Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: fZEwlovAQ5i7kWEWr9mOPROdm7wHvPUdITMyJapR9RE=
Subject key identifier: BF:9C:35:6C:9A:C5:1A:F3:EA:59:9C:B9:79:61:F3:2F:B5:AC:B1:E6
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 2FA389E6866186FC07AA0EF338933D7182720657
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
Signing time: Fri 21 Jun 2024 09:47:34 +0000
ROA not before: Fri 21 Jun 2024 09:42:34 +0000
ROA not after: Fri 20 Jun 2025 09:47:34 +0000
asID: 212238
IP address blocks: 82.140.182.0/24 maxlen: 24
84.46.171.0/24 maxlen: 24
84.46.237.0/24 maxlen: 24
84.46.238.0/24 maxlen: 24
86.38.5.0/24 maxlen: 24
86.38.177.0/24 maxlen: 24
86.38.180.0/24 maxlen: 24
86.38.181.0/24 maxlen: 24
86.38.219.0/24 maxlen: 24
86.38.247.0/24 maxlen: 24
89.116.56.0/24 maxlen: 24
89.116.65.0/24 maxlen: 24
89.116.66.0/24 maxlen: 24
89.116.67.0/24 maxlen: 24
89.116.75.0/24 maxlen: 24
89.116.168.0/24 maxlen: 24
89.116.169.0/24 maxlen: 24
89.116.172.0/24 maxlen: 24
89.116.183.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.13.0/24 maxlen: 24
89.117.41.0/24 maxlen: 24
89.117.95.0/24 maxlen: 24
89.117.97.0/24 maxlen: 24
89.117.98.0/24 maxlen: 24
89.117.99.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.111.0/24 maxlen: 24
89.117.121.0/24 maxlen: 24
89.117.122.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:a3:89:e6:86:61:86:fc:07:aa:0e:f3:38:93:3d:71:82:72:06:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: Jun 21 09:42:34 2024 GMT
Not After : Jun 20 09:47:34 2025 GMT
Subject: CN=BF9C356C9AC51AF3EA599CB97961F32FB5ACB1E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ac:e4:5a:05:f8:30:de:3b:e8:42:7b:83:d4:
e2:1e:50:d5:f7:be:40:4a:01:e9:7d:2d:8e:d6:37:
9d:47:d7:93:40:c4:bf:8a:f5:83:1a:eb:eb:c6:cc:
a8:d2:ba:70:65:1e:42:e4:9b:4b:85:55:70:de:e7:
6c:0f:db:ea:30:2a:e2:4d:5f:4d:31:a1:10:1f:05:
f9:8c:8c:d6:d9:a1:3f:50:3d:f4:3f:ff:44:70:30:
f2:e2:5a:2d:58:94:2a:08:35:c5:a0:9f:a2:4d:5b:
25:48:1a:1c:1f:5d:3c:89:a8:96:57:c4:45:01:32:
f4:be:96:5d:d8:20:f3:42:27:c1:76:40:3f:e2:af:
40:f2:ee:28:2c:fa:24:9e:b7:b8:6f:f8:ff:ce:a3:
4a:3b:75:90:4c:f1:d7:15:75:45:67:88:b7:3e:7b:
20:d4:0a:77:64:a8:75:3b:cd:26:30:8d:18:d3:5d:
a3:73:ea:06:20:dd:96:af:33:d4:4f:9f:b0:17:90:
dc:10:9a:92:01:cd:f4:63:a4:5e:8c:7f:9f:0b:38:
ed:00:4b:1a:e5:a9:f0:4a:4e:58:19:f8:30:0c:e1:
c6:9c:ff:b4:1f:d8:65:ef:10:da:88:11:e3:16:83:
17:1a:2e:a5:9d:63:74:c9:9e:41:0b:e3:60:1b:5e:
78:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:9C:35:6C:9A:C5:1A:F3:EA:59:9C:B9:79:61:F3:2F:B5:AC:B1:E6
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.182.0/24
84.46.171.0/24
84.46.237.0-84.46.238.255
86.38.5.0/24
86.38.177.0/24
86.38.180.0/23
86.38.219.0/24
