$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209242.roa File: AS209242.roa (raw, json) Hash identifier: jP+i4RP8C2pe8ja0LUfQSo0ybgh/JIeleyX1/GXHnDo= Subject key identifier: 52:AF:8E:F2:8F:07:4A:F0:59:EE:37:73:B8:A2:EA:11:06:EF:B7:53 Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 447A299433A7D6372356A1FB6EE1DD9B0B8B446C Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209242.roa Signing time: Fri 22 Nov 2024 12:56:51 +0000 ROA not before: Fri 22 Nov 2024 12:51:51 +0000 ROA not after: Fri 21 Nov 2025 12:56:51 +0000 asID: 209242 IP address blocks: 86.38.214.0/24 maxlen: 24 89.116.46.0/23 maxlen: 24 89.116.161.0/24 maxlen: 24 89.116.180.0/24 maxlen: 24 89.116.250.0/24 maxlen: 24 89.116.252.0/24 maxlen: 24 89.117.84.0/24 maxlen: 24 89.117.112.0/24 maxlen: 24 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 11 Apr 2025 08:15:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:7a:29:94:33:a7:d6:37:23:56:a1:fb:6e:e1:dd:9b:0b:8b:44:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: Nov 22 12:51:51 2024 GMT Not After : Nov 21 12:56:51 2025 GMT Subject: CN=52AF8EF28F074AF059EE3773B8A2EA1106EFB753 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:71:e7:09:1a:1e:e3:45:06:ba:bc:e8:6a:cd: 23:99:6c:78:15:a2:6b:6c:49:b2:33:54:9e:1d:a3: b1:a6:8b:de:b5:79:81:57:9b:0b:68:81:ef:af:92: bc:0c:e7:27:f4:24:62:7f:25:96:8a:bb:0b:93:65: 77:5f:4a:d1:72:e2:68:1c:22:df:15:9d:60:1b:cd: 76:62:cd:ae:43:57:61:39:6a:ba:21:17:fa:dd:fc: 0d:10:7f:67:bd:50:c3:05:5c:d5:f6:51:e0:44:b5: 50:f4:fa:17:ab:9c:8a:57:bb:8a:bf:5f:b9:70:e9: 3a:4f:06:ed:35:e9:ca:2d:08:33:d5:38:a4:b9:8f: 0b:c9:a1:d1:ee:1f:24:5b:18:40:e3:05:81:00:e3: 46:be:08:e1:76:7e:06:0e:8f:52:df:f9:10:75:dc: 8f:7e:14:5d:ae:63:5f:c0:14:c5:97:4d:fb:8e:f7: 87:93:64:be:80:b8:8f:27:ee:2d:89:36:94:7d:c9: f7:93:a5:23:30:36:cb:9f:b6:53:d5:0d:69:6d:19: 29:cc:d2:5f:3b:40:03:ef:28:5a:55:bb:b3:e8:c2: f1:e2:5e:ec:74:eb:1b:73:c4:73:73:e3:e4:b1:1c: 7a:4f:b2:ac:eb:38:7e:27:23:9a:fa:25:ea:36:24: a0:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:AF:8E:F2:8F:07:4A:F0:59:EE:37:73:B8:A2:EA:11:06:EF:B7:53 X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209242.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.38.214.0/24 89.116.46.0/23 89.116.161.0/24 89.116.180.0/24 89.116.250.0/24 89.116.252.0/24 89.117.84.0/24 89.117.112.0/24 Signature Algorithm: sha256WithRSAEncryption 5c:76:3f:a9:66:7f:6a:a1:b2:57:93:9a:9b:e6:24:48:67:06: 7c:7c:4c:8c:99:a4:db:32:c4:4b:28:7d:17:97:1c:14:9f:ef: 74:3e:6a:22:a3:34:92:98:8a:6a:5c:ac:80:75:ba:7c:c6:d7: be:75:45:90:c2:7a:d1:ab:f8:61:99:42:8a:18:0b:24:6a:08: 96:0a:ce:50:87:eb:72:b6:41:a8:db:0a:db:ef:25:ca:63:d2: f4:be:b1:4a:0d:ab:db:a1:0d:48:ff:82:d5:89:f0:20:63:f6: 2a:a5:91:27:9b:6f:9c:e0:68:97:7e:1a:6e:f5:0c:24:d2:f5: ea:e4:ee:c9:78:59:b8:a2:0a:bf:fd:7d:8e:a6:52:5a:a8:dd: b5:5d:d4:36:3e:0b:71:89:94:77:cb:33:1d:1b:36:1d:f9:62: ae:4e:13:af:ac:5b:69:9c:ab:d9:a1:25:98:b7:2c:de:19:c6: 08:d6:89:a0:7c:f6:09:3b:50:5c:3c:43:99:6f:bd:be:76:7d: bf:11:4d:e9:b0:e3:3e:da:00:58:56:39:5b:62:09:a8:77:77: e4:88:75:58:04:90:d3:3a:0b:3d:06:8d:c4:4f:56:21:43:ee: 73:ef:bf:84:49:c9:d7:e0:7b:a1:1e:a5:6b:6d:d9:1c:95:00: f5:7c:73:56 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgIURHoplDOn1jcjVqH7buHdmwuLRGwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNDExMjIxMjUxNTFaFw0yNTExMjExMjU2NTFaMDMxMTAvBgNV BAMTKDUyQUY4RUYyOEYwNzRBRjA1OUVFMzc3M0I4QTJFQTExMDZFRkI3NTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxcecJGh7jRQa6vOhqzSOZbHgV omtsSbIzVJ4do7Gmi961eYFXmwtoge+vkrwM5yf0JGJ/JZaKuwuTZXdfStFy4mgc It8VnWAbzXZiza5DV2E5arohF/rd/A0Qf2e9UMMFXNX2UeBEtVD0+hernIpXu4q/ X7lw6TpPBu016cotCDPVOKS5jwvJodHuHyRbGEDjBYEA40a+COF2fgYOj1Lf+RB1 3I9+FF2uY1/AFMWXTfuO94eTZL6AuI8n7i2JNpR9yfeTpSMwNsuftlPVDWltGSnM 0l87QAPvKFpVu7PowvHiXux06xtzxHNz4+SxHHpPsqzrOH4nI5r6Jeo2JKBBAgMB AAGjggJZMIICVTAdBgNVHQ4EFgQUUq+O8o8HSvBZ7jdzuKLqEQbvt1MwHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzIwOTI0Mi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjBJBggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAFYm1gMEAVl0LgMEAFl0 oQMEAFl0tAMEAFl0+gMEAFl0/AMEAFl1VAMEAFl1cDANBgkqhkiG9w0BAQsFAAOC AQEAXHY/qWZ/aqGyV5Oam+YkSGcGfHxMjJmk2zLESyh9F5ccFJ/vdD5qIqM0kpiK alysgHW6fMbXvnVFkMJ60av4YZlCihgLJGoIlgrOUIfrcrZBqNsK2+8lymPS9L6x Sg2r26ENSP+C1YnwIGP2KqWRJ5tvnOBol34abvUMJNL16uTuyXhZuKIKv/19jqZS WqjdtV3UNj4LcYmUd8szHRs2Hflirk4Tr6xbaZyr2aElmLcs3hnGCNaJoHz2CTtQ XDxDmW+9vnZ9vxFN6bDjPtoAWFY5W2IJqHd35Ih1WASQ0zoLPQaNxE9WIUPuc++/ hEnJ1+B7oR6la23ZHJUA9XxzVg== -----END CERTIFICATE-----Generated at Fri Apr 11 00:18:31 2025 by rpki-client