$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS13213.roa File: AS13213.roa (raw, json) Hash identifier: 9OI6zsQ7nvlxAEKMezflWgHhXnlugx41yyYFQWG1m40= Subject key identifier: CF:4F:3D:70:AD:41:AD:DF:19:FE:CF:FD:21:98:D0:46:6F:BD:B4:D3 Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 7A053FEF401F1EB181FBF9E8627287C9833B76A4 Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS13213.roa Signing time: Sat 01 Mar 2025 16:03:51 +0000 ROA not before: Sat 01 Mar 2025 15:58:51 +0000 ROA not after: Sat 28 Feb 2026 16:03:51 +0000 asID: 13213 IP address blocks: 86.38.248.0/24 maxlen: 24 86.38.250.0/24 maxlen: 24 86.38.252.0/24 maxlen: 24 86.38.254.0/24 maxlen: 24 89.116.62.0/24 maxlen: 24 89.116.182.0/24 maxlen: 24 89.116.200.0/24 maxlen: 24 89.116.241.0/24 maxlen: 24 89.117.80.0/24 maxlen: 24 89.117.83.0/24 maxlen: 24 89.117.91.0/24 maxlen: 24 89.117.105.0/24 maxlen: 24 89.117.106.0/24 maxlen: 24 89.117.107.0/24 maxlen: 24 89.117.155.0/24 maxlen: 24 89.117.160.0/24 maxlen: 24 89.117.161.0/24 maxlen: 24 89.117.162.0/24 maxlen: 24 89.117.163.0/24 maxlen: 24 89.117.218.0/24 maxlen: 24 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 08:10:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:05:3f:ef:40:1f:1e:b1:81:fb:f9:e8:62:72:87:c9:83:3b:76:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: Mar 1 15:58:51 2025 GMT Not After : Feb 28 16:03:51 2026 GMT Subject: CN=CF4F3D70AD41ADDF19FECFFD2198D0466FBDB4D3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:05:55:68:ae:54:89:df:41:1e:bc:e3:0d:4e: db:0a:2e:50:dc:f1:0b:ff:bb:f8:81:72:e9:a4:37: 13:04:03:97:37:93:48:d0:0e:aa:82:a9:b9:4e:35: 1d:2f:fb:54:fe:da:79:08:48:3e:5c:04:a1:54:ec: 75:79:ff:3a:2e:8d:f4:20:ca:44:5b:56:e9:18:97: a1:f2:9e:c4:72:cb:d5:99:84:a9:f2:e8:de:0f:f9: 33:ec:42:b6:2e:75:e4:33:48:0a:1b:6d:c9:10:21: f4:ca:6c:c3:96:00:b6:c1:57:2a:a1:fa:31:91:d5: 95:b2:ef:be:89:f0:d9:4c:05:59:bc:c6:1a:f3:ce: 69:ad:65:d4:d2:16:7b:63:29:b3:9e:03:74:74:28: 36:bf:22:9a:08:f2:84:9d:68:07:5d:a6:8d:70:4e: 46:83:12:7b:3c:ce:5e:8d:24:bc:b4:55:da:35:6f: 02:37:4f:ea:6a:fe:f2:78:fc:00:78:36:f2:dd:b6: 09:e4:d1:af:49:9e:2d:aa:27:a9:69:4d:9b:ac:d9: 30:2c:24:3f:f6:e8:d1:d1:fc:8d:a9:53:fa:60:b6: 5e:f1:74:d2:1f:4e:f4:42:2d:8f:01:78:5e:ce:35: a2:52:88:38:e7:a2:7a:5d:c9:28:d1:b2:5d:fd:1c: c2:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:4F:3D:70:AD:41:AD:DF:19:FE:CF:FD:21:98:D0:46:6F:BD:B4:D3 X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS13213.