$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209242.roa File: AS209242.roa (raw, json) Hash identifier: 90SO4p2BAMAlaG0CnRvr1a5Nuh9ZZlaYzcn6zfxtbps= Subject key identifier: BB:B7:33:4A:0E:8E:ED:BF:62:15:55:D0:07:D3:86:BD:87:C9:EB:F2 Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 217D970008623BFAD78A13FC221D0B6FAE56EC62 Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209242.roa Signing time: Fri 11 Apr 2025 11:18:06 +0000 ROA not before: Fri 11 Apr 2025 11:13:06 +0000 ROA not after: Fri 10 Apr 2026 11:18:06 +0000 asID: 209242 IP address blocks: 86.38.214.0/24 maxlen: 24 89.116.46.0/23 maxlen: 24 89.116.161.0/24 maxlen: 24 89.116.180.0/24 maxlen: 24 89.116.252.0/24 maxlen: 24 89.117.84.0/24 maxlen: 24 89.117.112.0/24 maxlen: 24 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 27 Apr 2025 01:58:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:7d:97:00:08:62:3b:fa:d7:8a:13:fc:22:1d:0b:6f:ae:56:ec:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: Apr 11 11:13:06 2025 GMT Not After : Apr 10 11:18:06 2026 GMT Subject: CN=BBB7334A0E8EEDBF621555D007D386BD87C9EBF2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:eb:a8:f2:ae:49:18:c3:58:43:da:c1:15:de: 32:42:35:55:08:58:ab:d8:0b:d2:b1:04:c8:d2:b8: e2:85:de:8b:5d:ae:4f:3f:7a:7a:64:d8:6f:80:62: e8:6f:cb:d8:0f:f4:88:5a:56:9c:4e:a0:1a:61:99: c5:1c:ed:89:f0:5d:47:5e:42:cc:a2:8c:d9:c0:a7: de:98:71:10:a6:e3:31:e1:3a:e3:ea:44:32:90:73: 85:ff:e2:a9:1d:07:68:7a:0f:08:d6:f8:a2:f0:2b: 9a:4d:cc:ef:67:05:6f:71:b2:f1:20:56:87:f4:03: 86:3f:0f:d3:45:c9:1b:ce:3c:c6:df:81:6b:f7:56: 61:81:66:8a:b7:99:90:e5:7d:37:65:f4:79:29:62: 70:9d:e7:18:20:7d:67:03:81:4f:41:32:33:b1:6a: 04:5e:ce:31:ed:c4:0b:3b:84:cf:b2:e2:b0:78:37: 60:c8:9d:cb:36:96:e4:d0:9e:9e:94:b2:b1:8c:e1: 76:6b:b7:c8:00:32:75:35:bc:29:f7:2d:b4:09:71: e5:36:b2:99:65:79:bb:4e:e3:48:69:1f:a3:61:fd: 51:a9:03:94:c5:0e:9b:b4:13:2d:8e:de:2e:4a:55: db:b2:9e:40:3a:a7:a9:b6:63:b0:1a:e5:12:98:1d: 8a:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:B7:33:4A:0E:8E:ED:BF:62:15:55:D0:07:D3:86:BD:87:C9:EB:F2 X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209242.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.38.214.0/24 89.116.46.0/23 89.116.161.0/24 89.116.180.0/24 89.116.252.0/24 89.117.84.0/24 89.117.112.0/24 Signature Algorithm: sha256WithRSAEncryption d7:62:03:7f:03:eb:3d:70:50:08:1f:25:6e:1e:1e:ec:86:b2: 47:a9:be:af:50:0c:01:81:76:8e:5b:5f:96:29:b5:a5:61:ba: 36:bc:f9:66:47:ac:f9:2f:16:be:f8:5e:07:54:33:0c:93:a7: b4:07:a7:c4:17:4c:8a:d0:1c:d0:7a:e0:5f:e9:39:c3:c2:1d: 0c:66:ba:31:20:0c:21:3b:26:98:c8:47:4d:14:7d:11:c7:01: 7c:96:25:79:d9:77:48:41:d4:69:c9:82:d2:4d:38:d4:1e:4f: f8:1c:f7:77:4e:08:c9:2c:08:d8:8c:69:27:4b:54:9c:b4:89: 08:44:a8:8f:ad:ba:1a:7f:e1:a8:fc:c5:7f:2f:20:90:02:41: 27:15:7a:57:0c:12:d0:1e:67:bc:d3:74:f2:f7:b6:78:e2:9b: 86:82:52:df:28:02:cf:eb:66:87:df:d9:d2:f4:6f:e3:99:44: bd:89:97:b4:55:a2:a2:d7:dc:83:b6:05:45:2d:ca:29:b6:45: 92:f6:81:ec:60:3d:40:10:d8:39:5c:a0:a8:a2:a7:32:1a:97: de:f5:5b:55:f1:fc:e0:80:97:b1:4b:fb:44:4f:2e:a1:21:f2: 9d:99:6c:cc:5a:7d:a0:5b:39:23:6f:27:1d:a1:c9:15:08:70: b2:1a:0f:af -----BEGIN CERTIFICATE----- MIIFSTCCBDGgAwIBAgIUIX2XAAhiO/rXihP8Ih0Lb65W7GIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNTA0MTExMTEzMDZaFw0yNjA0MTAxMTE4MDZaMDMxMTAvBgNV BAMTKEJCQjczMzRBMEU4RUVEQkY2MjE1NTVEMDA3RDM4NkJEODdDOUVCRjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu66jyrkkYw1hD2sEV3jJCNVUI WKvYC9KxBMjSuOKF3otdrk8/enpk2G+AYuhvy9gP9IhaVpxOoBphmcUc7YnwXUde QsyijNnAp96YcRCm4zHhOuPqRDKQc4X/4qkdB2h6DwjW+KLwK5pNzO9nBW9xsvEg Vof0A4Y/D9NFyRvOPMbfgWv3VmGBZoq3mZDlfTdl9HkpYnCd5xggfWcDgU9BMjOx agRezjHtxAs7hM+y4rB4N2DIncs2luTQnp6UsrGM4XZrt8gAMnU1vCn3LbQJceU2 spllebtO40hpH6Nh/VGpA5TFDpu0Ey2O3i5KVduynkA6p6m2Y7Aa5RKYHYqXAgMB AAGjggJTMIICTzAdBgNVHQ4EFgQUu7czSg6O7b9iFVXQB9OGvYfJ6/IwHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzIwOTI0Mi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAFYm1gMEAVl0LgMEAFl0 oQMEAFl0tAMEAFl0/AMEAFl1VAMEAFl1cDANBgkqhkiG9w0BAQsFAAOCAQEA12ID fwPrPXBQCB8lbh4e7IayR6m+r1AMAYF2jltflim1pWG6Nrz5Zkes+S8WvvheB1Qz DJOntAenxBdMitAc0HrgX+k5w8IdDGa6MSAMITsmmMhHTRR9EccBfJYledl3SEHU acmC0k041B5P+Bz3d04IySwI2IxpJ0tUnLSJCESoj626Gn/hqPzFfy8gkAJBJxV6 VwwS0B5nvNN08ve2eOKbhoJS3ygCz+tmh9/Z0vRv45lEvYmXtFWiotfcg7YFRS3K KbZFkvaB7GA9QBDYOVygqKKnMhqX3vVbVfH84ICXsUv7RE8uoSHynZlszFp9oFs5 I28nHaHJFQhwshoPrw== -----END CERTIFICATE-----Generated at Sat Apr 26 15:01:47 2025 by rpki-client