Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: gr4s1hVVnCHh5vAbUmfHQ9QQC6xojYdDNrBrQglTg7Y=
Subject key identifier: FE:EA:01:E5:D7:89:AC:C1:E7:FD:D8:51:D9:6A:CC:72:EF:94:C3:3E
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 08AC120CD014A27C60423A935E94A4C41C0ABF43
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa
Signing time: Tue 15 Apr 2025 20:58:52 +0000
ROA not before: Tue 15 Apr 2025 20:53:52 +0000
ROA not after: Tue 14 Apr 2026 20:58:52 +0000
asID: 396356
IP address blocks: 86.38.32.0/24 maxlen: 24
86.38.185.0/24 maxlen: 24
86.38.186.0/24 maxlen: 24
86.38.241.0/24 maxlen: 24
89.116.99.0/24 maxlen: 24
89.116.112.0/24 maxlen: 24
89.116.131.0/24 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.154.0/24 maxlen: 24
89.116.158.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.223.0/24 maxlen: 24
89.116.248.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.117.89.0/24 maxlen: 24
89.117.90.0/24 maxlen: 24
89.117.101.0/24 maxlen: 24
89.117.113.0/24 maxlen: 24
89.117.114.0/24 maxlen: 24
89.117.118.0/24 maxlen: 24
89.117.142.0/24 maxlen: 24
89.117.143.0/24 maxlen: 24
89.117.159.0/24 maxlen: 24
89.117.173.0/24 maxlen: 24
89.117.174.0/24 maxlen: 24
89.117.175.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.117.216.0/24 maxlen: 24
89.117.227.0/24 maxlen: 24
89.117.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 01:58:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:ac:12:0c:d0:14:a2:7c:60:42:3a:93:5e:94:a4:c4:1c:0a:bf:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: Apr 15 20:53:52 2025 GMT
Not After : Apr 14 20:58:52 2026 GMT
Subject: CN=FEEA01E5D789ACC1E7FDD851D96ACC72EF94C33E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f0:88:a4:aa:ca:c9:7a:0b:1c:5d:51:47:b9:
7b:64:aa:2f:54:b7:6d:44:25:5f:be:0a:c1:ec:15:
33:1b:76:83:4d:ef:69:f9:2e:c0:d6:c3:f4:00:8a:
5f:f9:4b:46:69:93:6b:56:f2:df:9c:5a:36:21:05:
6c:2f:7c:72:3e:27:4f:43:08:d2:9b:61:6f:cb:3c:
a5:a3:67:47:a5:0a:d3:6c:f0:ab:8f:69:8a:95:e1:
f0:cc:a4:84:de:20:28:88:cd:cf:a5:94:be:31:1d:
c9:f2:0e:47:5b:d5:c6:be:d7:11:fe:a9:46:8d:63:
65:80:98:81:74:33:7a:d9:1b:5e:af:ec:0e:3e:e6:
a5:e1:2f:1d:5e:83:24:55:5c:b9:57:79:a4:11:c5:
a9:ba:2a:46:d4:e5:34:8f:3e:29:2e:cb:2e:85:68:
a6:03:73:29:dc:3b:b7:99:fb:51:26:3e:0a:84:ad:
a7:ed:b7:65:a3:4f:c6:4a:22:dc:63:2e:28:6f:bc:
7f:ad:d1:e6:a8:3c:9f:31:35:29:d9:46:f2:b1:26:
75:d8:99:d3:27:b9:fb:f5:ab:91:fc:24:f9:05:ee:
24:7e:12:6b:8d:46:32:f0:b2:b3:26:2f:8a:47:32:
5c:c4:92:f2:9d:2d:6b:66:aa:9f:74:c2:91:3e:51:
f3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:EA:01:E5:D7:89:AC:C1:E7:FD:D8:51:D9:6A:CC:72:EF:94:C3:3E
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.32.0/24
86.38.185.0-86.38.186.255
86.38.241.0/24
89.116.99.0/24
89.116.112.0/24
