$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa File: AS834.roa (raw, json) Hash identifier: YP6ZDpLwFUWOFaNdC2XkdFfpKXd9BlwCFUNRAHrQAfo= Subject key identifier: 9E:46:58:8E:78:BC:88:5E:80:7F:1F:9F:E6:24:7B:D4:3A:A8:44:8F Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 3E7523F1A37FEF8C706B572D6851E79F11978DC5 Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa Signing time: Sun 20 Apr 2025 03:16:51 +0000 ROA not before: Sun 20 Apr 2025 03:11:51 +0000 ROA not after: Sun 19 Apr 2026 03:16:51 +0000 asID: 834 IP address blocks: 84.46.236.0/22 maxlen: 24 86.38.180.0/23 maxlen: 24 86.38.182.0/23 maxlen: 24 86.38.187.0/24 maxlen: 24 86.38.246.0/24 maxlen: 24 86.38.251.0/24 maxlen: 24 86.38.255.0/24 maxlen: 24 89.116.64.0/22 maxlen: 24 89.116.72.0/23 maxlen: 24 89.116.148.0/23 maxlen: 23 89.116.210.0/23 maxlen: 23 89.117.0.0/22 maxlen: 24 89.117.12.0/23 maxlen: 24 89.117.94.0/23 maxlen: 24 89.117.96.0/22 maxlen: 24 89.117.112.0/22 maxlen: 22 89.117.120.0/22 maxlen: 24 89.117.132.0/22 maxlen: 22 89.117.142.0/23 maxlen: 24 89.117.158.0/23 maxlen: 24 89.117.172.0/22 maxlen: 24 89.117.216.0/23 maxlen: 23 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 27 Apr 2025 01:58:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:75:23:f1:a3:7f:ef:8c:70:6b:57:2d:68:51:e7:9f:11:97:8d:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: Apr 20 03:11:51 2025 GMT Not After : Apr 19 03:16:51 2026 GMT Subject: CN=9E46588E78BC885E807F1F9FE6247BD43AA8448F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b6:89:bc:03:71:ed:e5:4e:b8:5a:24:93:38: 55:5a:45:bd:6e:cd:31:7f:47:9f:90:4d:52:a1:d7: d2:0a:cd:60:25:69:65:20:f4:d9:0b:14:d2:62:28: 2f:30:fd:ed:6f:ff:1b:f0:dc:f6:81:e9:ad:c4:c6: d5:44:0e:6d:cd:ed:1c:d8:20:1c:14:8c:00:ad:c5: d4:5b:23:6c:cf:7e:fe:8b:1a:a4:fa:c9:db:f3:c3: 83:61:fb:c4:7d:f6:0a:4f:29:ee:2f:ba:ee:a6:fc: e9:c5:18:70:d8:a8:1e:be:91:41:d1:2a:40:8e:0c: f9:9b:78:d0:5f:8e:a5:a1:ea:48:1d:cc:00:7a:df: f9:a4:f3:fa:6d:d4:03:18:32:97:81:f9:59:fc:ef: 6e:73:7f:cd:69:28:ac:93:4c:fc:9c:be:93:eb:3b: 5e:46:27:ac:80:da:2d:c5:74:c4:47:50:df:08:9a: b8:da:c0:d6:d3:fe:b5:af:3d:46:03:4e:32:31:4e: cd:56:b5:a4:cb:80:e5:7d:0e:23:60:30:80:da:c8: 24:a9:4a:34:4a:45:2c:91:98:68:b3:c0:d8:4c:41: 6f:15:46:0c:f1:b5:45:65:3f:4c:7b:d6:46:b9:56: eb:18:b3:4f:fd:fd:37:15:9f:cb:ed:12:22:6e:cc: b4:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:46:58:8E:78:BC:88:5E:80:7F:1F:9F:E6:24:7B:D4:3A:A8:44:8F X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.46.236.0/22 86.38.180.0/22 86.38.187.0/24 86.38.246.0/24 