Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: ZM1hBQuTO0rRFD5wcghXM2ZSmUJD2PrfwvJwGV9qElU=
Subject key identifier: C8:A2:9F:CC:59:7A:59:CE:2E:53:48:7B:42:CD:41:67:9B:47:23:B7
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 4BFDB53F80B659B9895A4B62D76F237875AAFD39
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
Signing time: Fri 27 Feb 2026 10:21:03 +0000
ROA not before: Fri 27 Feb 2026 10:16:03 +0000
ROA not after: Fri 26 Feb 2027 10:21:03 +0000
asID: 834
IP address blocks: 84.46.236.0/22 maxlen: 24
86.38.180.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
86.38.184.0/24 maxlen: 24
86.38.246.0/24 maxlen: 24
89.116.8.0/23 maxlen: 24
89.116.10.0/24 maxlen: 24
89.116.64.0/22 maxlen: 24
89.116.72.0/23 maxlen: 24
89.116.127.0/24 maxlen: 24
89.116.148.0/23 maxlen: 23
89.116.165.0/24 maxlen: 24
89.116.172.0/24 maxlen: 24
89.116.184.0/24 maxlen: 24
89.116.210.0/23 maxlen: 23
89.117.0.0/22 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.65.0/24 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.96.0/22 maxlen: 24
89.117.112.0/22 maxlen: 22
89.117.120.0/22 maxlen: 24
89.117.142.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.172.0/22 maxlen: 24
89.117.216.0/23 maxlen: 23
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 10:54:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:fd:b5:3f:80:b6:59:b9:89:5a:4b:62:d7:6f:23:78:75:aa:fd:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: Feb 27 10:16:03 2026 GMT
Not After : Feb 26 10:21:03 2027 GMT
Subject: CN=C8A29FCC597A59CE2E53487B42CD41679B4723B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ab:fa:cd:85:11:bd:3f:aa:c8:2a:21:c7:cf:
90:3c:62:9d:c0:97:d1:d3:cc:86:d3:db:17:e1:2d:
51:f3:7e:bd:1e:7a:5a:2c:50:28:71:ae:9d:70:49:
01:36:76:2a:84:91:cd:30:d9:ee:44:c7:f7:f0:b1:
d9:4d:96:ab:62:81:62:9f:dc:bb:01:d6:c2:04:93:
4e:95:f5:5d:02:ac:4a:ad:6a:b0:36:55:b7:fe:4c:
2f:3e:92:b7:6c:18:db:99:bc:1e:34:64:7f:57:7e:
8b:e0:af:12:47:9a:14:a8:75:85:3e:7b:62:9a:c1:
f8:e2:0a:c7:ec:e2:1e:f7:71:7b:1e:2e:70:33:15:
31:4d:76:dd:ae:53:b9:6f:2a:39:35:ec:58:a6:c9:
12:04:bb:06:ed:f7:99:25:14:b8:29:7e:3d:fb:72:
c2:90:b7:31:cc:e8:f5:e8:6b:55:29:e1:e4:21:66:
7a:d1:45:72:aa:49:12:63:05:37:31:f3:38:36:ee:
8a:4c:74:f8:d4:c8:66:43:aa:99:a5:f9:f0:2e:37:
9d:a9:c4:98:55:ac:23:fd:3c:c6:64:45:67:87:7e:
46:da:0f:24:62:aa:cc:7b:0f:a4:7e:de:47:18:74:
5c:1f:f3:db:60:9e:47:f9:94:ac:b3:dd:91:a1:b9:
c3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A2:9F:CC:59:7A:59:CE:2E:53:48:7B:42:CD:41:67:9B:47:23:B7
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
86.38.180.0-86.38.184.255
86.38.246.0/24
89.116.8.0-89.116.10.255
