Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: Gj4jl0UAb4/RhWDZ3ty7+6MfpT/bKZoYd6JGczkB2ls=
Subject key identifier: C8:64:F0:52:1B:BC:FA:2F:27:F1:7E:8C:61:03:65:84:3E:41:63:FA
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 5644914BF1CA2D8FEDBED96ECB1A2F497F564FC3
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
Signing time: Sun 20 Apr 2025 03:16:51 +0000
ROA not before: Sun 20 Apr 2025 03:11:51 +0000
ROA not after: Sun 19 Apr 2026 03:16:51 +0000
asID: 212238
IP address blocks: 82.140.182.0/24 maxlen: 24
84.46.171.0/24 maxlen: 24
84.46.237.0/24 maxlen: 24
84.46.238.0/24 maxlen: 24
86.38.5.0/24 maxlen: 24
86.38.177.0/24 maxlen: 24
86.38.180.0/24 maxlen: 24
86.38.181.0/24 maxlen: 24
86.38.219.0/24 maxlen: 24
86.38.247.0/24 maxlen: 24
89.116.8.0/22 maxlen: 22
89.116.56.0/24 maxlen: 24
89.116.65.0/24 maxlen: 24
89.116.66.0/24 maxlen: 24
89.116.67.0/24 maxlen: 24
89.116.75.0/24 maxlen: 24
89.116.103.0/24 maxlen: 24
89.116.168.0/24 maxlen: 24
89.116.169.0/24 maxlen: 24
89.116.183.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.13.0/24 maxlen: 24
89.117.41.0/24 maxlen: 24
89.117.95.0/24 maxlen: 24
89.117.97.0/24 maxlen: 24
89.117.98.0/24 maxlen: 24
89.117.99.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.111.0/24 maxlen: 24
89.117.121.0/24 maxlen: 24
89.117.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 01:58:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:44:91:4b:f1:ca:2d:8f:ed:be:d9:6e:cb:1a:2f:49:7f:56:4f:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: Apr 20 03:11:51 2025 GMT
Not After : Apr 19 03:16:51 2026 GMT
Subject: CN=C864F0521BBCFA2F27F17E8C610365843E4163FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6e:0f:5a:d6:9e:5a:e0:21:72:6d:ac:a1:b9:
79:32:ff:00:11:75:48:bd:21:b6:1c:21:33:1b:5c:
fd:25:82:ee:de:1b:22:80:a3:b6:47:56:e0:af:f0:
54:66:ad:7f:06:cb:99:ff:a5:d5:fd:0a:23:7a:ea:
57:4b:62:5b:22:5e:cf:6f:62:cc:bb:6e:1f:44:d3:
62:ee:85:07:20:34:bd:b8:bc:27:d9:76:c5:6e:c5:
8e:db:ff:da:9b:66:c4:6b:d0:10:42:47:ce:01:61:
25:3a:7e:d4:e3:a1:f7:eb:e4:a1:cc:58:66:6f:6f:
94:fd:45:4f:6d:dc:41:7f:cf:d3:13:54:3b:eb:c1:
e4:51:c7:94:a0:92:76:c1:0f:be:99:c9:09:89:00:
3a:84:27:db:e7:44:d6:1d:c8:e3:78:53:d2:20:68:
04:cb:67:99:f4:ad:a3:3b:10:90:05:ec:c5:1d:f2:
2b:2f:b1:76:de:90:b1:7c:4c:85:63:a9:8c:9a:46:
41:79:67:5f:2e:27:c2:72:17:5a:be:b1:57:04:fe:
0b:93:95:b3:fa:04:1a:30:ca:83:fe:6e:71:39:33:
ee:ea:8f:6f:25:3f:13:bd:f7:d4:b2:9a:03:78:2b:
67:ed:a7:9a:de:0d:17:f0:8a:c8:d9:3b:da:bb:62:
06:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:64:F0:52:1B:BC:FA:2F:27:F1:7E:8C:61:03:65:84:3E:41:63:FA
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.182.0/24
84.46.171.0/24
84.46.237.0-84.46.238.255
86.38.5.0/24
