Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: iNJC5nIytw3Q5jksiRiNjoPY2Oe8HFeAqhOpBCtBnWE=
Subject key identifier: 1B:A8:DD:24:62:56:E4:B8:72:0C:A7:10:F6:6F:6A:E6:85:0E:09:21
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 29D91DDF75963BAE32DA9DCF302841AA8DE78CB1
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
Signing time: Wed 01 May 2024 16:02:47 +0000
ROA not before: Wed 01 May 2024 15:57:47 +0000
ROA not after: Wed 30 Apr 2025 16:02:47 +0000
asID: 834
IP address blocks: 84.46.236.0/22 maxlen: 24
86.38.180.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
86.38.184.0/23 maxlen: 23
86.38.186.0/23 maxlen: 23
86.38.248.0/21 maxlen: 21
89.116.64.0/22 maxlen: 24
89.116.72.0/23 maxlen: 24
89.116.148.0/23 maxlen: 23
89.116.172.0/23 maxlen: 23
89.116.210.0/23 maxlen: 23
89.117.0.0/22 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.80.0/22 maxlen: 24
89.117.88.0/22 maxlen: 22
89.117.94.0/23 maxlen: 24
89.117.96.0/22 maxlen: 24
89.117.112.0/22 maxlen: 22
89.117.120.0/22 maxlen: 24
89.117.132.0/22 maxlen: 22
89.117.142.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.160.0/22 maxlen: 22
89.117.172.0/22 maxlen: 24
89.117.216.0/23 maxlen: 23
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:d9:1d:df:75:96:3b:ae:32:da:9d:cf:30:28:41:aa:8d:e7:8c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: May 1 15:57:47 2024 GMT
Not After : Apr 30 16:02:47 2025 GMT
Subject: CN=1BA8DD246256E4B8720CA710F66F6AE6850E0921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:c2:77:38:d7:e7:d5:63:f9:1d:74:99:0e:b7:
f7:e5:5d:42:2c:ab:b6:6e:27:a3:ca:43:3a:fa:6b:
8c:4a:1e:d1:38:ae:1b:2e:ed:16:5e:5a:97:8e:ea:
a4:87:55:62:28:e4:4d:f4:97:10:cf:6f:06:4d:7e:
3a:d6:ed:47:6b:70:9b:ce:1a:93:b2:bf:b7:bd:0d:
41:0a:ad:f1:8b:e3:ab:e6:75:ce:a4:f0:2f:1e:4a:
01:ee:3a:06:1f:dc:bd:16:5f:4c:16:1a:8c:f5:36:
95:d1:89:ac:7d:cd:52:df:e7:a6:81:79:ab:b2:d6:
a5:40:e2:bb:e5:d7:fb:ce:7b:a9:8d:e7:7f:84:16:
ec:4c:d5:55:6a:53:2f:c8:f1:bb:05:8f:e8:62:c9:
1e:c9:14:56:3f:57:16:c6:35:5e:69:59:18:25:22:
9d:89:03:c7:10:61:68:44:99:b6:57:37:ac:da:e3:
00:fa:32:e6:69:5b:03:aa:69:db:e3:4c:b2:f9:20:
18:c6:04:ca:93:25:57:75:19:e1:99:f4:8e:5c:42:
a1:8f:be:2f:12:ea:c6:2c:40:26:8d:5b:7c:b3:3b:
b0:2a:42:09:d1:dd:a2:2a:0b:c5:66:07:75:4f:04:
c0:36:1b:59:36:b5:1d:12:79:4c:84:70:e0:29:77:
e2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A8:DD:24:62:56:E4:B8:72:0C:A7:10:F6:6F:6A:E6:85:0E:09:21
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
86.38.180.0-86.38.187.255
86.38.248.0/21
89.116.64.0/22
89.116.72.0/23
89.116.148.0/23
