$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: Hct+LpOVylCLCjQRc9/8I+sLFQPtq/y6qwdJYSqU4Ag= Subject key identifier: A0:2D:A6:CA:6A:84:03:2F:E2:9A:B3:43:3F:C7:51:71:10:18:DD:A2 Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 222D5B52B28C609E91E9CA5FAB4F1D0401D4BF7A Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS16509.roa Signing time: Mon 25 Aug 2025 12:54:45 +0000 ROA not before: Mon 25 Aug 2025 12:49:45 +0000 ROA not after: Mon 24 Aug 2026 12:54:45 +0000 asID: 16509 IP address blocks: 86.38.232.0/24 maxlen: 24 89.117.15.0/24 maxlen: 24 89.117.28.0/24 maxlen: 24 89.117.81.0/24 maxlen: 24 89.117.87.0/24 maxlen: 24 89.117.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Sep 2025 15:47:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:2d:5b:52:b2:8c:60:9e:91:e9:ca:5f:ab:4f:1d:04:01:d4:bf:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: Aug 25 12:49:45 2025 GMT Not After : Aug 24 12:54:45 2026 GMT Subject: CN=A02DA6CA6A84032FE29AB3433FC751711018DDA2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:e0:5a:b8:4e:86:67:9a:7b:7a:84:ac:33:41: 3d:94:a6:f3:32:4d:bd:8c:48:24:de:35:02:96:66: be:2c:87:a4:1b:4b:c9:a3:e7:14:a7:fb:91:9d:77: 15:e0:3c:d4:f0:81:4c:0b:98:dd:04:ec:2b:f1:51: 30:ea:60:84:72:f8:56:78:3b:1c:e9:8d:42:f5:17: da:cd:63:9e:fc:88:1d:a9:e1:80:ee:7c:d2:f9:19: ea:e2:4b:53:a3:65:1d:9f:3e:2a:38:e9:fc:60:cb: 4d:09:c9:61:c5:75:e6:97:81:46:1a:02:40:c1:a1: bb:19:d0:11:3b:65:8d:59:85:82:fd:8e:98:12:4e: fe:d9:bb:22:10:9a:cb:d9:a4:63:db:87:04:eb:5f: b5:84:90:64:f1:14:c4:f1:13:45:d8:e6:57:3e:3c: 82:7e:35:f9:ee:1d:12:b2:1b:72:56:cd:b3:29:12: 02:1a:9d:83:83:ad:c3:71:17:e1:b9:63:48:9c:44: 7e:92:59:55:d7:19:5f:a4:ad:00:63:dc:89:53:18: e1:33:c0:ef:51:4a:f0:81:7b:e6:61:b8:56:7a:b9: be:a3:bc:81:7b:92:5d:ee:c3:e5:99:bf:51:47:88: 00:0e:8e:be:47:ad:08:27:c8:5b:10:8d:2a:21:40: 7f:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:2D:A6:CA:6A:84:03:2F:E2:9A:B3:43:3F:C7:51:71:10:18:DD:A2 X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.38.232.0/24 89.117.15.0/24 89.117.28.0/24 89.117.81.0/24 89.117.87.0/24 89.117.153.0/24 Signature Algorithm: sha256WithRSAEncryption 84:c8:86:4b:7e:c2:f5:cf:5b:2b:94:bd:3b:ae:63:b0:d4:f4: aa:20:2a:2c:18:3a:67:42:97:f6:ac:9f:78:0f:9f:d4:64:e1: 5d:56:88:9a:6b:07:bf:76:57:ad:ff:db:32:6d:69:2c:99:50: 4c:11:38:3c:62:89:2a:61:20:ae:62:45:bc:2a:92:29:36:d2: 28:a9:40:fb:85:4a:90:e2:e5:5d:cb:d4:0e:4f:35:11:4c:fa: 43:b8:b0:35:1d:7e:b9:2f:e8:bd:c1:df:f0:67:f9:ae:b5:74: ca:d6:45:3d:70:e4:56:0b:29:33:61:3e:8a:84:54:67:69:cb: 22:06:0f:e3:42:8a:0d:25:2d:56:f6:79:13:76:29:bd:b4:30: f4:56:19:11:bf:3c:99:46:96:c4:ac:d1:31:0e:3a:f9:62:ac: 59:6d:21:8c:c9:9f:7e:73:d5:9e:d1:fb:d6:e6:77:35:d5:de: 76:58:ec:63:a8:5a:0b:35:b5:ec:5b:9d:36:21:b6:37:1e:ad: 88:fb:5a:81:c0:e2:3f:5f:0e:a6:ef:02:a0:b0:9a:d9:af:70: cb:71:29:e4:02:95:60:0d:88:55:e6:eb:b9:fb:16:63:e5:24: 28:34:72:a7:b2:17:03:5e:86:a8:da:94:41:e0:60:f6:46:c0: 06:d6:37:8a -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgIUIi1bUrKMYJ6R6cpfq08dBAHUv3owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNTA4MjUxMjQ5NDVaFw0yNjA4MjQxMjU0NDVaMDMxMTAvBgNV BAMTKEEwMkRBNkNBNkE4NDAzMkZFMjlBQjM0MzNGQzc1MTcxMTAxOEREQTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa4Fq4ToZnmnt6hKwzQT2UpvMy Tb2MSCTeNQKWZr4sh6QbS8mj5xSn+5GddxXgPNTwgUwLmN0E7CvxUTDqYIRy+FZ4 OxzpjUL1F9rNY578iB2p4YDufNL5GeriS1OjZR2fPio46fxgy00JyWHFdeaXgUYa AkDBobsZ0BE7ZY1ZhYL9jpgSTv7ZuyIQmsvZpGPbhwTrX7WEkGTxFMTxE0XY5lc+ PIJ+NfnuHRKyG3JWzbMpEgIanYODrcNxF+G5Y0icRH6SWVXXGV+krQBj3IlTGOEz wO9RSvCBe+ZhuFZ6ub6jvIF7kl3uw+WZv1FHiAAOjr5HrQgnyFsQjSohQH9JAgMB AAGjggJMMIICSDAdBgNVHQ4EFgQUoC2mymqEAy/imrNDP8dRcRAY3aIwHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMHEGCCsGAQUFBwELBGUwYzBhBggrBgEFBQcwC4ZVcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzE2NTA5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAViboAwQAWXUPAwQAWXUc AwQAWXVRAwQAWXVXAwQAWXWZMA0GCSqGSIb3DQEBCwUAA4IBAQCEyIZLfsL1z1sr lL07rmOw1PSqICosGDpnQpf2rJ94D5/UZOFdVoiaawe/dlet/9sybWksmVBMETg8 YokqYSCuYkW8KpIpNtIoqUD7hUqQ4uVdy9QOTzURTPpDuLA1HX65L+i9wd/wZ/mu tXTK1kU9cORWCykzYT6KhFRnacsiBg/jQooNJS1W9nkTdim9tDD0VhkRvzyZRpbE rNExDjr5YqxZbSGMyZ9+c9We0fvW5nc11d52WOxjqFoLNbXsW502IbY3Hq2I+1qB wOI/Xw6m7wKgsJrZr3DLcSnkApVgDYhV5uu5+xZj5SQoNHKnshcDXoao2pRB4GD2 RsAG1jeK -----END CERTIFICATE-----Generated at Sat Sep 6 08:11:17 2025 by rpki-client