89.116.131.0-89.116.132.255
89.116.154.0/24
89.116.158.0/24
89.116.166.0/24
89.116.218.0/24
89.116.223.0/24
89.116.248.0/24
89.116.253.0/24
89.117.89.0-89.117.90.255
89.117.101.0/24
89.117.113.0-89.117.114.255
89.117.118.0/24
89.117.142.0/23
89.117.159.0/24
89.117.173.0-89.117.175.255
89.117.190.0/24
89.117.216.0/24
89.117.227.0/24
89.117.254.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:84:94:e7:5a:61:d7:2b:82:8e:6d:3b:1c:a8:89:bf:30:66:
94:23:c8:35:fc:b6:c4:68:aa:7e:a6:1e:da:31:d4:3f:58:5e:
68:c2:43:7c:97:65:3c:6b:86:a7:4f:25:b1:b8:b0:0c:78:f6:
88:e5:f8:a3:5d:10:19:7d:98:7e:be:2f:c4:c2:8b:a1:b3:87:
73:36:b1:a5:64:d8:64:a8:3b:04:39:5f:23:f0:6b:29:16:94:
a1:1c:a0:a4:c3:3b:bc:b0:08:27:26:08:81:ab:db:29:f5:6b:
9a:c2:3a:39:ba:ec:d5:bb:88:01:ee:9f:d5:68:ca:a7:78:05:
2d:8a:15:cb:8c:21:e4:67:d4:66:5c:2b:d3:47:04:01:5d:2d:
14:d2:81:90:99:05:da:7a:8b:fd:59:86:f8:14:44:cb:14:1b:
98:8d:73:ad:ea:cc:e9:30:7a:d3:20:dd:94:9b:db:5d:52:08:
30:ab:d4:39:9a:fa:03:c9:e1:9a:9d:6c:02:9d:75:34:4b:80:
50:64:3e:45:69:b8:4d:0e:8c:29:b7:06:8c:e9:9b:28:ba:e4:
09:b8:06:de:f6:6d:0d:4f:18:ea:b2:64:08:58:41:88:4e:10:
f0:50:ef:cd:9f:10:23:51:ce:d9:9c:40:09:ae:fe:ec:c9:c8:
99:fd:67:de
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgIUCKwSDNAUonxgQjqTXpSkxBwKv0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNTA0MTUyMDUzNTJaFw0yNjA0MTQyMDU4NTJaMDMxMTAvBgNV
BAMTKEZFRUEwMUU1RDc4OUFDQzFFN0ZERDg1MUQ5NkFDQzcyRUY5NEMzM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJ8IikqsrJegscXVFHuXtkqi9U
t21EJV++CsHsFTMbdoNN72n5LsDWw/QAil/5S0Zpk2tW8t+cWjYhBWwvfHI+J09D
CNKbYW/LPKWjZ0elCtNs8KuPaYqV4fDMpITeICiIzc+llL4xHcnyDkdb1ca+1xH+
qUaNY2WAmIF0M3rZG16v7A4+5qXhLx1egyRVXLlXeaQRxam6KkbU5TSPPikuyy6F
aKYDcyncO7eZ+1EmPgqEraftt2WjT8ZKItxjLihvvH+t0eaoPJ8xNSnZRvKxJnXY
mdMnufv1q5H8JPkF7iR+EmuNRjLwsrMmL4pHMlzEkvKdLWtmqp90wpE+UfNXAgMB
AAGjggLmMIIC4jAdBgNVHQ4EFgQU/uoB5deJrMHn/dhR2WrMcu+Uwz4wHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzM5NjM1Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjCB1QYIKwYBBQUHAQcBAf8EgcUwgcIwgb8EAgABMIG4AwQAViYgMAwDBABW
JrkDBABWJroDBABWJvEDBABZdGMDBABZdHAwDAMEAFl0gwMEAFl0hAMEAFl0mgME
AFl0ngMEAFl0pgMEAFl02gMEAFl03wMEAFl0+AMEAFl0/TAMAwQAWXVZAwQAWXVa
AwQAWXVlMAwDBABZdXEDBABZdXIDBABZdXYDBAFZdY4DBABZdZ8wDAMEAFl1rQME
BFl1oAMEAFl1vgMEAFl12AMEAFl14wMEAFl1/jANBgkqhkiG9w0BAQsFAAOCAQEA
HISU51ph1yuCjm07HKiJvzBmlCPINfy2xGiqfqYe2jHUP1heaMJDfJdlPGuGp08l
sbiwDHj2iOX4o10QGX2Yfr4vxMKLobOHczaxpWTYZKg7BDlfI/BrKRaUoRygpMM7
vLAIJyYIgavbKfVrmsI6Obrs1buIAe6f1WjKp3gFLYoVy4wh5GfUZlwr00cEAV0t
FNKBkJkF2nqL/VmG+BREyxQbmI1zrerM6TB60yDdlJvbXVIIMKvUOZr6A8nhmp1s
Ap11NEuAUGQ+RWm4TQ6MKbcGjOmbKLrkCbgG3vZtDU8Y6rJkCFhBiE4Q8FDvzZ8Q
I1HO2ZxACa7+7MnImf1n3g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:17:57 2025 by rpki-client