86.38.247.0/24
89.116.56.0/24
89.116.65.0-89.116.67.255
89.116.75.0/24
89.116.168.0/23
89.116.172.0/24
89.116.183.0/24
89.116.255.0/24
89.117.13.0/24
89.117.41.0/24
89.117.95.0/24
89.117.97.0-89.117.99.255
89.117.109.0/24
89.117.111.0/24
89.117.121.0-89.117.122.255
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
80:c5:af:47:05:a2:4d:fc:64:0b:6c:8a:ad:9f:1f:41:a0:e2:
d5:32:ad:aa:3f:a0:f2:c5:bd:9a:b8:40:a9:5e:eb:8b:21:27:
5d:0d:43:28:bc:21:48:fd:38:c1:d7:ce:56:c3:6c:e0:9a:8d:
db:28:8a:99:06:bd:67:dc:fd:2d:39:9f:db:7c:a8:4b:07:12:
fe:d0:ad:fd:55:19:e5:c0:08:17:33:ef:01:2d:b8:df:b5:cd:
1c:b8:81:95:3e:31:82:de:61:2e:ac:cf:a4:98:c3:be:bd:10:
fd:ba:3c:50:c4:79:81:b1:c4:5d:60:08:6d:1d:36:0a:cc:af:
33:fe:d5:4c:39:f9:b2:5c:09:25:ff:01:7d:a1:48:75:1d:8e:
df:88:6c:73:d6:5e:0e:02:d3:2b:10:ce:24:ec:63:62:c2:5f:
74:e3:2c:b4:7c:ca:87:8b:79:2f:4a:b4:58:93:e7:b1:99:09:
bb:b7:32:58:6b:10:75:95:d5:7b:65:6e:5b:20:ad:8f:84:4b:
69:4b:4f:8f:4e:50:2b:95:75:01:6d:a9:74:7c:c6:72:7b:21:
86:92:68:95:6d:39:8d:0b:30:5a:4e:1f:9d:69:73:dc:ac:f6:
67:8c:5c:5a:99:fc:98:17:1a:17:d8:e3:de:75:8c:45:9e:1c:
7e:06:8b:04
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgIUL6OJ5oZhhvwHqg7zOJM9cYJyBlcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNDA2MjEwOTQyMzRaFw0yNTA2MjAwOTQ3MzRaMDMxMTAvBgNV
BAMTKEJGOUMzNTZDOUFDNTFBRjNFQTU5OUNCOTc5NjFGMzJGQjVBQ0IxRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvrORaBfgw3jvoQnuD1OIeUNX3
vkBKAel9LY7WN51H15NAxL+K9YMa6+vGzKjSunBlHkLkm0uFVXDe52wP2+owKuJN
X00xoRAfBfmMjNbZoT9QPfQ//0RwMPLiWi1YlCoINcWgn6JNWyVIGhwfXTyJqJZX
xEUBMvS+ll3YIPNCJ8F2QD/ir0Dy7igs+iSet7hv+P/Oo0o7dZBM8dcVdUVniLc+
eyDUCndkqHU7zSYwjRjTXaNz6gYg3ZavM9RPn7AXkNwQmpIBzfRjpF6Mf58LOO0A
SxrlqfBKTlgZ+DAM4cac/7Qf2GXvENqIEeMWgxcaLqWdY3TJnkEL42AbXngDAgMB
AAGjggLYMIIC1DAdBgNVHQ4EFgQUv5w1bJrFGvPqWZy5eWHzL7WsseYwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzIxMjIzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjCBxwYIKwYBBQUHAQcBAf8EgbcwgbQwgbEEAgABMIGqAwQAUoy2AwQAVC6r
MAwDBABULu0DBABULu4DBABWJgUDBABWJrEDBAFWJrQDBABWJtsDBABWJvcDBABZ
dDgwDAMEAFl0QQMEAll0QAMEAFl0SwMEAVl0qAMEAFl0rAMEAFl0twMEAFl0/wME
AFl1DQMEAFl1KQMEAFl1XzAMAwQAWXVhAwQCWXVgAwQAWXVtAwQAWXVvMAwDBABZ
dXkDBABZdXoDBABZdfowDQYJKoZIhvcNAQELBQADggEBAIDFr0cFok38ZAtsiq2f
H0Gg4tUyrao/oPLFvZq4QKle64shJ10NQyi8IUj9OMHXzlbDbOCajdsoipkGvWfc
/S05n9t8qEsHEv7Qrf1VGeXACBcz7wEtuN+1zRy4gZU+MYLeYS6sz6SYw769EP26
PFDEeYGxxF1gCG0dNgrMrzP+1Uw5+bJcCSX/AX2hSHUdjt+IbHPWXg4C0ysQziTs
Y2LCX3TjLLR8yoeLeS9KtFiT57GZCbu3MlhrEHWV1XtlblsgrY+ES2lLT49OUCuV
dQFtqXR8xnJ7IYaSaJVtOY0LMFpOH51pc9ys9meMXFqZ/JgXGhfY4951jEWeHH4G
iwQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:56:52 2024 by rpki-client on console-fra.rpki-client.org