89.116.64.0/22
89.116.72.0/23
89.116.127.0/24
89.116.148.0/23
89.116.165.0/24
89.116.172.0/24
89.116.184.0/24
89.116.210.0/23
89.117.0.0/22
89.117.12.0/23
89.117.65.0/24
89.117.94.0-89.117.99.255
89.117.112.0/22
89.117.120.0/22
89.117.142.0/23
89.117.158.0/23
89.117.172.0/22
89.117.216.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:3a:d6:21:9b:17:ee:e4:95:63:5b:41:7f:d8:d1:ad:60:3a:
30:d4:c4:0b:0a:b9:24:42:ed:f6:a3:5e:eb:d3:ad:25:38:1c:
f6:6d:ee:bd:74:14:fc:24:9c:b1:17:b7:25:31:7b:12:79:89:
6f:c2:7b:2b:ac:a4:27:68:b4:42:ca:3d:0b:c7:2d:68:30:50:
ac:c2:63:49:a0:c2:cf:4d:13:24:b6:50:5e:23:8e:be:77:e7:
91:26:78:dd:82:fc:d1:91:83:6c:ec:65:8e:9e:79:74:6b:c7:
0c:c4:94:9d:47:12:98:4d:dd:4b:df:91:7c:c6:6e:42:52:e2:
6e:20:c5:e8:26:e0:cf:42:08:5b:0d:92:8f:90:9a:bc:25:9b:
42:1a:0f:ca:46:a3:9c:ca:02:7a:e0:b9:dc:c8:7a:f0:08:ca:
be:c9:d4:6e:6b:6f:de:8e:0d:92:ab:43:ea:49:75:36:9f:ac:
50:15:57:a6:6f:11:48:bb:01:04:13:a1:f5:8c:a0:56:8b:9e:
f7:ea:9b:66:3d:e5:e5:4e:3c:67:6e:d9:dd:be:6b:65:a0:51:
39:8b:4d:be:45:e0:4f:ce:14:65:8e:23:56:f9:8b:50:4b:3b:
94:87:d0:45:f0:9f:30:6b:0d:75:e4:bf:36:a0:0f:64:f8:9f:
07:b1:e0:df
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUS/21P4C2WbmJWkti128jeHWq/TkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNjAyMjcxMDE2MDNaFw0yNzAyMjYxMDIxMDNaMDMxMTAvBgNV
BAMTKEM4QTI5RkNDNTk3QTU5Q0UyRTUzNDg3QjQyQ0Q0MTY3OUI0NzIzQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkq/rNhRG9P6rIKiHHz5A8Yp3A
l9HTzIbT2xfhLVHzfr0eelosUChxrp1wSQE2diqEkc0w2e5Ex/fwsdlNlqtigWKf
3LsB1sIEk06V9V0CrEqtarA2Vbf+TC8+krdsGNuZvB40ZH9XfovgrxJHmhSodYU+
e2KawfjiCsfs4h73cXseLnAzFTFNdt2uU7lvKjk17FimyRIEuwbt95klFLgpfj37
csKQtzHM6PXoa1Up4eQhZnrRRXKqSRJjBTcx8zg27opMdPjUyGZDqpml+fAuN52p
xJhVrCP9PMZkRWeHfkbaDyRiqsx7D6R+3kcYdFwf89tgnkf5lKyz3ZGhucMrAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUyKKfzFl6Wc4uU0h7Qs1BZ5tHI7cwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjCBuQYIKwYBBQUHAQcBAf8EgakwgaYwgaMEAgABMIGcAwQCVC7sMAwDBAJWJrQD
BABWJrgDBABWJvYwDAMEA1l0CAMEAFl0CgMEAll0QAMEAVl0SAMEAFl0fwMEAVl0
lAMEAFl0pQMEAFl0rAMEAFl0uAMEAVl00gMEAll1AAMEAVl1DAMEAFl1QTAMAwQB
WXVeAwQCWXVgAwQCWXVwAwQCWXV4AwQBWXWOAwQBWXWeAwQCWXWsAwQBWXXYMA0G
CSqGSIb3DQEBCwUAA4IBAQCtOtYhmxfu5JVjW0F/2NGtYDow1MQLCrkkQu32o17r
060lOBz2be69dBT8JJyxF7clMXsSeYlvwnsrrKQnaLRCyj0Lxy1oMFCswmNJoMLP
TRMktlBeI46+d+eRJnjdgvzRkYNs7GWOnnl0a8cMxJSdRxKYTd1L35F8xm5CUuJu
IMXoJuDPQghbDZKPkJq8JZtCGg/KRqOcygJ64LncyHrwCMq+ydRua2/ejg2Sq0Pq
SXU2n6xQFVembxFIuwEEE6H1jKBWi5736ptmPeXlTjxnbtndvmtloFE5i02+ReBP
zhRljiNW+YtQSzuUh9BF8J8waw115L82oA9k+J8HseDf
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:49:16 2026 by rpki-client