$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS40021.roa File: AS40021.roa (raw, json) Hash identifier: JPYGZhAsD4njk6s25Pz4RF4E8BqcMk8w0dSXdOeFHzU= Subject key identifier: D5:38:F2:19:33:C1:37:E0:69:99:F3:D3:39:78:68:6B:F4:58:C1:3B Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 249F23928ECB03A669E75ED4BE239C8E49886BC8 Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS40021.roa Signing time: Fri 29 May 2026 15:47:18 +0000 ROA not before: Fri 29 May 2026 15:42:18 +0000 ROA not after: Fri 28 May 2027 15:47:18 +0000 asID: 40021 IP address blocks: 89.117.16.0/21 maxlen: 21 89.117.72.0/21 maxlen: 24 89.117.144.0/21 maxlen: 21 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Jun 2026 17:49:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:9f:23:92:8e:cb:03:a6:69:e7:5e:d4:be:23:9c:8e:49:88:6b:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: May 29 15:42:18 2026 GMT Not After : May 28 15:47:18 2027 GMT Subject: CN=D538F21933C137E06999F3D33978686BF458C13B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:6f:94:f6:fb:ce:8a:ac:c2:f4:ca:c0:b6:80: 30:99:b6:b5:d9:c2:73:87:a9:0b:3c:75:69:10:45: ff:19:f6:69:41:fe:1a:65:6e:14:50:c3:0e:13:85: a2:d7:48:cd:c3:87:23:4e:5f:d1:26:e5:f1:68:a8: 52:ae:ed:2e:9e:90:91:67:9d:6a:30:aa:49:26:72: 8b:b6:fd:22:39:9a:51:75:39:42:82:33:91:13:29: 5a:3f:33:7e:47:95:91:c1:e3:1b:2b:68:dc:aa:3d: e1:21:67:55:a3:6f:d2:34:f1:f1:7b:13:0c:b4:3e: b0:64:fb:ca:67:97:4b:eb:92:32:b3:79:9b:fd:7b: c7:ec:a8:db:16:f0:aa:fa:ad:29:43:3c:ff:24:f0: 2a:07:a3:2d:79:e9:ff:4b:2e:fc:e0:bd:82:49:f8: 71:98:b4:61:ee:19:0e:7f:eb:2c:75:26:c6:a5:c2: ee:74:41:6f:50:e0:6e:38:0d:09:09:76:07:f1:f1: e6:e2:56:06:81:08:94:5c:1c:e4:59:fb:a8:01:89: ba:20:76:43:a9:07:07:a2:72:a3:0e:c3:a1:84:7b: 8f:f0:b1:11:86:a8:10:a9:25:fc:a2:75:bc:93:7d: d0:0c:b6:2c:33:e6:68:5d:13:21:13:68:77:e2:9e: be:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:38:F2:19:33:C1:37:E0:69:99:F3:D3:39:78:68:6B:F4:58:C1:3B X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS40021.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.117.16.0/21 89.117.72.0/21 89.117.144.0/21 Signature Algorithm: sha256WithRSAEncryption 5a:1f:92:5c:30:e5:cb:0b:28:e3:ac:9d:d2:77:08:de:6e:c5: b5:25:7e:46:87:c5:23:6f:d7:13:24:51:5e:96:73:8a:06:41: 85:d3:b7:33:97:01:31:de:36:4b:b6:be:00:54:3c:64:05:08: 37:2b:97:6a:dc:82:06:67:90:93:18:26:7e:93:51:45:95:b7: c4:a3:3f:bb:16:39:25:70:b1:cd:38:b2:8f:7f:ee:9a:53:9b: 54:9f:47:61:87:be:7d:6d:c3:5d:5a:81:5d:cc:77:fa:28:ba: 8c:1d:c0:08:eb:99:ee:64:8b:dc:bb:1f:45:68:8a:7f:5e:73: b6:2d:cb:89:15:16:41:8d:8d:28:4c:c6:b9:f6:01:ed:7f:9a: 87:f6:0d:e9:30:46:50:b3:37:4f:1b:1b:4c:40:bc:7b:bd:fb: 3d:14:04:d0:30:bb:7c:92:24:1e:a4:be:ee:ad:73:26:a6:c4: 75:e8:63:93:8c:2a:c6:8b:b4:0b:0d:8b:ce:77:49:b1:75:91: 9c:ed:45:51:e4:59:a3:3b:94:ac:16:89:77:67:e6:64:84:93: 7a:06:20:92:00:0b:03:36:c8:f0:a7:62:50:f6:16:6e:85:48: 40:79:be:ab:9b:1e:37:59:ff:1d:1d:99:1a:51:bd:ca:29:f7: 27:ce:8f:8a -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgIUJJ8jko7LA6Zp517UviOcjkmIa8gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNjA1MjkxNTQyMThaFw0yNzA1MjgxNTQ3MThaMDMxMTAvBgNV BAMTKEQ1MzhGMjE5MzNDMTM3RTA2OTk5RjNEMzM5Nzg2ODZCRjQ1OEMxM0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQb5T2+86KrML0ysC2gDCZtrXZ wnOHqQs8dWkQRf8Z9mlB/hplbhRQww4ThaLXSM3DhyNOX9Em5fFoqFKu7S6ekJFn nWowqkkmcou2/SI5mlF1OUKCM5ETKVo/M35HlZHB4xsraNyqPeEhZ1Wjb9I08fF7 Ewy0PrBk+8pnl0vrkjKzeZv9e8fsqNsW8Kr6rSlDPP8k8CoHoy156f9LLvzgvYJJ +HGYtGHuGQ5/6yx1Jsalwu50QW9Q4G44DQkJdgfx8ebiVgaBCJRcHORZ+6gBibog dkOpBweicqMOw6GEe4/wsRGGqBCpJfyidbyTfdAMtiwz5mhdEyETaHfinr4zAgMB AAGjggI6MIICNjAdBgNVHQ4EFgQU1TjyGTPBN+BpmfPTOXhoa/RYwTswHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMHEGCCsGAQUFBwELBGUwYzBhBggrBgEFBQcwC4ZVcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzQwMDIxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWXUQAwQDWXVIAwQDWXWQ MA0GCSqGSIb3DQEBCwUAA4IBAQBaH5JcMOXLCyjjrJ3SdwjebsW1JX5Gh8Ujb9cT JFFelnOKBkGF07czlwEx3jZLtr4AVDxkBQg3K5dq3IIGZ5CTGCZ+k1FFlbfEoz+7 FjklcLHNOLKPf+6aU5tUn0dhh759bcNdWoFdzHf6KLqMHcAI65nuZIvcux9FaIp/ XnO2LcuJFRZBjY0oTMa59gHtf5qH9g3pMEZQszdPGxtMQLx7vfs9FATQMLt8kiQe pL7urXMmpsR16GOTjCrGi7QLDYvOd0mxdZGc7UVR5FmjO5SsFol3Z+ZkhJN6BiCS AAsDNsjwp2JQ9hZuhUhAeb6rmx43Wf8dHZkaUb3KKfcnzo+K -----END CERTIFICATE-----Generated at Sat Jun 6 02:29:38 2026 by rpki-client