Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: ntvLL1WFNm08V1i+vZ5C3mGxFCqXpLUu3Ty6bSYCn9g=
Subject key identifier: E7:07:C1:89:53:BB:72:7A:AE:AC:E2:03:1C:E3:88:04:36:DC:F6:2B
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 04C2C495AF091F65E3532AACAD615FF1814B738E
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
Signing time: Fri 05 Jun 2026 06:29:30 +0000
ROA not before: Fri 05 Jun 2026 06:24:30 +0000
ROA not after: Fri 04 Jun 2027 06:29:30 +0000
asID: 834
IP address blocks: 84.46.236.0/22 maxlen: 24
86.38.180.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
86.38.184.0/24 maxlen: 24
86.38.246.0/24 maxlen: 24
86.38.251.0/24 maxlen: 24
86.38.255.0/24 maxlen: 24
89.116.9.0/24 maxlen: 24
89.116.10.0/23 maxlen: 24
89.116.64.0/22 maxlen: 24
89.116.72.0/23 maxlen: 24
89.116.127.0/24 maxlen: 24
89.116.148.0/23 maxlen: 23
89.116.165.0/24 maxlen: 24
89.116.172.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.210.0/23 maxlen: 23
89.117.0.0/22 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.65.0/24 maxlen: 24
89.117.81.0/24 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.96.0/22 maxlen: 24
89.117.112.0/22 maxlen: 22
89.117.120.0/22 maxlen: 24
89.117.132.0/23 maxlen: 24
89.117.142.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.172.0/22 maxlen: 24
89.117.216.0/23 maxlen: 23
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 17:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:c2:c4:95:af:09:1f:65:e3:53:2a:ac:ad:61:5f:f1:81:4b:73:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: Jun 5 06:24:30 2026 GMT
Not After : Jun 4 06:29:30 2027 GMT
Subject: CN=E707C18953BB727AAEACE2031CE3880436DCF62B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e1:9e:61:13:89:fb:f8:8b:35:11:de:ac:b5:
b2:b9:8b:82:a0:9a:9e:10:14:62:8f:2d:17:8c:52:
55:77:a5:64:97:92:26:7f:61:58:57:4e:3d:4b:c1:
08:e4:5d:ce:db:c6:1a:d4:cb:75:16:fa:c1:09:21:
78:da:31:de:40:ff:18:4b:64:72:0a:b6:a1:d5:69:
62:a1:74:c2:9a:9d:c6:39:01:a0:ec:3a:03:f0:88:
bf:e2:1f:88:83:aa:61:5e:28:a9:9d:82:c1:fa:41:
64:cd:85:c2:df:89:a6:ac:37:96:28:e7:23:02:aa:
5d:3b:06:76:01:85:7a:e2:59:7a:29:9e:2d:07:c7:
70:59:fe:38:a7:4c:49:54:30:2b:73:8c:3a:54:ff:
de:27:0b:2c:15:19:b8:5e:7f:23:89:fe:26:d1:00:
39:ba:10:d3:84:b1:9c:73:28:69:c9:97:10:18:5e:
cd:7f:d2:1e:c3:4f:8b:1c:a6:79:e3:db:eb:00:b6:
47:5a:e4:81:af:6a:b6:d2:eb:0a:12:78:60:d7:77:
5b:8a:eb:b4:82:d5:c6:13:8f:16:9c:b3:f4:42:de:
2e:78:1c:92:1e:1c:15:71:bf:0a:50:08:bc:0b:30:
88:cc:56:56:2c:37:b4:bc:20:46:3b:d5:25:df:dc:
27:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:07:C1:89:53:BB:72:7A:AE:AC:E2:03:1C:E3:88:04:36:DC:F6:2B
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
86.38.180.0-86.38.184.255
86.38.246.0/24