86.38.177.0/24
86.38.180.0/23
86.38.219.0/24
86.38.247.0/24
89.116.8.0/22
89.116.56.0/24
89.116.65.0-89.116.67.255
89.116.75.0/24
89.116.103.0/24
89.116.168.0/23
89.116.183.0/24
89.116.255.0/24
89.117.13.0/24
89.117.41.0/24
89.117.95.0/24
89.117.97.0-89.117.99.255
89.117.109.0/24
89.117.111.0/24
89.117.121.0-89.117.122.255
Signature Algorithm: sha256WithRSAEncryption
85:cd:7c:5a:66:43:ac:be:5f:c4:9c:94:cb:74:e0:79:38:b2:
73:92:a2:93:b6:6a:db:af:ea:f8:3c:2e:c5:bd:c4:ed:7f:ea:
9e:e6:a0:cf:96:b5:42:8c:dd:c3:39:2d:9b:82:10:7a:01:6f:
ff:82:d0:3a:05:64:e3:e4:14:18:26:6a:1a:f9:ed:b4:2f:d8:
40:8a:28:63:2a:a2:b2:c9:dd:fc:8c:62:de:26:10:dc:3a:45:
c8:5c:8d:d7:d6:a1:c8:a1:c4:87:7b:ea:5b:32:b4:18:8a:bc:
ae:60:e8:1d:a0:ec:f0:99:02:77:36:c7:6d:d1:b7:5a:a2:30:
f4:7e:fa:f9:e2:a5:5a:22:94:01:9b:f4:dc:71:7a:a9:e3:99:
f9:35:b1:4c:d5:a8:2d:0e:62:6a:79:f7:4f:46:0e:5d:a8:45:
e9:d8:00:53:3f:99:a9:e5:65:82:b5:1c:36:4a:f1:b6:3d:ad:
72:50:1c:9b:1a:2d:b5:54:3b:7f:35:8a:ca:f2:f2:db:cc:d7:
0f:44:f6:0b:0f:a4:d5:af:ae:44:5d:a9:62:3a:9d:cc:73:f0:
38:4d:4b:e1:5a:77:19:29:7b:5f:09:54:18:fd:a7:dc:37:17:
36:1d:16:10:7b:18:d1:00:36:1d:cd:75:f7:5c:f6:62:1b:db:
9c:d3:a7:0a
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgIUVkSRS/HKLY/tvtluyxovSX9WT8MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNTA0MjAwMzExNTFaFw0yNjA0MTkwMzE2NTFaMDMxMTAvBgNV
BAMTKEM4NjRGMDUyMUJCQ0ZBMkYyN0YxN0U4QzYxMDM2NTg0M0U0MTYzRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClbg9a1p5a4CFybayhuXky/wAR
dUi9IbYcITMbXP0lgu7eGyKAo7ZHVuCv8FRmrX8Gy5n/pdX9CiN66ldLYlsiXs9v
Ysy7bh9E02LuhQcgNL24vCfZdsVuxY7b/9qbZsRr0BBCR84BYSU6ftTjoffr5KHM
WGZvb5T9RU9t3EF/z9MTVDvrweRRx5SgknbBD76ZyQmJADqEJ9vnRNYdyON4U9Ig
aATLZ5n0raM7EJAF7MUd8isvsXbekLF8TIVjqYyaRkF5Z18uJ8JyF1q+sVcE/guT
lbP6BBowyoP+bnE5M+7qj28lPxO999SymgN4K2ftp5reDRfwisjZO9q7YgbbAgMB
AAGjggLYMIIC1DAdBgNVHQ4EFgQUyGTwUhu8+i8n8X6MYQNlhD5BY/owHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzIxMjIzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjCBxwYIKwYBBQUHAQcBAf8EgbcwgbQwgbEEAgABMIGqAwQAUoy2AwQAVC6r
MAwDBABULu0DBABULu4DBABWJgUDBABWJrEDBAFWJrQDBABWJtsDBABWJvcDBAJZ
dAgDBABZdDgwDAMEAFl0QQMEAll0QAMEAFl0SwMEAFl0ZwMEAVl0qAMEAFl0twME
AFl0/wMEAFl1DQMEAFl1KQMEAFl1XzAMAwQAWXVhAwQCWXVgAwQAWXVtAwQAWXVv
MAwDBABZdXkDBABZdXowDQYJKoZIhvcNAQELBQADggEBAIXNfFpmQ6y+X8SclMt0
4Hk4snOSopO2atuv6vg8LsW9xO1/6p7moM+WtUKM3cM5LZuCEHoBb/+C0DoFZOPk
FBgmahr57bQv2ECKKGMqorLJ3fyMYt4mENw6RchcjdfWocihxId76lsytBiKvK5g
6B2g7PCZAnc2x23Rt1qiMPR++vnipVoilAGb9Nxxeqnjmfk1sUzVqC0OYmp5909G
Dl2oRenYAFM/manlZYK1HDZK8bY9rXJQHJsaLbVUO381isry8tvM1w9E9gsPpNWv
rkRdqWI6ncxz8DhNS+Fadxkpe18JVBj9p9w3FzYdFhB7GNEANh3Ndfdc9mIb25zT
pwo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:01:50 2025 by rpki-client