Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: jfLAmS81UH1TYhxSv2zgbquevk6bEHUcIabIYq6BHCA=
Subject key identifier: 45:95:38:2F:DA:85:5C:95:7D:B3:6E:EB:37:38:08:73:52:30:4B:A1
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 22906974B3781B698F39EFC9A2DFE44FF663FAEF
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
Signing time: Tue 03 Jun 2025 15:03:55 +0000
ROA not before: Tue 03 Jun 2025 14:58:55 +0000
ROA not after: Tue 02 Jun 2026 15:03:55 +0000
asID: 212238
IP address blocks: 82.140.182.0/24 maxlen: 24
82.140.183.0/24 maxlen: 24
84.46.171.0/24 maxlen: 24
84.46.237.0/24 maxlen: 24
84.46.238.0/24 maxlen: 24
86.38.5.0/24 maxlen: 24
86.38.177.0/24 maxlen: 24
86.38.180.0/24 maxlen: 24
86.38.181.0/24 maxlen: 24
86.38.219.0/24 maxlen: 24
86.38.247.0/24 maxlen: 24
89.116.8.0/22 maxlen: 22
89.116.56.0/24 maxlen: 24
89.116.65.0/24 maxlen: 24
89.116.66.0/24 maxlen: 24
89.116.67.0/24 maxlen: 24
89.116.75.0/24 maxlen: 24
89.116.103.0/24 maxlen: 24
89.116.168.0/24 maxlen: 24
89.116.169.0/24 maxlen: 24
89.116.183.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.13.0/24 maxlen: 24
89.117.41.0/24 maxlen: 24
89.117.84.0/24 maxlen: 24
89.117.95.0/24 maxlen: 24
89.117.97.0/24 maxlen: 24
89.117.98.0/24 maxlen: 24
89.117.99.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.111.0/24 maxlen: 24
89.117.121.0/24 maxlen: 24
89.117.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 13:52:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:90:69:74:b3:78:1b:69:8f:39:ef:c9:a2:df:e4:4f:f6:63:fa:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: Jun 3 14:58:55 2025 GMT
Not After : Jun 2 15:03:55 2026 GMT
Subject: CN=4595382FDA855C957DB36EEB3738087352304BA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b8:f6:de:13:27:98:24:f1:80:36:b7:24:7e:
c9:26:a2:14:e6:f7:b4:dd:1c:c9:bc:78:6c:c0:21:
b4:e5:b9:f4:65:b9:6c:9e:c3:ab:f6:b5:e0:8f:57:
1e:67:ef:1c:f6:2a:ed:eb:3e:23:75:eb:0a:b4:dc:
9b:7f:ac:4f:59:82:2b:77:84:af:d1:51:4f:db:d0:
43:ba:f5:1a:65:5b:33:38:70:93:a1:fd:4e:46:97:
b2:4c:3a:f2:55:b2:8d:b6:dc:07:85:67:8a:ee:a5:
2d:0b:ed:f0:8f:9a:be:d0:24:81:f3:69:31:37:c4:
b2:8b:a9:64:46:2b:76:5f:84:8e:58:47:0d:66:7f:
54:73:3d:e3:0a:91:6b:2f:91:2b:c8:bf:2b:ef:f9:
f9:61:c8:26:f4:9e:76:aa:a6:22:d8:ec:41:b7:31:
a1:fa:0b:39:c0:87:0a:86:d6:1c:fc:68:5c:75:ca:
bd:8f:49:ed:a1:13:4f:c8:27:63:1b:d9:d4:af:f9:
f1:45:02:dc:ab:09:86:9d:77:64:67:f1:fa:2a:fd:
a5:f1:f9:3b:02:f1:0e:c6:58:c2:93:a2:d8:a0:e7:
6f:7e:8a:9c:b0:74:32:72:19:78:7f:1a:73:36:9e:
8d:14:74:d2:d3:39:42:8c:4a:26:88:e3:e3:74:fd:
9d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:95:38:2F:DA:85:5C:95:7D:B3:6E:EB:37:38:08:73:52:30:4B:A1
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.182.0/23
84.46.171.0/24
84.46.237.0-84.46.238.255
