Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: egwmNMhS+EOYB/ovlW550BSjYi6spA2Ow7AUudwNpwE=
Subject key identifier: D7:B4:51:CD:9B:E4:7A:20:44:14:82:75:D2:57:3C:48:B8:60:11:9D
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 4EBF70D754A4B6F5959B249A015DF40CFA6B433C
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa
Signing time: Thu 14 May 2026 08:32:31 +0000
ROA not before: Thu 14 May 2026 08:27:31 +0000
ROA not after: Thu 13 May 2027 08:32:31 +0000
asID: 396356
IP address blocks: 86.38.32.0/24 maxlen: 24
86.38.185.0/24 maxlen: 24
86.38.186.0/24 maxlen: 24
86.38.241.0/24 maxlen: 24
86.38.248.0/24 maxlen: 24
86.38.250.0/24 maxlen: 24
86.38.252.0/24 maxlen: 24
86.38.254.0/24 maxlen: 24
89.116.99.0/24 maxlen: 24
89.116.112.0/24 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.154.0/24 maxlen: 24
89.116.158.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.223.0/24 maxlen: 24
89.116.248.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.117.80.0/24 maxlen: 24
89.117.83.0/24 maxlen: 24
89.117.89.0/24 maxlen: 24
89.117.90.0/24 maxlen: 24
89.117.91.0/24 maxlen: 24
89.117.101.0/24 maxlen: 24
89.117.105.0/24 maxlen: 24
89.117.106.0/24 maxlen: 24
89.117.107.0/24 maxlen: 24
89.117.113.0/24 maxlen: 24
89.117.114.0/24 maxlen: 24
89.117.118.0/24 maxlen: 24
89.117.142.0/24 maxlen: 24
89.117.143.0/24 maxlen: 24
89.117.159.0/24 maxlen: 24
89.117.173.0/24 maxlen: 24
89.117.174.0/24 maxlen: 24
89.117.175.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.117.216.0/24 maxlen: 24
89.117.227.0/24 maxlen: 24
89.117.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 15:03:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:bf:70:d7:54:a4:b6:f5:95:9b:24:9a:01:5d:f4:0c:fa:6b:43:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: May 14 08:27:31 2026 GMT
Not After : May 13 08:32:31 2027 GMT
Subject: CN=D7B451CD9BE47A2044148275D2573C48B860119D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:20:ca:e6:3f:b1:ef:2b:db:c5:31:b0:b5:e9:
4c:e5:87:c1:19:75:51:ab:fb:31:22:ee:79:65:fc:
09:cb:2e:a2:06:92:d9:77:1a:9e:92:7c:6d:4f:0e:
6b:97:73:e7:16:df:4e:c5:55:34:44:3a:da:03:29:
e8:89:97:c5:40:74:66:92:ce:9e:02:bc:1a:3f:a4:
33:7b:41:11:8a:c2:d1:f1:e6:b1:5d:14:df:5e:73:
c4:2c:5b:0d:14:2d:9a:fb:b5:fc:00:8b:99:1f:12:
d9:ec:15:d9:a3:3a:ed:50:1c:96:8f:6e:93:d4:da:
1f:88:dd:c0:db:6d:e3:8d:e2:cb:7b:27:f4:5c:42:
ed:b7:ca:5f:d6:db:46:e4:6a:87:1a:69:96:d4:0f:
a9:35:34:1b:67:00:55:63:27:16:b3:ab:11:da:57:
53:a3:a4:28:15:5d:90:b7:52:22:ff:b1:2b:50:8b:
95:b7:f5:c5:54:3e:1e:0a:da:15:b1:97:f8:40:b7:
8f:99:86:a7:8f:44:cf:63:97:25:10:60:91:33:99:
ce:9b:d8:b6:e4:e4:6a:89:1d:e8:01:e8:6b:3a:3d:
e7:e1:f3:77:96:c3:d3:53:a9:8b:03:81:2d:3f:c9:
18:e5:be:ed:d4:70:93:b3:57:2c:bb:d6:7a:c0:d3:
eb:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B4:51:CD:9B:E4:7A:20:44:14:82:75:D2:57:3C:48:B8:60:11:9D
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.32.0/24
86.38.185.0-86.38.186.255
86.38.241.0/24