89.116.172.0/23
89.116.210.0/23
89.117.0.0/22
89.117.12.0/23
89.117.80.0/22
89.117.88.0/22
89.117.94.0-89.117.99.255
89.117.112.0/22
89.117.120.0/22
89.117.132.0/22
89.117.142.0/23
89.117.158.0-89.117.163.255
89.117.172.0/22
89.117.216.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:92:e1:0b:e5:d4:c9:db:0e:2e:21:13:74:5d:27:db:c2:9a:
42:96:ab:18:c7:06:01:90:28:6e:73:3a:cd:74:6d:64:c7:fc:
84:df:23:a8:c2:61:da:e9:da:b9:fa:63:04:f9:3f:bb:de:78:
b1:f7:93:23:ac:a9:12:f6:8e:b9:f3:d7:f3:83:0b:f9:24:85:
e1:29:53:a4:f2:5c:06:d5:c9:55:50:ad:92:e3:32:20:b6:70:
a1:8e:44:ba:c4:14:77:d2:51:c6:81:e6:5c:2a:bc:e4:40:4e:
84:e2:5c:04:2d:f8:43:e4:8c:ae:ab:58:a5:da:66:15:8f:2a:
0f:4e:ad:b6:60:f1:10:f7:7e:55:7e:c9:b7:30:e6:f8:1d:7a:
7a:36:72:1a:71:cd:4d:b8:ac:79:bc:36:df:92:75:91:ee:b2:
2d:e2:b8:23:fa:41:e4:98:13:df:b1:1b:64:31:0b:20:a7:af:
3a:57:2e:e4:91:98:2c:45:8f:d4:fd:f0:a7:a3:22:27:5f:6c:
24:d3:3f:4c:fb:b5:25:a8:1b:cb:a1:bd:3b:b5:32:d5:ec:10:
0c:54:17:13:39:3f:fc:1f:b7:a5:7d:f6:cb:0d:7d:b0:81:db:
f2:84:2f:67:9e:c2:e8:aa:43:47:10:28:ea:89:ae:06:77:23:
4e:26:ec:7f
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgIUKdkd33WWO64y2p3PMChBqo3njLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNDA1MDExNTU3NDdaFw0yNTA0MzAxNjAyNDdaMDMxMTAvBgNV
BAMTKDFCQThERDI0NjI1NkU0Qjg3MjBDQTcxMEY2NkY2QUU2ODUwRTA5MjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtwnc41+fVY/kddJkOt/flXUIs
q7ZuJ6PKQzr6a4xKHtE4rhsu7RZeWpeO6qSHVWIo5E30lxDPbwZNfjrW7UdrcJvO
GpOyv7e9DUEKrfGL46vmdc6k8C8eSgHuOgYf3L0WX0wWGoz1NpXRiax9zVLf56aB
eauy1qVA4rvl1/vOe6mN53+EFuxM1VVqUy/I8bsFj+hiyR7JFFY/VxbGNV5pWRgl
Ip2JA8cQYWhEmbZXN6za4wD6MuZpWwOqadvjTLL5IBjGBMqTJVd1GeGZ9I5cQqGP
vi8S6sYsQCaNW3yzO7AqQgnR3aIqC8VmB3VPBMA2G1k2tR0SeUyEcOApd+J7AgMB
AAGjggK7MIICtzAdBgNVHQ4EFgQUG6jdJGJW5LhyDKcQ9m9q5oUOCSEwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjCBrQYIKwYBBQUHAQcBAf8EgZ0wgZowgZcEAgABMIGQAwQCVC7sMAwDBAJWJrQD
BAJWJrgDBANWJvgDBAJZdEADBAFZdEgDBAFZdJQDBAFZdKwDBAFZdNIDBAJZdQAD
BAFZdQwDBAJZdVADBAJZdVgwDAMEAVl1XgMEAll1YAMEAll1cAMEAll1eAMEAll1
hAMEAVl1jjAMAwQBWXWeAwQCWXWgAwQCWXWsAwQBWXXYMA0GCSqGSIb3DQEBCwUA
A4IBAQBdkuEL5dTJ2w4uIRN0XSfbwppClqsYxwYBkChuczrNdG1kx/yE3yOowmHa
6dq5+mME+T+73nix95MjrKkS9o6589fzgwv5JIXhKVOk8lwG1clVUK2S4zIgtnCh
jkS6xBR30lHGgeZcKrzkQE6E4lwELfhD5Iyuq1il2mYVjyoPTq22YPEQ935Vfsm3
MOb4HXp6NnIacc1NuKx5vDbfknWR7rIt4rgj+kHkmBPfsRtkMQsgp686Vy7kkZgs
RY/U/fCnoyInX2wk0z9M+7UlqBvLob07tTLV7BAMVBcTOT/8H7elffbLDX2wgdvy
hC9nnsLoqkNHECjqia4GdyNOJux/
-----END CERTIFICATE-----
Generated at Wed May 1 19:11:07 2024 by rpki-client on console-fra.rpki-client.org