$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS3320.roa File: AS3320.roa (raw, json) Hash identifier: ZFZvIY/sDaorum6AMiSlSQhXOfHT0p+LBmol0eUjeAU= Subject key identifier: 83:23:BB:0C:6B:F3:CF:DE:BD:DB:CD:BF:50:85:7F:55:59:A1:6E:57 Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 585E2ECF20B78721639C34FCC45695F79B8E016B Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS3320.roa Signing time: Fri 14 Mar 2025 12:47:06 +0000 ROA not before: Fri 14 Mar 2025 12:42:06 +0000 ROA not after: Fri 13 Mar 2026 12:47:06 +0000 asID: 3320 IP address blocks: 86.38.37.0/24 maxlen: 24 86.38.248.0/21 maxlen: 24 89.116.172.0/24 maxlen: 24 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 08:10:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:5e:2e:cf:20:b7:87:21:63:9c:34:fc:c4:56:95:f7:9b:8e:01:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: Mar 14 12:42:06 2025 GMT Not After : Mar 13 12:47:06 2026 GMT Subject: CN=8323BB0C6BF3CFDEBDDBCDBF50857F5559A16E57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:5f:c7:02:ff:38:a5:fa:f4:7d:78:64:28:da: 19:28:f9:74:49:5d:d2:e4:14:4f:2d:2c:0c:56:9d: 87:f1:d0:bf:ab:7b:c1:a7:26:41:8b:23:16:cc:5b: d0:14:ef:53:26:dd:39:a9:d9:5d:2e:2b:f2:c6:98: 28:98:a4:aa:51:e6:f6:53:a0:de:da:0a:4c:e4:d9: 07:e6:97:8b:04:42:96:8a:1f:45:0e:9d:70:1b:ab: 5e:4c:52:53:ce:52:c7:36:73:c5:bb:b7:ce:8d:65: 9c:35:60:a5:d8:90:2f:2f:32:98:ff:51:4a:de:4d: 78:9e:4d:bc:90:5e:c2:4c:0a:13:8d:4a:1a:bc:63: 3e:82:d2:73:de:7a:4a:2e:27:4a:02:05:6f:f1:c5: 14:75:f9:44:d6:53:3d:62:80:0f:28:17:93:ec:7c: 6f:5b:22:4b:39:0f:f1:99:b6:8a:76:c1:27:7a:8f: 3b:f0:f6:5b:13:aa:47:d6:d5:fd:47:b0:67:37:97: 08:76:8b:8b:db:c2:fc:b1:b0:f3:55:1f:72:ca:a1: 6e:46:48:e4:00:dd:cf:e4:28:4e:b8:bd:93:df:54: 90:a0:a5:39:11:24:e9:ce:aa:04:a5:0e:f1:bf:da: 7a:c9:31:52:52:db:81:6f:dc:e1:b8:b4:ee:90:f0: ea:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:23:BB:0C:6B:F3:CF:DE:BD:DB:CD:BF:50:85:7F:55:59:A1:6E:57 X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS3320.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.38.37.0/24 86.38.248.0/21 89.116.172.0/24 Signature Algorithm: sha256WithRSAEncryption b3:ce:6d:5b:d7:dc:7b:37:b3:2b:1d:28:30:c0:ab:e6:8a:02: 7a:f7:47:71:c1:ae:77:43:b7:2a:17:92:1d:88:98:4a:fd:c1: f1:fa:df:05:fd:ae:09:0b:42:f9:08:52:9d:74:1b:1c:e9:59: 49:e7:42:e8:79:6b:bc:de:4a:fe:e9:09:94:e8:82:b1:2a:f6: 24:e7:08:1b:8e:3c:a3:7c:14:7e:cd:48:dd:df:52:ab:5f:33: dc:42:7d:b8:e2:9d:85:97:1e:fd:68:23:75:71:0a:82:45:8d: 5e:05:2a:3d:06:7f:0b:6e:90:96:f9:e1:ca:a0:76:a0:bb:82: 4a:e9:64:a0:75:36:45:ce:20:98:8e:b4:d2:11:3e:d4:c1:d2: 0a:34:e6:bb:b8:d9:87:47:5b:9d:80:9e:c5:c2:a6:53:a8:a4: 01:8e:da:95:01:16:73:6e:a6:2b:bf:e5:af:75:83:bc:13:72: d8:22:9c:58:53:50:31:ed:a5:36:12:e8:a1:a6:eb:6f:0a:c8: 2a:65:ce:77:93:58:9f:b3:49:16:ef:9d:00:e0:1e:e7:da:54: d9:61:db:ae:2c:89:e9:48:2d:e5:d0:36:f9:41:38:d5:1e:01: f4:33:a8:b3:cf:db:c3:72:ef:ef:d7:9f:34:f9:e1:44:42:f9: c7:2e:13:63 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUWF4uzyC3hyFjnDT8xFaV95uOAWswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNTAzMTQxMjQyMDZaFw0yNjAzMTMxMjQ3MDZaMDMxMTAvBgNV BAMTKDgzMjNCQjBDNkJGM0NGREVCRERCQ0RCRjUwODU3RjU1NTlBMTZFNTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaX8cC/zil+vR9eGQo2hko+XRJ XdLkFE8tLAxWnYfx0L+re8GnJkGLIxbMW9AU71Mm3Tmp2V0uK/LGmCiYpKpR5vZT oN7aCkzk2Qfml4sEQpaKH0UOnXAbq15MUlPOUsc2c8W7t86NZZw1YKXYkC8vMpj/ UUreTXieTbyQXsJMChONShq8Yz6C0nPeekouJ0oCBW/xxRR1+UTWUz1igA8oF5Ps fG9bIks5D/GZtop2wSd6jzvw9lsTqkfW1f1HsGc3lwh2i4vbwvyxsPNVH3LKoW5G SOQA3c/kKE64vZPfVJCgpTkRJOnOqgSlDvG/2nrJMVJS24Fv3OG4tO6Q8OptAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUgyO7DGvzz969282/UIV/VVmhblcwHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMHAGCCsGAQUFBwELBGQwYjBgBggrBgEFBQcwC4ZUcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzMzMjAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABWJiUDBANWJvgDBABZdKww DQYJKoZIhvcNAQELBQADggEBALPObVvX3Hs3sysdKDDAq+aKAnr3R3HBrndDtyoX kh2ImEr9wfH63wX9rgkLQvkIUp10GxzpWUnnQuh5a7zeSv7pCZTogrEq9iTnCBuO PKN8FH7NSN3fUqtfM9xCfbjinYWXHv1oI3VxCoJFjV4FKj0GfwtukJb54cqgdqC7 gkrpZKB1NkXOIJiOtNIRPtTB0go05ru42YdHW52AnsXCplOopAGO2pUBFnNupiu/ 5a91g7wTctginFhTUDHtpTYS6KGm628KyCplzneTWJ+zSRbvnQDgHufaVNlh264s ielILeXQNvlBONUeAfQzqLPP28Ny7+/XnzT54URC+ccuE2M= -----END CERTIFICATE-----Generated at Fri Apr 4 20:15:01 2025 by rpki-client