Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: B9CIMYGcEGNa0DW21fmkXZeRc19lutwnurVk+1E1nAo=
Subject key identifier: 9F:D0:76:BF:CC:1A:9B:28:72:1B:37:7B:2C:B1:33:8C:1F:A0:C5:C7
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 3077D9DAA2EBC0820455C3B906986A3DCC80E0A3
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
Signing time: Thu 16 Apr 2026 08:34:00 +0000
ROA not before: Thu 16 Apr 2026 08:29:00 +0000
ROA not after: Thu 15 Apr 2027 08:34:00 +0000
asID: 834
IP address blocks: 84.46.236.0/22 maxlen: 24
86.38.180.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
86.38.184.0/24 maxlen: 24
86.38.187.0/24 maxlen: 24
86.38.246.0/24 maxlen: 24
89.116.8.0/24 maxlen: 24
89.116.10.0/23 maxlen: 24
89.116.64.0/22 maxlen: 24
89.116.72.0/23 maxlen: 24
89.116.148.0/23 maxlen: 23
89.116.165.0/24 maxlen: 24
89.116.172.0/24 maxlen: 24
89.116.184.0/24 maxlen: 24
89.116.210.0/23 maxlen: 23
89.117.0.0/22 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.65.0/24 maxlen: 24
89.117.81.0/24 maxlen: 24
89.117.84.0/24 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.96.0/22 maxlen: 24
89.117.112.0/22 maxlen: 22
89.117.120.0/22 maxlen: 24
89.117.142.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.172.0/22 maxlen: 24
89.117.216.0/23 maxlen: 23
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 18:47:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:77:d9:da:a2:eb:c0:82:04:55:c3:b9:06:98:6a:3d:cc:80:e0:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: Apr 16 08:29:00 2026 GMT
Not After : Apr 15 08:34:00 2027 GMT
Subject: CN=9FD076BFCC1A9B28721B377B2CB1338C1FA0C5C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:52:25:d2:38:a7:bd:fc:0c:b8:51:be:c3:39:
14:b3:c7:eb:fa:89:87:d8:13:f3:c8:00:d1:f2:68:
d2:f4:9d:b8:b1:09:45:00:1d:ae:4d:cd:6f:a2:d1:
b4:f1:93:ff:60:05:b4:3d:7d:8c:4f:79:45:b7:c7:
b6:d8:c3:a1:e9:3e:92:1d:0f:e5:68:50:39:3e:d2:
58:b6:19:a7:77:c3:d9:0b:7f:2c:97:2e:3f:fc:bc:
63:57:eb:08:b7:c8:32:db:a3:06:fa:d5:85:1a:da:
d7:fa:41:35:6b:e6:29:71:0a:91:0f:14:5c:17:3a:
6b:c4:30:4a:cd:7e:d0:89:21:8d:ef:f8:b6:4d:b0:
0e:0f:8e:bb:00:e4:76:d8:e2:80:fa:84:9d:62:a4:
fe:0f:1c:16:08:80:81:94:c9:9d:ca:74:c3:c6:67:
04:45:f5:40:9c:5c:b5:76:dd:f7:56:26:4f:fb:d8:
04:92:47:b6:ef:54:5d:c9:ae:2a:50:b5:36:e9:cf:
3e:d9:c0:a3:ac:61:22:af:88:6b:3d:99:ee:cd:74:
34:4f:d4:4a:25:15:f9:ba:a5:02:a8:b9:9a:a4:f7:
b6:b9:d5:7d:04:95:2e:e5:8c:6f:76:fe:ea:bf:17:
a3:8e:0f:c0:7d:29:9d:d3:71:39:33:19:58:bd:84:
46:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D0:76:BF:CC:1A:9B:28:72:1B:37:7B:2C:B1:33:8C:1F:A0:C5:C7
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
86.38.180.0-86.38.184.255
86.38.187.0/24
86.38.246.0/24
