Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: CYWe0k6g8PV1lz69OYWrHlYo06vNlG+dlaoPDXNi2JA=
Subject key identifier: A5:76:79:51:49:2B:9C:9C:FC:A3:1B:94:B7:E4:D0:4D:F6:B8:A6:C4
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 40D8FF77B295B67EB928E4845ED3D60D6240A6EC
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
Signing time: Fri 15 Mar 2024 08:29:56 +0000
ROA not before: Fri 15 Mar 2024 08:24:56 +0000
ROA not after: Fri 14 Mar 2025 08:29:56 +0000
asID: 212238
IP address blocks: 82.140.182.0/24 maxlen: 24
84.46.171.0/24 maxlen: 24
84.46.237.0/24 maxlen: 24
84.46.238.0/24 maxlen: 24
86.38.5.0/24 maxlen: 24
86.38.177.0/24 maxlen: 24
86.38.180.0/24 maxlen: 24
86.38.181.0/24 maxlen: 24
86.38.219.0/24 maxlen: 24
86.38.247.0/24 maxlen: 24
89.116.56.0/24 maxlen: 24
89.116.65.0/24 maxlen: 24
89.116.66.0/24 maxlen: 24
89.116.67.0/24 maxlen: 24
89.116.75.0/24 maxlen: 24
89.116.168.0/24 maxlen: 24
89.116.169.0/24 maxlen: 24
89.116.172.0/24 maxlen: 24
89.116.183.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.13.0/24 maxlen: 24
89.117.95.0/24 maxlen: 24
89.117.97.0/24 maxlen: 24
89.117.98.0/24 maxlen: 24
89.117.99.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.111.0/24 maxlen: 24
89.117.121.0/24 maxlen: 24
89.117.122.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 12:44:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:d8:ff:77:b2:95:b6:7e:b9:28:e4:84:5e:d3:d6:0d:62:40:a6:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: Mar 15 08:24:56 2024 GMT
Not After : Mar 14 08:29:56 2025 GMT
Subject: CN=A5767951492B9C9CFCA31B94B7E4D04DF6B8A6C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d4:33:3c:58:13:fe:20:1f:c7:22:4a:d0:fd:
41:d1:2f:ba:02:0f:5a:94:64:d6:0f:a9:d2:c6:94:
bd:6e:30:a1:84:0e:df:00:d3:28:61:d5:17:07:03:
93:12:ac:dc:eb:ff:c4:d5:df:67:ae:21:e4:b3:3a:
51:1c:bd:f0:8a:84:3c:ba:e3:3c:28:db:77:a8:9f:
58:1c:8d:0e:af:8f:1e:be:31:9c:31:be:d4:00:ac:
4c:95:08:ed:10:d3:be:f4:0b:53:fa:5b:4d:8c:bd:
e6:99:93:df:c1:fe:d4:03:27:bc:fa:7b:5e:33:36:
34:42:9b:ff:d0:37:93:05:68:c5:32:32:ab:83:00:
21:a9:22:56:40:e2:83:d5:e7:d5:87:93:00:72:29:
c9:5b:dc:b6:90:e5:43:df:57:49:1c:59:6c:0f:15:
0c:77:98:c8:88:65:a6:e0:c6:b3:1e:8e:91:23:43:
9e:01:70:e2:b8:de:e7:48:c8:94:90:28:6d:d1:14:
e9:fd:c9:76:b6:84:e3:03:36:70:fb:9f:1d:97:01:
a0:1f:3e:97:ce:31:df:e3:e7:06:45:f1:19:e3:41:
48:f1:ca:35:10:4d:4d:e0:46:b5:7f:90:1f:7b:f7:
c6:96:ac:98:77:52:b8:b8:54:e4:5a:77:4d:82:0f:
73:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:76:79:51:49:2B:9C:9C:FC:A3:1B:94:B7:E4:D0:4D:F6:B8:A6:C4
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.182.0/24
84.46.171.0/24
84.46.237.0-84.46.238.255
86.38.5.0/24
86.38.177.0/24