86.38.248.0/24
86.38.250.0/24
86.38.252.0/24
86.38.254.0/24
89.116.99.0/24
89.116.112.0/24
89.116.132.0/24
89.116.154.0/24
89.116.158.0/24
89.116.166.0/24
89.116.218.0/24
89.116.223.0/24
89.116.248.0/24
89.116.253.0/24
89.117.80.0/24
89.117.83.0/24
89.117.89.0-89.117.91.255
89.117.101.0/24
89.117.105.0-89.117.107.255
89.117.113.0-89.117.114.255
89.117.118.0/24
89.117.142.0/23
89.117.159.0/24
89.117.173.0-89.117.175.255
89.117.190.0/24
89.117.216.0/24
89.117.227.0/24
89.117.254.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:4b:d5:fc:69:b2:b5:fd:d1:dd:ea:99:52:0e:ee:22:73:99:
8d:03:c3:67:2e:ac:71:ae:1f:69:58:0b:b9:49:e0:c5:b0:30:
46:66:bb:7c:80:45:be:73:67:26:5e:98:6e:a6:02:8e:bf:20:
27:3f:5c:a8:68:10:2c:8c:03:7a:39:00:10:e9:09:02:d7:4f:
e6:7b:da:d2:ae:0b:70:e1:f4:4e:7f:56:05:57:19:9b:4c:82:
77:37:83:90:6f:b4:bd:cc:9c:cf:4f:0f:9f:69:77:bf:30:a5:
6f:06:5c:f6:31:35:b1:c0:7f:f0:41:81:df:97:e4:f4:f1:6d:
a0:fa:6d:c4:b6:24:68:19:20:85:22:a2:7f:aa:f4:e4:7f:d9:
74:e9:8d:3b:3a:fd:96:4d:2d:9f:36:5a:33:39:21:df:40:36:
b2:2d:45:80:28:74:90:ec:8b:bf:ce:ef:cd:40:03:eb:b8:86:
01:24:83:29:d9:b4:4c:95:36:a7:ee:94:ad:ad:e8:b7:db:33:
2a:7b:ab:88:3f:fe:2e:ff:9d:e7:b4:1c:10:89:2f:c5:51:e5:
d5:c3:19:fb:be:80:1f:5d:7a:ee:46:7f:10:69:1a:28:60:66:
83:5a:f5:c3:0d:d9:ec:87:d5:0f:e6:f2:d4:1b:c9:8c:19:73:
87:3c:45:e9
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgIUTr9w11SktvWVmySaAV30DPprQzwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNjA1MTQwODI3MzFaFw0yNzA1MTMwODMyMzFaMDMxMTAvBgNV
BAMTKEQ3QjQ1MUNEOUJFNDdBMjA0NDE0ODI3NUQyNTczQzQ4Qjg2MDExOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/IMrmP7HvK9vFMbC16Uzlh8EZ
dVGr+zEi7nll/AnLLqIGktl3Gp6SfG1PDmuXc+cW307FVTREOtoDKeiJl8VAdGaS
zp4CvBo/pDN7QRGKwtHx5rFdFN9ec8QsWw0ULZr7tfwAi5kfEtnsFdmjOu1QHJaP
bpPU2h+I3cDbbeON4st7J/RcQu23yl/W20bkaocaaZbUD6k1NBtnAFVjJxazqxHa
V1OjpCgVXZC3UiL/sStQi5W39cVUPh4K2hWxl/hAt4+ZhqePRM9jlyUQYJEzmc6b
2Lbk5GqJHegB6Gs6Pefh83eWw9NTqYsDgS0/yRjlvu3UcJOzVyy71nrA0+ujAgMB
AAGjggMQMIIDDDAdBgNVHQ4EFgQU17RRzZvkeiBEFIJ10lc8SLhgEZ0wHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzM5NjM1Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjCB/wYIKwYBBQUHAQcBAf8Ege8wgewwgekEAgABMIHiAwQAViYgMAwDBABW
JrkDBABWJroDBABWJvEDBABWJvgDBABWJvoDBABWJvwDBABWJv4DBABZdGMDBABZ
dHADBABZdIQDBABZdJoDBABZdJ4DBABZdKYDBABZdNoDBABZdN8DBABZdPgDBABZ
dP0DBABZdVADBABZdVMwDAMEAFl1WQMEAll1WAMEAFl1ZTAMAwQAWXVpAwQCWXVo
MAwDBABZdXEDBABZdXIDBABZdXYDBAFZdY4DBABZdZ8wDAMEAFl1rQMEBFl1oAME
AFl1vgMEAFl12AMEAFl14wMEAFl1/jANBgkqhkiG9w0BAQsFAAOCAQEAD0vV/Gmy
tf3R3eqZUg7uInOZjQPDZy6sca4faVgLuUngxbAwRma7fIBFvnNnJl6YbqYCjr8g
Jz9cqGgQLIwDejkAEOkJAtdP5nva0q4LcOH0Tn9WBVcZm0yCdzeDkG+0vcycz08P
n2l3vzClbwZc9jE1scB/8EGB35fk9PFtoPptxLYkaBkghSKif6r05H/ZdOmNOzr9
lk0tnzZaMzkh30A2si1FgCh0kOyLv87vzUAD67iGASSDKdm0TJU2p+6Ura3ot9sz
KnuriD/+Lv+d57QcEIkvxVHl1cMZ+76AH1167kZ/EGkaKGBmg1r1ww3Z7IfVD+by
1BvJjBlzhzxF6Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:40:11 2026 by rpki-client