86.38.5.0/24
86.38.177.0/24
86.38.180.0/23
86.38.219.0/24
86.38.247.0/24
89.116.8.0/22
89.116.56.0/24
89.116.65.0-89.116.67.255
89.116.75.0/24
89.116.103.0/24
89.116.168.0/23
89.116.183.0/24
89.116.255.0/24
89.117.13.0/24
89.117.41.0/24
89.117.84.0/24
89.117.95.0/24
89.117.97.0-89.117.99.255
89.117.109.0/24
89.117.111.0/24
89.117.121.0-89.117.122.255
Signature Algorithm: sha256WithRSAEncryption
45:ac:cf:72:6a:58:a1:88:a7:f1:f9:df:fb:64:6f:04:40:0d:
1b:2f:02:10:88:7f:8d:98:7f:94:25:da:08:e1:65:31:bc:f6:
53:31:e6:f4:0b:5f:3a:9a:e7:36:27:9d:df:86:8a:e9:7d:5c:
b8:0e:ab:50:87:45:e1:d5:1d:b7:e9:6a:9e:44:74:50:de:72:
4a:f8:8c:2a:26:f8:42:d0:8e:e1:be:7f:7e:66:82:d4:eb:9c:
f8:46:59:86:55:99:ca:84:c5:b1:34:c7:2d:e2:13:ad:80:25:
14:94:75:2a:01:9a:64:83:90:bd:c6:8d:87:59:39:e8:ef:b6:
ea:85:d8:fa:16:84:67:23:83:86:4a:78:58:67:40:25:d4:5c:
e5:1d:77:4c:58:1c:e3:bc:bd:87:93:c0:1f:e9:44:3b:d0:18:
dd:e6:89:d3:de:17:6a:7d:60:a8:e4:31:23:77:29:1e:c6:99:
5e:47:3d:20:c9:9f:15:1f:16:44:5e:7c:2f:c2:7c:2c:a1:fa:
79:5c:b3:79:d5:1a:08:20:8a:e5:2c:ac:9f:84:d1:53:84:da:
5f:3f:63:9b:68:7b:39:63:56:22:e1:7d:25:b0:89:61:73:58:
c5:e6:42:5a:09:d1:97:a6:77:13:f1:1c:a6:c2:87:5a:3b:5b:
49:de:f7:94
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUIpBpdLN4G2mPOe/Jot/kT/Zj+u8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNTA2MDMxNDU4NTVaFw0yNjA2MDIxNTAzNTVaMDMxMTAvBgNV
BAMTKDQ1OTUzODJGREE4NTVDOTU3REIzNkVFQjM3MzgwODczNTIzMDRCQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTuPbeEyeYJPGANrckfskmohTm
97TdHMm8eGzAIbTlufRluWyew6v2teCPVx5n7xz2Ku3rPiN16wq03Jt/rE9Zgit3
hK/RUU/b0EO69RplWzM4cJOh/U5Gl7JMOvJVso223AeFZ4rupS0L7fCPmr7QJIHz
aTE3xLKLqWRGK3ZfhI5YRw1mf1RzPeMKkWsvkSvIvyvv+flhyCb0nnaqpiLY7EG3
MaH6CznAhwqG1hz8aFx1yr2PSe2hE0/IJ2Mb2dSv+fFFAtyrCYadd2Rn8foq/aXx
+TsC8Q7GWMKTotig529+ipywdDJyGXh/GnM2no0UdNLTOUKMSiaI4+N0/Z1VAgMB
AAGjggLeMIIC2jAdBgNVHQ4EFgQURZU4L9qFXJV9s27rNzgIc1IwS6EwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzIxMjIzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjCBzQYIKwYBBQUHAQcBAf8Egb0wgbowgbcEAgABMIGwAwQBUoy2AwQAVC6r
MAwDBABULu0DBABULu4DBABWJgUDBABWJrEDBAFWJrQDBABWJtsDBABWJvcDBAJZ
dAgDBABZdDgwDAMEAFl0QQMEAll0QAMEAFl0SwMEAFl0ZwMEAVl0qAMEAFl0twME
AFl0/wMEAFl1DQMEAFl1KQMEAFl1VAMEAFl1XzAMAwQAWXVhAwQCWXVgAwQAWXVt
AwQAWXVvMAwDBABZdXkDBABZdXowDQYJKoZIhvcNAQELBQADggEBAEWsz3JqWKGI
p/H53/tkbwRADRsvAhCIf42Yf5Ql2gjhZTG89lMx5vQLXzqa5zYnnd+Giul9XLgO
q1CHReHVHbfpap5EdFDeckr4jCom+ELQjuG+f35mgtTrnPhGWYZVmcqExbE0xy3i
E62AJRSUdSoBmmSDkL3GjYdZOejvtuqF2PoWhGcjg4ZKeFhnQCXUXOUdd0xYHOO8
vYeTwB/pRDvQGN3midPeF2p9YKjkMSN3KR7GmV5HPSDJnxUfFkRefC/CfCyh+nlc
s3nVGgggiuUsrJ+E0VOE2l8/Y5toezljViLhfSWwiWFzWMXmQloJ0ZemdxPxHKbC
h1o7W0ne95Q=
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:57:14 2025 by rpki-client