86.38.180.0/23
86.38.219.0/24
86.38.247.0/24
89.116.56.0/24
89.116.65.0-89.116.67.255
89.116.75.0/24
89.116.168.0/23
89.116.172.0/24
89.116.183.0/24
89.116.255.0/24
89.117.13.0/24
89.117.95.0/24
89.117.97.0-89.117.99.255
89.117.109.0/24
89.117.111.0/24
89.117.121.0-89.117.122.255
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
34:4b:9f:cc:47:42:7e:7c:22:5a:c3:37:55:b8:76:3c:95:49:
dc:46:13:7d:bd:24:b6:4b:df:e7:30:21:d5:f6:27:0a:4f:95:
73:69:20:e9:96:05:60:0a:dc:60:42:fc:79:88:09:cf:01:0e:
bc:ad:78:cb:6b:d4:07:19:bc:7e:ac:82:e8:17:4c:b1:65:54:
4a:b7:09:62:06:49:71:99:3f:98:30:c8:6f:51:92:cf:88:bf:
fc:21:7d:5c:30:e2:81:de:31:87:49:3b:93:1e:b7:bb:e2:28:
4f:d2:8a:93:ef:7e:fe:b9:d4:a5:4c:31:5d:6f:69:f8:96:29:
a1:d3:b6:c7:92:31:5c:83:8d:c5:73:cf:69:08:07:9b:c8:43:
87:00:62:05:14:20:71:6b:42:5d:8f:46:81:3e:d0:4f:1f:40:
b2:29:26:85:66:52:99:6f:f4:d1:e4:3c:75:66:c1:61:34:ef:
26:d5:a2:92:a7:65:98:21:30:ad:3a:4d:09:39:c3:ee:29:a3:
f8:0f:c0:bc:75:b0:6c:c7:43:be:d7:ff:17:a0:d5:38:4c:08:
59:d7:44:4c:f4:33:97:7a:6f:34:cb:34:b0:71:d8:fd:c3:a3:
2b:ba:bd:13:2d:59:3a:88:44:ce:0d:79:d4:74:25:9f:3e:ce:
37:b4:b7:7e
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIUQNj/d7KVtn65KOSEXtPWDWJApuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNDAzMTUwODI0NTZaFw0yNTAzMTQwODI5NTZaMDMxMTAvBgNV
BAMTKEE1NzY3OTUxNDkyQjlDOUNGQ0EzMUI5NEI3RTREMDRERjZCOEE2QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM1DM8WBP+IB/HIkrQ/UHRL7oC
D1qUZNYPqdLGlL1uMKGEDt8A0yhh1RcHA5MSrNzr/8TV32euIeSzOlEcvfCKhDy6
4zwo23eon1gcjQ6vjx6+MZwxvtQArEyVCO0Q0770C1P6W02MveaZk9/B/tQDJ7z6
e14zNjRCm//QN5MFaMUyMquDACGpIlZA4oPV59WHkwByKclb3LaQ5UPfV0kcWWwP
FQx3mMiIZabgxrMejpEjQ54BcOK43udIyJSQKG3RFOn9yXa2hOMDNnD7nx2XAaAf
PpfOMd/j5wZF8RnjQUjxyjUQTU3gRrV/kB9798aWrJh3Uri4VORad02CD3N/AgMB
AAGjggLSMIICzjAdBgNVHQ4EFgQUpXZ5UUkrnJz8oxuUt+TQTfa4psQwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzIxMjIzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjCBwQYIKwYBBQUHAQcBAf8EgbEwga4wgasEAgABMIGkAwQAUoy2AwQAVC6r
MAwDBABULu0DBABULu4DBABWJgUDBABWJrEDBAFWJrQDBABWJtsDBABWJvcDBABZ
dDgwDAMEAFl0QQMEAll0QAMEAFl0SwMEAVl0qAMEAFl0rAMEAFl0twMEAFl0/wME
AFl1DQMEAFl1XzAMAwQAWXVhAwQCWXVgAwQAWXVtAwQAWXVvMAwDBABZdXkDBABZ
dXoDBABZdfowDQYJKoZIhvcNAQELBQADggEBADRLn8xHQn58IlrDN1W4djyVSdxG
E329JLZL3+cwIdX2JwpPlXNpIOmWBWAK3GBC/HmICc8BDryteMtr1AcZvH6sgugX
TLFlVEq3CWIGSXGZP5gwyG9Rks+Iv/whfVww4oHeMYdJO5Met7viKE/SipPvfv65
1KVMMV1vafiWKaHTtseSMVyDjcVzz2kIB5vIQ4cAYgUUIHFrQl2PRoE+0E8fQLIp
JoVmUplv9NHkPHVmwWE07ybVopKnZZghMK06TQk5w+4po/gPwLx1sGzHQ77X/xeg
1ThMCFnXREz0M5d6bzTLNLBx2P3Doyu6vRMtWTqIRM4NedR0JZ8+zje0t34=
-----END CERTIFICATE-----
Generated at Tue May 7 21:35:33 2024 by rpki-client on console-ams.rpki-client.org