$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: RtAB2UVi5lX9C7lEndw22mtaqw0m6qwITHYAvhq3CDs= Subject key identifier: BD:77:73:DF:5A:D8:5C:EF:FA:79:58:57:4C:FF:B2:E7:AA:51:6D:71 Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 54AE088415517E95EA182D1B0538CBE74AFE38A9 Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS16509.roa Signing time: Mon 20 Oct 2025 12:22:08 +0000 ROA not before: Mon 20 Oct 2025 12:17:08 +0000 ROA not after: Mon 19 Oct 2026 12:22:08 +0000 asID: 16509 IP address blocks: 86.38.232.0/24 maxlen: 24 89.117.15.0/24 maxlen: 24 89.117.28.0/24 maxlen: 24 89.117.87.0/24 maxlen: 24 89.117.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 22 Oct 2025 05:16:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:ae:08:84:15:51:7e:95:ea:18:2d:1b:05:38:cb:e7:4a:fe:38:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: Oct 20 12:17:08 2025 GMT Not After : Oct 19 12:22:08 2026 GMT Subject: CN=BD7773DF5AD85CEFFA7958574CFFB2E7AA516D71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:ee:42:4e:16:3f:f2:70:e7:a5:71:f3:af:0c: bc:88:f1:9e:eb:de:97:fb:12:be:5c:74:53:3c:5f: bb:93:08:8e:1f:f5:5f:9e:a0:a8:08:18:f0:6b:cf: 9a:71:93:64:86:7e:13:fe:34:a7:3c:c1:55:02:b6: a8:64:18:cb:98:8f:47:6e:e8:44:dc:01:66:b0:e4: ea:03:a0:8a:99:c3:c5:cf:f1:e6:5b:c1:93:3c:6d: 66:31:e6:9f:50:40:48:50:1c:7f:71:4e:2c:b1:57: 0c:cb:35:5f:60:d4:7f:38:af:2b:cf:51:25:bd:70: 5f:ea:06:ec:c2:04:34:40:2a:73:55:b6:09:cd:dd: 83:83:12:92:a4:5d:f0:18:89:cb:2d:ea:74:ef:4d: 00:39:dd:64:4c:1a:4b:3d:2d:9b:2e:97:76:d5:92: a5:dd:07:8c:7b:72:8a:05:b1:e5:e2:b5:e3:8a:74: 92:b7:ee:77:18:3b:42:d9:45:e9:d5:f3:08:62:a0: 7b:41:84:e8:85:2e:3a:4e:a4:70:9a:83:b6:13:ee: 58:28:97:ea:55:06:b3:58:94:11:9f:7f:20:27:f5: 13:ca:2f:04:f2:89:c6:f1:44:65:0b:8b:a8:8e:85: 52:f5:a4:16:ca:66:f6:be:0e:cd:ef:d9:09:70:2e: 17:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:77:73:DF:5A:D8:5C:EF:FA:79:58:57:4C:FF:B2:E7:AA:51:6D:71 X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.38.232.0/24 89.117.15.0/24 89.117.28.0/24 89.117.87.0/24 89.117.153.0/24 Signature Algorithm: sha256WithRSAEncryption d2:47:a9:ff:ff:ae:42:ad:48:16:23:91:1d:7f:dd:83:2f:59: 40:e9:58:ca:6a:25:b4:0d:5a:c7:7a:c6:06:64:49:91:ea:51: 88:d2:54:b1:55:fc:8b:f7:92:69:6a:f9:80:e4:2c:57:40:76: ac:8b:8d:6f:ce:7f:94:3e:e5:b6:fe:e2:35:7f:6a:d0:37:7c: 97:a0:d5:00:58:3a:af:e8:b6:c2:34:c6:00:1c:f5:68:a0:f5: 1a:99:b7:b6:08:cd:bf:ce:a3:ce:88:04:cd:80:9e:56:3e:85: 27:ec:a7:84:00:97:78:f0:4f:9c:4a:c4:7a:cf:19:da:d8:ac: d2:e8:d3:10:dc:42:87:58:35:27:c0:f2:bb:8c:8f:8c:f2:a8: 05:d8:2e:24:5d:db:17:fb:8c:79:ac:8f:7f:08:e3:3a:9d:a0: 4f:d5:88:93:08:86:b1:1e:26:d4:c3:37:41:ff:10:cc:a6:04: 05:41:95:82:f1:16:ce:3a:a0:65:c4:ac:58:6d:ba:e4:2f:a8: c4:7f:27:a3:4c:7b:d1:36:db:01:4e:3f:43:81:1d:4e:d1:d3: 9f:02:f6:a7:5d:a2:e8:46:a9:3f:ff:94:40:2b:7e:80:36:1a: 71:bf:7b:6a:03:e9:73:5d:0a:8f:6c:7a:15:72:2a:b4:bf:bf: d2:97:b6:85 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIUVK4IhBVRfpXqGC0bBTjL50r+OKkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNTEwMjAxMjE3MDhaFw0yNjEwMTkxMjIyMDhaMDMxMTAvBgNV BAMTKEJENzc3M0RGNUFEODVDRUZGQTc5NTg1NzRDRkZCMkU3QUE1MTZENzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp7kJOFj/ycOelcfOvDLyI8Z7r 3pf7Er5cdFM8X7uTCI4f9V+eoKgIGPBrz5pxk2SGfhP+NKc8wVUCtqhkGMuYj0du 6ETcAWaw5OoDoIqZw8XP8eZbwZM8bWYx5p9QQEhQHH9xTiyxVwzLNV9g1H84ryvP USW9cF/qBuzCBDRAKnNVtgnN3YODEpKkXfAYicst6nTvTQA53WRMGks9LZsul3bV kqXdB4x7cooFseXiteOKdJK37ncYO0LZRenV8whioHtBhOiFLjpOpHCag7YT7lgo l+pVBrNYlBGffyAn9RPKLwTyicbxRGULi6iOhVL1pBbKZva+Ds3v2QlwLhdVAgMB AAGjggJGMIICQjAdBgNVHQ4EFgQUvXdz31rYXO/6eVhXTP+y56pRbXEwHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMHEGCCsGAQUFBwELBGUwYzBhBggrBgEFBQcwC4ZVcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzE2NTA5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAViboAwQAWXUPAwQAWXUc AwQAWXVXAwQAWXWZMA0GCSqGSIb3DQEBCwUAA4IBAQDSR6n//65CrUgWI5Edf92D L1lA6VjKaiW0DVrHesYGZEmR6lGI0lSxVfyL95JpavmA5CxXQHasi41vzn+UPuW2 /uI1f2rQN3yXoNUAWDqv6LbCNMYAHPVooPUambe2CM2/zqPOiATNgJ5WPoUn7KeE AJd48E+cSsR6zxna2KzS6NMQ3EKHWDUnwPK7jI+M8qgF2C4kXdsX+4x5rI9/COM6 naBP1YiTCIaxHibUwzdB/xDMpgQFQZWC8RbOOqBlxKxYbbrkL6jEfyejTHvRNtsB Tj9DgR1O0dOfAvanXaLoRqk//5RAK36ANhpxv3tqA+lzXQqPbHoVciq0v7/Sl7aF -----END CERTIFICATE-----Generated at Tue Oct 21 22:22:53 2025 by rpki-client