Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: UJqd+FFfXYCbYIKurZx379M5oZ0/nZxk3Ihe+Kg/+NI=
Subject key identifier: EE:A1:A0:FE:AD:59:4B:A4:9A:DA:FE:8E:45:38:3B:1F:B1:0D:EA:A6
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 573CAE0AC74495FD302919C514D0F9F0D47EE12E
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
Signing time: Tue 30 Sep 2025 12:43:19 +0000
ROA not before: Tue 30 Sep 2025 12:38:19 +0000
ROA not after: Tue 29 Sep 2026 12:43:19 +0000
asID: 212238
IP address blocks: 82.140.182.0/24 maxlen: 24
82.140.183.0/24 maxlen: 24
84.46.171.0/24 maxlen: 24
84.46.237.0/24 maxlen: 24
84.46.238.0/24 maxlen: 24
86.38.5.0/24 maxlen: 24
86.38.177.0/24 maxlen: 24
86.38.180.0/24 maxlen: 24
86.38.181.0/24 maxlen: 24
86.38.219.0/24 maxlen: 24
86.38.247.0/24 maxlen: 24
89.116.56.0/24 maxlen: 24
89.116.65.0/24 maxlen: 24
89.116.66.0/24 maxlen: 24
89.116.67.0/24 maxlen: 24
89.116.75.0/24 maxlen: 24
89.116.103.0/24 maxlen: 24
89.116.131.0/24 maxlen: 24
89.116.168.0/24 maxlen: 24
89.116.169.0/24 maxlen: 24
89.116.183.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.13.0/24 maxlen: 24
89.117.41.0/24 maxlen: 24
89.117.95.0/24 maxlen: 24
89.117.97.0/24 maxlen: 24
89.117.98.0/24 maxlen: 24
89.117.99.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.111.0/24 maxlen: 24
89.117.121.0/24 maxlen: 24
89.117.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Oct 2025 15:42:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:3c:ae:0a:c7:44:95:fd:30:29:19:c5:14:d0:f9:f0:d4:7e:e1:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: Sep 30 12:38:19 2025 GMT
Not After : Sep 29 12:43:19 2026 GMT
Subject: CN=EEA1A0FEAD594BA49ADAFE8E45383B1FB10DEAA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:39:45:08:e9:fc:08:56:e6:2c:9d:0d:85:aa:
51:c0:55:5a:7b:b3:d9:fd:7c:9d:5c:e6:cb:86:7f:
40:77:d0:ff:d3:07:aa:f0:ac:c7:99:29:7d:ad:93:
54:6a:73:04:11:14:19:ac:e1:02:79:48:28:a5:4c:
3c:16:99:48:e6:6f:c7:d5:8c:aa:c5:56:a8:c2:08:
e2:f3:34:49:16:dd:a5:32:73:13:12:d0:64:5a:23:
6f:c0:5c:d3:72:6b:20:c5:7e:4a:df:fc:2a:95:70:
be:90:b7:6f:1a:e4:0c:62:9f:db:2d:48:7b:f2:b8:
92:54:f6:a4:ae:81:9b:f0:73:b3:30:57:a9:d0:45:
09:12:83:3c:cf:9c:a0:b1:66:a0:55:cc:c5:98:99:
10:be:18:98:4e:ef:8e:2b:bb:d1:4a:9d:90:85:7a:
e7:6f:db:e8:0d:e8:6a:b3:99:8e:f3:cf:64:4a:6a:
4c:7f:36:c2:53:6b:9f:e7:cc:79:1d:15:38:30:11:
87:42:67:ed:4e:38:35:6c:54:a0:86:5e:6b:a4:35:
6e:1a:33:5a:ac:21:fe:db:44:37:73:bc:c7:83:15:
1f:73:d2:4d:bb:2f:93:2e:06:1f:16:d6:3b:08:c8:
de:e1:bb:e6:84:e5:da:4e:15:ea:3f:63:64:28:9b:
03:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A1:A0:FE:AD:59:4B:A4:9A:DA:FE:8E:45:38:3B:1F:B1:0D:EA:A6
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.182.0/23
84.46.171.0/24
84.46.237.0-84.46.238.255
