Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: kwBwWSJAY60l7xVFqCCYLwRNluAqoy1PwGx2aJJ+wjQ=
Subject key identifier: CE:55:9B:40:27:4F:79:5A:FE:5A:9B:87:94:B7:83:EA:F0:6F:39:8E
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 1A5F71751C7956497744AE563B9F01ACDE7B8E5B
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
Signing time: Mon 03 Nov 2025 00:09:18 +0000
ROA not before: Mon 03 Nov 2025 00:04:18 +0000
ROA not after: Mon 02 Nov 2026 00:09:18 +0000
asID: 834
IP address blocks: 84.46.236.0/22 maxlen: 24
86.38.180.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
86.38.184.0/24 maxlen: 24
86.38.246.0/24 maxlen: 24
89.116.8.0/22 maxlen: 24
89.116.64.0/22 maxlen: 24
89.116.72.0/23 maxlen: 24
89.116.148.0/23 maxlen: 23
89.116.165.0/24 maxlen: 24
89.116.172.0/24 maxlen: 24
89.116.210.0/23 maxlen: 23
89.117.0.0/22 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.65.0/24 maxlen: 24
89.117.84.0/24 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.96.0/22 maxlen: 24
89.117.112.0/22 maxlen: 22
89.117.120.0/22 maxlen: 24
89.117.132.0/22 maxlen: 22
89.117.142.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.172.0/22 maxlen: 24
89.117.216.0/23 maxlen: 23
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 00:07:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:5f:71:75:1c:79:56:49:77:44:ae:56:3b:9f:01:ac:de:7b:8e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: Nov 3 00:04:18 2025 GMT
Not After : Nov 2 00:09:18 2026 GMT
Subject: CN=CE559B40274F795AFE5A9B8794B783EAF06F398E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:14:ae:ca:da:a1:2a:7e:bb:78:fb:22:f7:
38:ae:a3:4e:05:99:9a:9c:6e:aa:ea:97:75:8b:30:
ea:af:1b:ab:2e:e2:dc:01:6a:0e:7e:bb:fe:b6:c3:
9e:59:b5:21:dc:2e:20:b6:28:2f:24:e6:93:4f:17:
3d:59:c1:09:33:68:ce:6b:bc:ca:b5:7f:2f:72:8d:
7f:b4:17:ce:a3:5a:3c:d2:fd:a3:65:70:ea:6a:44:
da:ac:84:1b:45:3c:56:65:8e:00:70:e1:b9:b2:ba:
6a:31:74:e3:fe:d9:36:b6:7f:48:ae:5e:f3:f9:f3:
c8:b2:9a:66:47:25:76:2d:78:69:45:c5:c9:0c:74:
1b:24:2f:a4:45:b4:72:eb:22:98:a7:49:c2:d5:9d:
2e:ca:54:93:29:49:f6:bf:1e:8f:d1:52:c8:e0:8a:
bd:34:ac:10:71:61:6a:e5:1c:32:e2:09:ad:4c:aa:
68:84:4a:8e:02:cd:ca:26:59:e0:ed:57:b9:8d:61:
cc:20:84:6e:53:2c:16:55:59:41:73:f3:39:ca:75:
7f:24:85:38:99:30:fa:e2:9b:6b:3d:b4:ad:aa:38:
bf:7f:c0:03:3c:ad:a4:25:9b:b1:1a:54:56:a5:45:
ff:5a:b0:83:6c:cc:2d:66:0d:c0:94:ef:d7:ce:9d:
a1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:55:9B:40:27:4F:79:5A:FE:5A:9B:87:94:B7:83:EA:F0:6F:39:8E
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
86.38.180.0-86.38.184.255
86.38.246.0/24
89.116.8.0/22