89.116.8.0/24
89.116.10.0/23
89.116.64.0/22
89.116.72.0/23
89.116.148.0/23
89.116.165.0/24
89.116.172.0/24
89.116.184.0/24
89.116.210.0/23
89.117.0.0/22
89.117.12.0/23
89.117.65.0/24
89.117.81.0/24
89.117.84.0/24
89.117.94.0-89.117.99.255
89.117.112.0/22
89.117.120.0/22
89.117.142.0/23
89.117.158.0/23
89.117.172.0/22
89.117.216.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:0c:a6:00:2d:f3:9a:2b:04:f0:29:db:dc:a0:97:08:62:17:
eb:5d:9f:2f:bd:89:8f:51:c3:10:22:57:a7:d2:70:8b:dc:44:
c0:87:60:78:e8:ec:2c:4f:54:e3:34:e8:5a:80:67:49:ac:fb:
17:26:69:7b:20:2f:18:62:75:d6:8d:de:e5:cd:d1:24:3c:28:
23:60:90:41:74:ab:6f:c0:b3:fa:21:1d:f1:32:35:f7:9f:ac:
30:58:8e:fa:14:16:d4:d9:76:76:c1:1d:0a:fe:e1:30:46:0f:
8b:22:ad:be:53:6f:99:b0:4a:8f:3f:b5:41:61:dd:31:c9:2a:
a0:f0:32:6e:34:88:77:1f:61:f7:26:62:15:bd:d4:c9:42:dd:
d1:0d:4a:2a:34:14:16:bd:40:56:7a:cc:5f:60:1d:f5:91:ce:
80:5a:cd:d4:35:c4:14:de:90:fb:11:7e:20:e5:c6:bc:64:70:
50:ed:fc:f2:4e:90:7c:70:3a:30:cb:4e:43:11:4d:26:97:db:
05:16:bd:5b:0e:93:23:a8:6b:88:84:1f:c8:a3:6a:9c:37:77:
1f:6b:4a:57:c9:bd:4b:ed:08:22:88:90:68:a2:b4:c1:c8:f1:
28:5d:cf:e0:e7:02:da:f3:e4:c6:27:2f:12:96:b8:75:7e:ac:
9a:75:ee:4b
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIUMHfZ2qLrwIIEVcO5BphqPcyA4KMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNjA0MTYwODI5MDBaFw0yNzA0MTUwODM0MDBaMDMxMTAvBgNV
BAMTKDlGRDA3NkJGQ0MxQTlCMjg3MjFCMzc3QjJDQjEzMzhDMUZBMEM1QzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuUiXSOKe9/Ay4Ub7DORSzx+v6
iYfYE/PIANHyaNL0nbixCUUAHa5NzW+i0bTxk/9gBbQ9fYxPeUW3x7bYw6HpPpId
D+VoUDk+0li2Gad3w9kLfyyXLj/8vGNX6wi3yDLbowb61YUa2tf6QTVr5ilxCpEP
FFwXOmvEMErNftCJIY3v+LZNsA4PjrsA5HbY4oD6hJ1ipP4PHBYIgIGUyZ3KdMPG
ZwRF9UCcXLV23fdWJk/72ASSR7bvVF3JripQtTbpzz7ZwKOsYSKviGs9me7NdDRP
1EolFfm6pQKouZqk97a51X0ElS7ljG92/uq/F6OOD8B9KZ3TcTkzGVi9hEbnAgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQUn9B2v8wamyhyGzd7LLEzjB+gxccwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjCBwwYIKwYBBQUHAQcBAf8EgbMwgbAwga0EAgABMIGmAwQCVC7sMAwDBAJWJrQD
BABWJrgDBABWJrsDBABWJvYDBABZdAgDBAFZdAoDBAJZdEADBAFZdEgDBAFZdJQD
BABZdKUDBABZdKwDBABZdLgDBAFZdNIDBAJZdQADBAFZdQwDBABZdUEDBABZdVED
BABZdVQwDAMEAVl1XgMEAll1YAMEAll1cAMEAll1eAMEAVl1jgMEAVl1ngMEAll1
rAMEAVl12DANBgkqhkiG9w0BAQsFAAOCAQEAewymAC3zmisE8Cnb3KCXCGIX612f
L72Jj1HDECJXp9Jwi9xEwIdgeOjsLE9U4zToWoBnSaz7FyZpeyAvGGJ11o3e5c3R
JDwoI2CQQXSrb8Cz+iEd8TI195+sMFiO+hQW1Nl2dsEdCv7hMEYPiyKtvlNvmbBK
jz+1QWHdMckqoPAybjSIdx9h9yZiFb3UyULd0Q1KKjQUFr1AVnrMX2Ad9ZHOgFrN
1DXEFN6Q+xF+IOXGvGRwUO388k6QfHA6MMtOQxFNJpfbBRa9Ww6TI6hriIQfyKNq
nDd3H2tKV8m9S+0IIoiQaKK0wcjxKF3P4OcC2vPkxicvEpa4dX6smnXuSw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:32:28 2026 by rpki-client