86.38.5.0/24
86.38.177.0/24
86.38.180.0/23
86.38.219.0/24
86.38.247.0/24
89.116.56.0/24
89.116.65.0-89.116.67.255
89.116.75.0/24
89.116.103.0/24
89.116.131.0/24
89.116.168.0/23
89.116.183.0/24
89.116.255.0/24
89.117.13.0/24
89.117.41.0/24
89.117.95.0/24
89.117.97.0-89.117.99.255
89.117.109.0/24
89.117.111.0/24
89.117.121.0-89.117.122.255
Signature Algorithm: sha256WithRSAEncryption
13:5d:92:3d:01:e4:f5:99:35:e0:a9:b2:44:e3:3b:9b:f4:0f:
60:4e:ae:ea:9b:23:44:74:55:35:8a:d6:65:29:e2:c7:63:cc:
3f:28:5d:9a:73:09:44:83:1e:06:69:b2:c0:1f:57:68:94:d0:
f4:d8:6c:2c:ae:f9:2a:c4:00:f4:79:c7:a3:ee:32:21:1f:98:
d6:37:33:39:e9:60:a1:ad:f2:60:84:f2:f3:81:63:31:43:34:
bb:2e:4f:7b:36:04:db:fd:6e:f9:ed:82:2f:5c:d0:6d:2f:66:
27:5b:f3:c8:a4:12:ec:8b:0d:b8:92:88:29:2e:f5:4e:38:e5:
8b:03:9c:2e:b1:a8:c6:81:04:b4:6d:a6:92:25:bd:e0:d4:90:
57:d5:ef:fa:f8:23:72:95:73:5b:c6:52:bf:62:b1:ac:a7:9d:
a8:e9:59:01:fa:3f:a9:46:a5:69:95:3d:07:a1:75:83:6c:a8:
b9:2c:3f:10:c4:b6:c0:6a:fc:45:d7:56:84:c5:d8:7a:cf:5c:
65:50:42:69:e5:ef:ea:79:68:29:b8:d9:cc:cd:71:c6:c9:69:
e7:17:fa:8c:f6:8d:4d:7a:d2:a1:d2:49:e6:c6:bf:91:80:c9:
50:86:75:a5:65:4f:b6:88:c4:9c:3e:6d:f5:61:a4:d8:8c:eb:
81:2e:1b:78
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgIUVzyuCsdElf0wKRnFFND58NR+4S4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNTA5MzAxMjM4MTlaFw0yNjA5MjkxMjQzMTlaMDMxMTAvBgNV
BAMTKEVFQTFBMEZFQUQ1OTRCQTQ5QURBRkU4RTQ1MzgzQjFGQjEwREVBQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPOUUI6fwIVuYsnQ2FqlHAVVp7
s9n9fJ1c5suGf0B30P/TB6rwrMeZKX2tk1RqcwQRFBms4QJ5SCilTDwWmUjmb8fV
jKrFVqjCCOLzNEkW3aUycxMS0GRaI2/AXNNyayDFfkrf/CqVcL6Qt28a5Axin9st
SHvyuJJU9qSugZvwc7MwV6nQRQkSgzzPnKCxZqBVzMWYmRC+GJhO744ru9FKnZCF
eudv2+gN6GqzmY7zz2RKakx/NsJTa5/nzHkdFTgwEYdCZ+1OODVsVKCGXmukNW4a
M1qsIf7bRDdzvMeDFR9z0k27L5MuBh8W1jsIyN7hu+aE5dpOFeo/Y2QomwM1AgMB
AAGjggLYMIIC1DAdBgNVHQ4EFgQU7qGg/q1ZS6Sa2v6ORTg7H7EN6qYwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzIxMjIzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjCBxwYIKwYBBQUHAQcBAf8EgbcwgbQwgbEEAgABMIGqAwQBUoy2AwQAVC6r
MAwDBABULu0DBABULu4DBABWJgUDBABWJrEDBAFWJrQDBABWJtsDBABWJvcDBABZ
dDgwDAMEAFl0QQMEAll0QAMEAFl0SwMEAFl0ZwMEAFl0gwMEAVl0qAMEAFl0twME
AFl0/wMEAFl1DQMEAFl1KQMEAFl1XzAMAwQAWXVhAwQCWXVgAwQAWXVtAwQAWXVv
MAwDBABZdXkDBABZdXowDQYJKoZIhvcNAQELBQADggEBABNdkj0B5PWZNeCpskTj
O5v0D2BOruqbI0R0VTWK1mUp4sdjzD8oXZpzCUSDHgZpssAfV2iU0PTYbCyu+SrE
APR5x6PuMiEfmNY3MznpYKGt8mCE8vOBYzFDNLsuT3s2BNv9bvntgi9c0G0vZidb
88ikEuyLDbiSiCku9U445YsDnC6xqMaBBLRtppIlveDUkFfV7/r4I3KVc1vGUr9i
saynnajpWQH6P6lGpWmVPQehdYNsqLksPxDEtsBq/EXXVoTF2HrPXGVQQmnl7+p5
aCm42czNccbJaecX+oz2jU160qHSSebGv5GAyVCGdaVlT7aIxJw+bfVhpNiM64Eu
G3g=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:26:16 2025 by rpki-client