89.116.64.0/22
89.116.72.0/23
89.116.148.0/23
89.116.165.0/24
89.116.172.0/24
89.116.210.0/23
89.117.0.0/22
89.117.12.0/23
89.117.65.0/24
89.117.84.0/24
89.117.94.0-89.117.99.255
89.117.112.0/22
89.117.120.0/22
89.117.132.0/22
89.117.142.0/23
89.117.158.0/23
89.117.172.0/22
89.117.216.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:25:7e:8d:9f:b8:f3:71:ca:4f:c6:50:a0:2c:7e:7e:8d:b8:
70:d7:2d:96:38:cf:60:97:40:86:0e:23:58:ad:d6:b0:1f:f3:
54:db:c1:10:e1:8a:95:ae:67:2e:7a:1f:ad:ee:8c:4f:05:70:
61:ca:cd:3d:04:35:39:e3:60:40:bf:89:6e:4b:d6:9d:eb:6a:
84:4b:69:4b:17:dc:a4:fb:05:19:10:ad:62:36:52:dd:61:c0:
e9:87:4c:6d:23:5d:cc:21:cd:b5:8f:67:30:51:32:d4:4b:45:
84:84:8d:94:b8:cb:39:8d:f4:8c:99:b0:e6:ef:a6:83:c5:05:
28:28:a0:ef:03:9b:91:71:a3:f0:b6:9f:48:b6:23:07:94:9d:
f7:4e:c9:da:11:72:42:69:2e:f8:0c:eb:5e:03:4b:7c:db:4c:
42:30:e4:24:5f:a6:99:3a:2a:57:1c:3a:f5:bd:0f:93:aa:1e:
0e:7c:ee:6b:0c:45:db:8d:21:07:53:1e:d8:77:fa:90:82:89:
9e:3b:0b:30:ba:ca:a1:46:89:9b:fe:3d:45:1f:fd:bf:fa:cf:
04:af:c8:07:82:50:19:74:b3:f7:69:ad:02:a9:d4:1b:7d:5c:
ec:50:61:4a:05:14:32:9b:47:1f:4a:2a:c3:ad:74:6f:e7:4d:
28:66:cd:9a
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgIUGl9xdRx5Vkl3RK5WO58BrN57jlswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNTExMDMwMDA0MThaFw0yNjExMDIwMDA5MThaMDMxMTAvBgNV
BAMTKENFNTU5QjQwMjc0Rjc5NUFGRTVBOUI4Nzk0Qjc4M0VBRjA2RjM5OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3UxSuytqhKn67ePsi9ziuo04F
mZqcbqrql3WLMOqvG6su4twBag5+u/62w55ZtSHcLiC2KC8k5pNPFz1ZwQkzaM5r
vMq1fy9yjX+0F86jWjzS/aNlcOpqRNqshBtFPFZljgBw4bmyumoxdOP+2Ta2f0iu
XvP588iymmZHJXYteGlFxckMdBskL6RFtHLrIpinScLVnS7KVJMpSfa/Ho/RUsjg
ir00rBBxYWrlHDLiCa1MqmiESo4CzcomWeDtV7mNYcwghG5TLBZVWUFz8znKdX8k
hTiZMPrim2s9tK2qOL9/wAM8raQlm7EaVFalRf9asINszC1mDcCU79fOnaFnAgMB
AAGjggK/MIICuzAdBgNVHQ4EFgQUzlWbQCdPeVr+WpuHlLeD6vBvOY4wHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjCBsQYIKwYBBQUHAQcBAf8EgaEwgZ4wgZsEAgABMIGUAwQCVC7sMAwDBAJWJrQD
BABWJrgDBABWJvYDBAJZdAgDBAJZdEADBAFZdEgDBAFZdJQDBABZdKUDBABZdKwD
BAFZdNIDBAJZdQADBAFZdQwDBABZdUEDBABZdVQwDAMEAVl1XgMEAll1YAMEAll1
cAMEAll1eAMEAll1hAMEAVl1jgMEAVl1ngMEAll1rAMEAVl12DANBgkqhkiG9w0B
AQsFAAOCAQEAsSV+jZ+483HKT8ZQoCx+fo24cNctljjPYJdAhg4jWK3WsB/zVNvB
EOGKla5nLnofre6MTwVwYcrNPQQ1OeNgQL+JbkvWnetqhEtpSxfcpPsFGRCtYjZS
3WHA6YdMbSNdzCHNtY9nMFEy1EtFhISNlLjLOY30jJmw5u+mg8UFKCig7wObkXGj
8LafSLYjB5Sd907J2hFyQmku+AzrXgNLfNtMQjDkJF+mmToqVxw69b0Pk6oeDnzu
awxF240hB1Me2Hf6kIKJnjsLMLrKoUaJm/49RR/9v/rPBK/IB4JQGXSz92mtAqnU
G31c7FBhSgUUMptHH0oqw610b+dNKGbNmg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:57:53 2025 by rpki-client