Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: X/XNexd0W/P5wVtc0RR6rnS8pTcr45T8vPv/jUwc73c=
Subject key identifier: D5:29:4D:6C:35:A1:13:6D:48:47:31:7D:77:0B:06:2B:89:BC:11:C3
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 68DC4F4000E79DCC031B515CF3FED73BF82CE8D2
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
Signing time: Fri 13 Jun 2025 11:01:13 +0000
ROA not before: Fri 13 Jun 2025 10:56:13 +0000
ROA not after: Fri 12 Jun 2026 11:01:13 +0000
asID: 212238
IP address blocks: 82.140.182.0/24 maxlen: 24
82.140.183.0/24 maxlen: 24
84.46.171.0/24 maxlen: 24
84.46.237.0/24 maxlen: 24
84.46.238.0/24 maxlen: 24
86.38.5.0/24 maxlen: 24
86.38.177.0/24 maxlen: 24
86.38.180.0/24 maxlen: 24
86.38.181.0/24 maxlen: 24
86.38.187.0/24 maxlen: 24
86.38.219.0/24 maxlen: 24
86.38.247.0/24 maxlen: 24
89.116.8.0/22 maxlen: 22
89.116.56.0/24 maxlen: 24
89.116.65.0/24 maxlen: 24
89.116.66.0/24 maxlen: 24
89.116.67.0/24 maxlen: 24
89.116.75.0/24 maxlen: 24
89.116.103.0/24 maxlen: 24
89.116.168.0/24 maxlen: 24
89.116.169.0/24 maxlen: 24
89.116.183.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.13.0/24 maxlen: 24
89.117.41.0/24 maxlen: 24
89.117.84.0/24 maxlen: 24
89.117.95.0/24 maxlen: 24
89.117.97.0/24 maxlen: 24
89.117.98.0/24 maxlen: 24
89.117.99.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.111.0/24 maxlen: 24
89.117.121.0/24 maxlen: 24
89.117.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 14:38:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:dc:4f:40:00:e7:9d:cc:03:1b:51:5c:f3:fe:d7:3b:f8:2c:e8:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: Jun 13 10:56:13 2025 GMT
Not After : Jun 12 11:01:13 2026 GMT
Subject: CN=D5294D6C35A1136D4847317D770B062B89BC11C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6d:d8:28:63:3e:48:71:17:89:2f:99:8a:f3:
30:41:77:c2:b1:59:a3:1e:9a:6f:8f:55:56:12:e3:
a8:71:16:92:df:8a:d7:13:a8:44:89:76:8f:4c:05:
72:c0:a0:d5:26:ff:76:55:b6:59:c1:1e:eb:ec:20:
4a:a2:f0:1f:63:25:ca:37:87:86:e6:26:a6:43:0a:
cd:0e:0f:22:fe:b9:a8:27:0a:a6:52:8e:2c:a5:73:
dd:4b:7b:65:ab:1b:ff:bd:23:29:09:89:2c:40:73:
9f:0c:fa:80:aa:fb:5f:ee:4b:d2:8f:a4:d2:2e:ca:
88:c5:2a:fa:1e:af:c1:ed:98:9f:9b:8d:b8:bf:6e:
c7:e6:55:41:7b:d4:5d:71:30:b2:2c:c6:09:41:b1:
2f:0d:3d:7d:99:91:c6:57:39:80:9b:b2:2a:7e:cc:
de:ef:8a:53:8e:02:e2:52:6e:53:ef:07:df:95:7f:
4a:f7:cb:c2:7a:cd:41:ce:aa:50:55:0c:e8:ef:d2:
b8:a4:5a:d2:e9:0d:2c:d3:1a:f2:32:9a:b4:f3:60:
74:ea:20:5c:7b:57:f7:b2:a7:d3:94:c3:a8:c1:1f:
1e:3b:ea:06:02:ce:d6:8d:b3:e3:9e:cc:1d:68:fd:
ac:d8:7d:80:95:69:90:85:d6:6f:98:42:00:e9:2a:
ae:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:29:4D:6C:35:A1:13:6D:48:47:31:7D:77:0B:06:2B:89:BC:11:C3
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.182.0/23
84.46.171.0/24
84.46.237.0-84.46.238.255