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.38.248.0/24 86.38.250.0/24 86.38.252.0/24 86.38.254.0/24 89.116.62.0/24 89.116.182.0/24 89.116.200.0/24 89.116.241.0/24 89.117.80.0/24 89.117.83.0/24 89.117.91.0/24 89.117.105.0-89.117.107.255 89.117.155.0/24 89.117.160.0/22 89.117.218.0/24 Signature Algorithm: sha256WithRSAEncryption bb:13:82:0f:41:13:81:b7:c6:96:eb:dc:32:ac:2f:13:92:6c: 89:e8:e8:1b:20:a3:eb:7e:f1:fe:03:7d:a3:78:2d:3f:0c:2b: 79:48:36:e8:e5:f4:ce:bc:3a:15:37:17:2a:f2:7b:58:fa:6d: 4a:d4:03:1d:f4:4b:34:0b:c6:d1:3d:66:5d:23:45:17:a5:ce: 26:0b:97:81:06:2d:89:7e:b6:3c:19:b3:92:33:7a:d0:e5:5f: 15:67:f4:19:89:bd:0d:a5:4b:e7:2d:7f:09:a3:a2:5d:12:aa: d6:b7:e0:4b:6b:3f:62:12:95:93:d2:e6:6c:36:64:22:48:be: b4:1e:0b:52:12:a2:ad:72:5f:01:17:2f:52:dd:e5:fc:07:7e: dd:dc:e7:20:b7:cc:d3:7f:67:c0:0c:dc:b2:50:88:5a:d6:c3: 89:62:48:46:95:c5:47:e6:1f:07:e1:ab:94:0e:33:b1:df:14: 13:5f:7a:0e:11:f4:33:87:ab:fb:27:f0:0b:ca:e0:58:a3:20: 16:f5:90:b3:a8:5d:40:37:70:4f:74:5e:36:0a:d3:0d:df:71: da:50:d8:d4:71:82:3f:0e:77:0e:27:ba:22:2b:68:ad:ad:46: 4a:8c:51:33:d6:1a:bb:9a:70:c6:ea:c8:33:94:47:f3:d0:93: 84:ad:1f:c0 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgIUegU/70AfHrGB+/noYnKHyYM7dqQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNTAzMDExNTU4NTFaFw0yNjAyMjgxNjAzNTFaMDMxMTAvBgNV BAMTKENGNEYzRDcwQUQ0MUFEREYxOUZFQ0ZGRDIxOThEMDQ2NkZCREI0RDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjBVVorlSJ30EevOMNTtsKLlDc 8Qv/u/iBcumkNxMEA5c3k0jQDqqCqblONR0v+1T+2nkISD5cBKFU7HV5/zoujfQg ykRbVukYl6HynsRyy9WZhKny6N4P+TPsQrYudeQzSAobbckQIfTKbMOWALbBVyqh +jGR1ZWy776J8NlMBVm8xhrzzmmtZdTSFntjKbOeA3R0KDa/IpoI8oSdaAddpo1w TkaDEns8zl6NJLy0Vdo1bwI3T+pq/vJ4/AB4NvLdtgnk0a9Jni2qJ6lpTZus2TAs JD/26NHR/I2pU/pgtl7xdNIfTvRCLY8BeF7ONaJSiDjnonpdySjRsl39HMLXAgMB AAGjggKKMIIChjAdBgNVHQ4EFgQUz089cK1Brd8Z/s/9IZjQRm+9tNMwHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMHEGCCsGAQUFBwELBGUwYzBhBggrBgEFBQcwC4ZVcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzEzMjEzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAVib4AwQAVib6AwQAVib8 AwQAVib+AwQAWXQ+AwQAWXS2AwQAWXTIAwQAWXTxAwQAWXVQAwQAWXVTAwQAWXVb MAwDBABZdWkDBAJZdWgDBABZdZsDBAJZdaADBABZddowDQYJKoZIhvcNAQELBQAD ggEBALsTgg9BE4G3xpbr3DKsLxOSbIno6Bsgo+t+8f4DfaN4LT8MK3lINujl9M68 OhU3Fyrye1j6bUrUAx30SzQLxtE9Zl0jRRelziYLl4EGLYl+tjwZs5IzetDlXxVn 9BmJvQ2lS+ctfwmjol0Sqta34EtrP2ISlZPS5mw2ZCJIvrQeC1ISoq1yXwEXL1Ld 5fwHft3c5yC3zNN/Z8AM3LJQiFrWw4liSEaVxUfmHwfhq5QOM7HfFBNfeg4R9DOH q/sn8AvK4FijIBb1kLOoXUA3cE90XjYK0w3fcdpQ2NRxgj8Odw4nuiIraK2tRkqM UTPWGruacMbqyDOUR/PQk4StH8A= -----END CERTIFICATE-----Generated at Fri Apr 4 20:19:06 2025 by rpki-client