.
Buy the accountable service, not the reassuring label
CoreIT has a stronger public foundation than its clipped directory name suggests. CNPJ 12.012.908/0001-02 joins the active company, the historical SENAC service award and the authoritative internet-resource record. AS263606 is currently visible over IPv4 and IPv6, and the observed routes have valid origin authorisations. The Energy Telecom pages describe a credible combination of cloud, data-centre, infrastructure, monitoring and recovery work.
The remaining questions arise from breadth, not absence. A group offer can put several legal entities, facilities, carriers, public clouds and support teams behind one commercial conversation. That can reduce coordination for the customer, or it can concentrate control and make accountability harder to trace. The difference lies in the service schedule.
Before committing a critical workload, a buyer should require five current documents: an entity-by-service responsibility matrix; a logical and physical network topology with tested failover; a copy-by-copy data-location and subprocessor map; measured availability, incident and restoration reports; and an exit plan that includes configuration, image, data, key and log exports. The large direct-link figures, round-the-clock support and information-security certification should each be matched to scope and current proof.
DATACENTER, SERV GER E INFRA TI LTDA can reasonably be treated as a network identity for a real Brazilian operator, not a free-floating data-centre label. Its routing record deserves confidence within its technical limits. Operating assurance starts where that record ends: with a named counterparty, a defined control boundary, observable service levels and people authorised to recover the service when automation cannot.