86.38.5.0/24
86.38.177.0/24
86.38.180.0/23
86.38.187.0/24
86.38.219.0/24
86.38.247.0/24
89.116.8.0/22
89.116.56.0/24
89.116.65.0-89.116.67.255
89.116.75.0/24
89.116.103.0/24
89.116.168.0/23
89.116.183.0/24
89.116.255.0/24
89.117.13.0/24
89.117.41.0/24
89.117.84.0/24
89.117.95.0/24
89.117.97.0-89.117.99.255
89.117.109.0/24
89.117.111.0/24
89.117.121.0-89.117.122.255
Signature Algorithm: sha256WithRSAEncryption
b8:fa:05:ea:ab:00:11:63:17:54:85:1e:bf:a5:5c:d3:49:b7:
85:a0:a7:bd:ae:5c:5e:38:c5:e3:eb:24:27:14:32:46:ad:c2:
bb:ed:00:fa:66:a8:f1:56:cf:45:2f:c1:1c:04:fc:bb:c4:3e:
f7:84:ac:f6:17:33:9f:f7:e7:75:4b:1d:ab:37:5b:b8:77:b8:
04:12:1b:42:fc:98:ff:ac:30:4e:56:c3:b2:c7:2d:74:3f:79:
b5:78:6b:9a:d5:7f:4b:60:6e:ae:b2:a1:6a:24:f9:bc:fc:d0:
2b:cf:b3:77:68:de:51:87:ef:85:e6:76:b7:9f:41:70:ea:84:
6a:8f:ef:af:d5:bc:71:80:50:84:ad:2c:8a:f4:4e:01:c0:14:
ac:0c:cf:9e:82:0d:8a:a6:4b:df:1b:fa:18:b9:b6:ea:47:58:
0a:12:11:0e:da:e1:15:fa:97:15:5d:52:1a:f2:1e:cd:08:ee:
f7:63:54:99:87:34:15:aa:e7:df:20:2e:1f:00:04:75:3b:88:
d6:8c:ba:56:23:8e:70:3b:62:cd:84:55:74:fc:31:68:fe:e5:
68:22:0c:b7:ca:22:2a:48:a2:1b:81:27:0e:b0:50:24:4e:6b:
58:3d:5b:48:08:59:94:fa:09:25:14:ca:79:2d:bf:0a:c2:9a:
ee:91:ad:f5
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgIUaNxPQADnncwDG1Fc8/7XO/gs6NIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNTA2MTMxMDU2MTNaFw0yNjA2MTIxMTAxMTNaMDMxMTAvBgNV
BAMTKEQ1Mjk0RDZDMzVBMTEzNkQ0ODQ3MzE3RDc3MEIwNjJCODlCQzExQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbbdgoYz5IcReJL5mK8zBBd8Kx
WaMemm+PVVYS46hxFpLfitcTqESJdo9MBXLAoNUm/3ZVtlnBHuvsIEqi8B9jJco3
h4bmJqZDCs0ODyL+uagnCqZSjiylc91Le2WrG/+9IykJiSxAc58M+oCq+1/uS9KP
pNIuyojFKvoer8HtmJ+bjbi/bsfmVUF71F1xMLIsxglBsS8NPX2ZkcZXOYCbsip+
zN7vilOOAuJSblPvB9+Vf0r3y8J6zUHOqlBVDOjv0rikWtLpDSzTGvIymrTzYHTq
IFx7V/eyp9OUw6jBHx476gYCztaNs+OezB1o/azYfYCVaZCF1m+YQgDpKq7RAgMB
AAGjggLkMIIC4DAdBgNVHQ4EFgQU1SlNbDWhE21IRzF9dwsGK4m8EcMwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzIxMjIzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjCB0wYIKwYBBQUHAQcBAf8EgcMwgcAwgb0EAgABMIG2AwQBUoy2AwQAVC6r
MAwDBABULu0DBABULu4DBABWJgUDBABWJrEDBAFWJrQDBABWJrsDBABWJtsDBABW
JvcDBAJZdAgDBABZdDgwDAMEAFl0QQMEAll0QAMEAFl0SwMEAFl0ZwMEAVl0qAME
AFl0twMEAFl0/wMEAFl1DQMEAFl1KQMEAFl1VAMEAFl1XzAMAwQAWXVhAwQCWXVg
AwQAWXVtAwQAWXVvMAwDBABZdXkDBABZdXowDQYJKoZIhvcNAQELBQADggEBALj6
BeqrABFjF1SFHr+lXNNJt4Wgp72uXF44xePrJCcUMkatwrvtAPpmqPFWz0UvwRwE
/LvEPveErPYXM5/353VLHas3W7h3uAQSG0L8mP+sME5Ww7LHLXQ/ebV4a5rVf0tg
bq6yoWok+bz80CvPs3do3lGH74XmdrefQXDqhGqP76/VvHGAUIStLIr0TgHAFKwM
z56CDYqmS98b+hi5tupHWAoSEQ7a4RX6lxVdUhryHs0I7vdjVJmHNBWq598gLh8A
BHU7iNaMulYjjnA7Ys2EVXT8MWj+5WgiDLfKIipIohuBJw6wUCROa1g9W0gIWZT6
CSUUynktvwrCmu6RrfU=
-----END CERTIFICATE-----
Generated at Sat Jun 14 04:48:01 2025 by rpki-client