$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209854.roa File: AS209854.roa (raw, json) Hash identifier: Q5fMDPPhbMjc1qs2050dJUWxEQ3tKy5jJ6i0T+waKAI= Subject key identifier: 51:BC:D4:2B:B3:71:0E:7A:D8:98:E0:07:5F:C2:5D:84:C6:C6:D5:E8 Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 4415607B63D238975BB7663922CBF76E7E507BC8 Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209854.roa Signing time: Mon 10 Mar 2025 07:53:57 +0000 ROA not before: Mon 10 Mar 2025 07:48:57 +0000 ROA not after: Mon 09 Mar 2026 07:53:57 +0000 asID: 209854 IP address blocks: 89.117.40.0/24 maxlen: 24 89.117.41.0/24 maxlen: 24 89.117.42.0/24 maxlen: 24 89.117.43.0/24 maxlen: 24 89.117.44.0/24 maxlen: 24 89.117.45.0/24 maxlen: 24 89.117.46.0/24 maxlen: 24 89.117.47.0/24 maxlen: 24 89.117.104.0/24 maxlen: 24 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 08:10:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:15:60:7b:63:d2:38:97:5b:b7:66:39:22:cb:f7:6e:7e:50:7b:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: Mar 10 07:48:57 2025 GMT Not After : Mar 9 07:53:57 2026 GMT Subject: CN=51BCD42BB3710E7AD898E0075FC25D84C6C6D5E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:50:d7:b9:bb:3e:4f:ba:3b:a2:1b:cf:1b:9b: 7b:ff:f5:d8:c1:bc:d6:0a:26:b6:46:e6:c6:fa:34: 66:ad:ad:5e:f3:84:62:b1:66:49:ac:f2:df:53:c2: 19:3a:93:ad:83:1f:1d:79:8d:e7:ea:9f:ed:2e:f3: 08:77:f1:66:14:fe:65:ba:54:e4:6e:80:b1:7b:aa: 15:f7:2a:a3:ae:0b:9c:44:2d:8c:8a:74:70:dd:2e: a2:29:29:60:95:fa:3d:d6:7b:84:e4:07:10:91:b3: 8b:e3:c6:88:3b:73:aa:53:b4:6c:da:ff:f6:b8:e9: 59:37:a1:8b:0f:c6:ec:ea:7a:73:db:db:64:1f:9f: 47:83:55:c5:de:bf:7c:13:47:46:ad:a2:17:b8:26: cd:71:e0:fe:43:53:80:be:1c:b0:f3:e9:49:55:dd: ec:7a:e5:61:f8:13:fc:ab:c9:d7:d1:2e:62:be:93: ae:ec:4a:4c:ad:d5:22:73:93:cf:9b:2c:96:17:88: 05:f8:cf:73:33:0a:81:31:01:f1:c5:13:c0:3d:d8: 7a:d8:c4:a9:16:82:57:54:c0:d0:9a:d9:76:b9:14: 6b:a6:3a:30:f6:6e:f4:84:47:b3:35:af:44:05:4e: 0e:3e:eb:b3:36:e6:e6:ec:8b:ed:e0:39:3a:fc:b9: a4:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:BC:D4:2B:B3:71:0E:7A:D8:98:E0:07:5F:C2:5D:84:C6:C6:D5:E8 X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209854.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.117.40.0/21 89.117.104.0/24 Signature Algorithm: sha256WithRSAEncryption c5:52:e5:c5:dd:4c:fc:4d:21:2c:45:a6:d3:59:88:d7:88:12: dd:c5:68:75:01:8d:e9:77:07:9c:d4:82:97:5c:dd:ee:36:2e: f3:e1:f4:8a:72:af:35:8c:d3:59:5e:82:b4:29:88:fd:d6:e6: b7:88:bf:32:04:7b:40:c4:bd:90:e1:c2:17:95:6f:69:cd:37: 12:a1:54:6f:0f:03:1e:5f:f7:c3:66:f7:36:19:27:ef:d9:4d: e2:1b:62:0e:51:fe:b7:44:5d:c6:87:05:1e:e7:42:cb:d5:24: 8e:86:9a:48:23:28:34:1d:3b:87:b6:dd:c6:59:a6:50:30:b8: 4c:9e:14:88:c3:e0:f0:84:c3:4d:cf:62:73:f8:8d:cd:1b:2f: e4:b4:94:b5:29:31:94:57:a6:ad:b9:c2:9b:9f:fd:53:83:11: 32:3c:a6:15:56:a5:47:48:9a:21:2c:4d:27:07:dd:ba:55:d6: ae:18:9f:a4:cb:8f:cd:85:53:a6:ef:5b:dd:59:9e:88:bb:72: 23:69:bb:14:ad:61:a1:91:89:fb:3a:8e:83:47:8d:c3:ef:c6: 69:55:f3:dc:f7:57:dc:5c:ca:e7:4c:de:71:a4:ce:3f:6e:60: 91:ce:63:cf:8c:a2:36:05:34:ed:85:64:78:eb:a9:7c:4b:f6: c1:18:20:5f -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgIURBVge2PSOJdbt2Y5Isv3bn5Qe8gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNTAzMTAwNzQ4NTdaFw0yNjAzMDkwNzUzNTdaMDMxMTAvBgNV BAMTKDUxQkNENDJCQjM3MTBFN0FEODk4RTAwNzVGQzI1RDg0QzZDNkQ1RTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUUNe5uz5PujuiG88bm3v/9djB vNYKJrZG5sb6NGatrV7zhGKxZkms8t9Twhk6k62DHx15jefqn+0u8wh38WYU/mW6 VORugLF7qhX3KqOuC5xELYyKdHDdLqIpKWCV+j3We4TkBxCRs4vjxog7c6pTtGza //a46Vk3oYsPxuzqenPb22Qfn0eDVcXev3wTR0atohe4Js1x4P5DU4C+HLDz6UlV 3ex65WH4E/yrydfRLmK+k67sSkyt1SJzk8+bLJYXiAX4z3MzCoExAfHFE8A92HrY xKkWgldUwNCa2Xa5FGumOjD2bvSER7M1r0QFTg4+67M25ubsi+3gOTr8uaR7AgMB AAGjggI1MIICMTAdBgNVHQ4EFgQUUbzUK7NxDnrYmOAHX8JdhMbG1egwHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzIwOTg1NC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA1l1KAMEAFl1aDANBgkq hkiG9w0BAQsFAAOCAQEAxVLlxd1M/E0hLEWm01mI14gS3cVodQGN6XcHnNSCl1zd 7jYu8+H0inKvNYzTWV6CtCmI/dbmt4i/MgR7QMS9kOHCF5Vvac03EqFUbw8DHl/3 w2b3Nhkn79lN4htiDlH+t0RdxocFHudCy9UkjoaaSCMoNB07h7bdxlmmUDC4TJ4U iMPg8ITDTc9ic/iNzRsv5LSUtSkxlFemrbnCm5/9U4MRMjymFValR0iaISxNJwfd ulXWrhifpMuPzYVTpu9b3VmeiLtyI2m7FK1hoZGJ+zqOg0eNw+/GaVXz3PdX3FzK 50zecaTOP25gkc5jz4yiNgU07YVkeOupfEv2wRggXw== -----END CERTIFICATE-----Generated at Fri Apr 4 20:20:36 2025 by rpki-client