86.38.251.0/24
86.38.255.0/24
89.116.9.0-89.116.11.255
89.116.64.0/22
89.116.72.0/23
89.116.127.0/24
89.116.148.0/23
89.116.165.0/24
89.116.172.0/24
89.116.184.0/23
89.116.210.0/23
89.117.0.0/22
89.117.12.0/23
89.117.65.0/24
89.117.81.0/24
89.117.94.0-89.117.99.255
89.117.112.0/22
89.117.120.0/22
89.117.132.0/23
89.117.142.0/23
89.117.158.0/23
89.117.172.0/22
89.117.216.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:5f:7d:da:04:ea:26:0a:07:34:c5:51:38:88:59:1b:de:e8:
e7:97:30:bb:6f:a4:0f:68:46:db:31:3f:8e:40:86:0a:a9:55:
e7:52:38:43:0d:4c:7c:af:f8:2e:e1:c8:61:6a:0b:e1:ad:17:
ae:76:10:d5:7e:dc:65:0e:8f:75:0d:ce:a1:ed:db:72:0f:bd:
9b:9b:d6:74:52:a9:d4:ac:c5:61:e4:c9:6f:c2:8b:93:d9:46:
fa:1b:00:c4:98:ca:96:42:85:00:d7:33:77:91:23:3f:73:5f:
70:b8:07:b8:be:cc:23:ca:68:8c:31:8c:66:70:cc:11:b5:79:
77:35:05:94:49:74:cb:c7:8b:0d:a0:36:ab:2d:a4:f8:0e:2e:
c0:63:b0:15:c9:3e:11:a3:79:2f:3f:c3:2a:c3:b1:22:09:15:
c3:00:75:08:1c:1a:36:51:2a:9e:91:94:15:76:b2:bb:e3:b1:
31:e3:a2:3e:f9:0c:2b:e0:f2:a1:03:37:71:8b:40:c2:b1:56:
0a:3c:52:bb:46:94:88:a0:7b:1c:66:0b:6f:62:ea:a1:c2:84:
d4:3b:10:8f:a3:8b:8c:7c:e7:88:72:12:21:04:3d:29:82:03:
24:fa:6d:2e:88:47:bf:9e:db:1b:ea:4a:bc:c9:3d:76:eb:8d:
b5:e6:c6:97
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgIUBMLEla8JH2XjUyqsrWFf8YFLc44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNjA2MDUwNjI0MzBaFw0yNzA2MDQwNjI5MzBaMDMxMTAvBgNV
BAMTKEU3MDdDMTg5NTNCQjcyN0FBRUFDRTIwMzFDRTM4ODA0MzZEQ0Y2MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp4Z5hE4n7+Is1Ed6stbK5i4Kg
mp4QFGKPLReMUlV3pWSXkiZ/YVhXTj1LwQjkXc7bxhrUy3UW+sEJIXjaMd5A/xhL
ZHIKtqHVaWKhdMKancY5AaDsOgPwiL/iH4iDqmFeKKmdgsH6QWTNhcLfiaasN5Yo
5yMCql07BnYBhXriWXopni0Hx3BZ/jinTElUMCtzjDpU/94nCywVGbhefyOJ/ibR
ADm6ENOEsZxzKGnJlxAYXs1/0h7DT4scpnnj2+sAtkda5IGvarbS6woSeGDXd1uK
67SC1cYTjxacs/RC3i54HJIeHBVxvwpQCLwLMIjMVlYsN7S8IEY71SXf3CevAgMB
AAGjggLfMIIC2zAdBgNVHQ4EFgQU5wfBiVO7cnqurOIDHOOIBDbc9iswHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjCB0QYIKwYBBQUHAQcBAf8EgcEwgb4wgbsEAgABMIG0AwQCVC7sMAwDBAJWJrQD
BABWJrgDBABWJvYDBABWJvsDBABWJv8wDAMEAFl0CQMEAll0CAMEAll0QAMEAVl0
SAMEAFl0fwMEAVl0lAMEAFl0pQMEAFl0rAMEAVl0uAMEAVl00gMEAll1AAMEAVl1
DAMEAFl1QQMEAFl1UTAMAwQBWXVeAwQCWXVgAwQCWXVwAwQCWXV4AwQBWXWEAwQB
WXWOAwQBWXWeAwQCWXWsAwQBWXXYMA0GCSqGSIb3DQEBCwUAA4IBAQBNX33aBOom
Cgc0xVE4iFkb3ujnlzC7b6QPaEbbMT+OQIYKqVXnUjhDDUx8r/gu4chhagvhrReu
dhDVftxlDo91Dc6h7dtyD72bm9Z0UqnUrMVh5MlvwouT2Ub6GwDEmMqWQoUA1zN3
kSM/c19wuAe4vswjymiMMYxmcMwRtXl3NQWUSXTLx4sNoDarLaT4Di7AY7AVyT4R
o3kvP8Mqw7EiCRXDAHUIHBo2USqekZQVdrK747Ex46I++Qwr4PKhAzdxi0DCsVYK
PFK7RpSIoHscZgtvYuqhwoTUOxCPo4uMfOeIchIhBD0pggMk+m0uiEe/ntsb6kq8
yT1264215saX
-----END CERTIFICATE-----
Generated at Sat Jun 6 02:29:40 2026 by rpki-client