86.38.251.0/24 86.38.255.0/24 89.116.64.0/22 89.116.72.0/23 89.116.148.0/23 89.116.210.0/23 89.117.0.0/22 89.117.12.0/23 89.117.94.0-89.117.99.255 89.117.112.0/22 89.117.120.0/22 89.117.132.0/22 89.117.142.0/23 89.117.158.0/23 89.117.172.0/22 89.117.216.0/23 Signature Algorithm: sha256WithRSAEncryption 98:b9:8a:24:ae:bb:78:cf:7f:f1:8e:44:f6:94:5e:e9:6c:ed: 26:20:6b:22:7a:f6:44:0b:9a:63:87:65:cb:2f:f7:4e:72:7a: 82:3c:37:38:23:c1:a8:c5:51:09:a9:b1:12:e2:18:95:38:93: 30:56:75:12:83:49:46:f3:f4:3a:a8:a5:81:56:19:5d:ed:3a: ce:01:a5:f2:89:5b:15:7b:ec:f3:18:9e:2c:a3:05:b5:af:33: ef:2a:60:1a:9e:f8:78:9d:5e:f5:be:6d:ed:17:ac:80:9f:ad: 4c:93:6b:57:b5:55:a4:26:4a:2d:fb:65:de:1e:84:67:4c:0c: 81:be:7d:97:1f:64:36:29:1d:6f:8e:b6:97:26:03:aa:7c:16: 17:a3:bc:b0:a1:db:8c:13:71:35:01:89:f3:e2:25:d9:ab:bd: 1f:cf:04:ae:e5:fa:37:0d:f3:30:56:48:b7:49:b2:d2:23:8a: 71:e6:a4:25:af:79:8d:9f:c8:ff:b8:fc:78:5d:42:e5:8a:bb: c3:e9:56:41:a0:16:5b:ee:89:1d:5b:55:28:1c:e5:42:1c:27: f8:dd:8c:4e:14:eb:ef:a0:af:3f:ef:d7:17:25:3e:37:78:0c: 80:6f:5f:33:9a:88:7c:86:29:8d:28:a8:0e:64:55:32:d6:5f: ce:1a:b2:97 -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgIUPnUj8aN/74xwa1ctaFHnnxGXjcUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNTA0MjAwMzExNTFaFw0yNjA0MTkwMzE2NTFaMDMxMTAvBgNV BAMTKDlFNDY1ODhFNzhCQzg4NUU4MDdGMUY5RkU2MjQ3QkQ0M0FBODQ0OEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCotom8A3Ht5U64WiSTOFVaRb1u zTF/R5+QTVKh19IKzWAlaWUg9NkLFNJiKC8w/e1v/xvw3PaB6a3ExtVEDm3N7RzY IBwUjACtxdRbI2zPfv6LGqT6ydvzw4Nh+8R99gpPKe4vuu6m/OnFGHDYqB6+kUHR KkCODPmbeNBfjqWh6kgdzAB63/mk8/pt1AMYMpeB+Vn8725zf81pKKyTTPycvpPr O15GJ6yA2i3FdMRHUN8ImrjawNbT/rWvPUYDTjIxTs1WtaTLgOV9DiNgMIDayCSp SjRKRSyRmGizwNhMQW8VRgzxtUVlP0x71ka5VusYs0/9/TcVn8vtEiJuzLSlAgMB AAGjggKrMIICpzAdBgNVHQ4EFgQUnkZYjni8iF6Afx+f5iR71DqoRI8wHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO AjCBnQYIKwYBBQUHAQcBAf8EgY0wgYowgYcEAgABMIGAAwQCVC7sAwQCVia0AwQA Via7AwQAVib2AwQAVib7AwQAVib/AwQCWXRAAwQBWXRIAwQBWXSUAwQBWXTSAwQC WXUAAwQBWXUMMAwDBAFZdV4DBAJZdWADBAJZdXADBAJZdXgDBAJZdYQDBAFZdY4D BAFZdZ4DBAJZdawDBAFZddgwDQYJKoZIhvcNAQELBQADggEBAJi5iiSuu3jPf/GO RPaUXuls7SYgayJ69kQLmmOHZcsv905yeoI8NzgjwajFUQmpsRLiGJU4kzBWdRKD SUbz9DqopYFWGV3tOs4BpfKJWxV77PMYniyjBbWvM+8qYBqe+HidXvW+be0XrICf rUyTa1e1VaQmSi37Zd4ehGdMDIG+fZcfZDYpHW+OtpcmA6p8FhejvLCh24wTcTUB ifPiJdmrvR/PBK7l+jcN8zBWSLdJstIjinHmpCWveY2fyP+4/HhdQuWKu8PpVkGg FlvuiR1bVSgc5UIcJ/jdjE4U6++grz/v1xclPjd4DIBvXzOaiHyGKY0oqA5kVTLW X84aspc= -----END CERTIFICATE-----Generated at Sat Apr 26 19:25:32 2025 by rpki-client