Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: EZsQUJhxNuzATY4rn6LTyGYaTO/aKNTf6oqAibKKt2o=
Subject key identifier: A5:AC:47:34:8E:AE:76:85:20:D5:2A:6C:09:C0:5E:F7:9B:86:5F:61
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 4037FEC5F436499C04C4615CD4FC3989F6F81282
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
Signing time: Fri 14 Feb 2025 07:38:07 +0000
ROA not before: Fri 14 Feb 2025 07:33:07 +0000
ROA not after: Fri 13 Feb 2026 07:38:07 +0000
asID: 834
IP address blocks: 84.46.236.0/22 maxlen: 24
86.38.180.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
86.38.184.0/24 maxlen: 24
86.38.187.0/24 maxlen: 24
86.38.246.0/24 maxlen: 24
86.38.249.0/24 maxlen: 24
86.38.251.0/24 maxlen: 24
89.116.64.0/22 maxlen: 24
89.116.72.0/23 maxlen: 24
89.116.148.0/23 maxlen: 23
89.116.172.0/24 maxlen: 24
89.116.182.0/24 maxlen: 24
89.116.210.0/23 maxlen: 23
89.117.0.0/22 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.96.0/22 maxlen: 24
89.117.112.0/22 maxlen: 22
89.117.120.0/22 maxlen: 24
89.117.132.0/22 maxlen: 22
89.117.142.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.172.0/22 maxlen: 24
89.117.216.0/23 maxlen: 23
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Feb 2025 22:27:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:37:fe:c5:f4:36:49:9c:04:c4:61:5c:d4:fc:39:89:f6:f8:12:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: Feb 14 07:33:07 2025 GMT
Not After : Feb 13 07:38:07 2026 GMT
Subject: CN=A5AC47348EAE768520D52A6C09C05EF79B865F61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e2:d5:a3:6e:6d:29:09:e1:4e:8a:73:65:08:
ad:ee:27:94:ad:07:17:8d:ae:fe:23:05:81:f6:e0:
d4:d5:45:26:fe:2e:15:c9:11:2d:dd:f9:b3:6e:e0:
a5:a9:b4:82:60:65:c8:66:d6:0b:39:19:0e:b1:57:
93:25:c5:99:b4:07:ab:fa:1f:ee:f7:2b:ff:6d:14:
61:eb:c9:1e:ee:b4:82:3a:06:13:c4:ff:ef:b3:7b:
3a:ab:1c:6f:0e:2c:06:c3:d9:a1:80:36:f3:6f:b4:
ea:df:15:68:b8:02:2a:32:11:fc:09:45:37:f3:2a:
fe:7a:eb:a9:76:6a:b9:92:0e:fe:b3:e2:98:09:52:
8a:68:17:76:ab:92:7e:bf:1f:69:a5:5b:d3:c0:db:
33:fa:c8:83:91:78:c0:0d:29:2c:61:97:b5:72:2e:
ee:be:04:58:3b:2a:50:95:2a:8d:89:29:eb:13:7c:
14:0a:c2:71:bd:6d:fc:59:89:b6:f3:92:9f:df:de:
23:fa:28:9c:b9:5f:90:df:4f:3d:2c:99:ce:b4:ad:
59:0d:6d:ec:b7:20:fc:84:55:df:12:d4:ec:7e:43:
87:51:5a:13:76:9a:44:a0:46:d4:74:72:7f:db:cd:
fd:02:88:20:b0:a9:25:5f:04:e4:0b:fd:97:14:20:
b1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AC:47:34:8E:AE:76:85:20:D5:2A:6C:09:C0:5E:F7:9B:86:5F:61
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
86.38.180.0-86.38.184.255
86.38.187.0/24
86.38.246.0/24
86.38.249.0/24
86.38.251.0/24
89.116.64.0/22
89.116.72.0/23
89.116.148.0/23
89.116.172.0/24
89.116.182.0/24
89.116.210.0/23
89.117.0.0/22
89.117.12.0/23
89.117.94.0-89.117.99.255
89.117.112.0/22
89.117.120.0/22
89.117.132.0/22
89.117.142.0/23
89.117.158.0/23
89.117.172.0/22
89.117.216.0/23
Signature Algorithm: sha256WithRSAEncryption
61:d1:f2:54:7c:3f:47:9b:23:21:28:2f:c4:10:d2:bc:c6:2c:
99:3c:80:5a:45:a7:dc:5c:9b:63:c1:d4:d2:7c:e4:71:ff:60:
bf:55:1e:db:f0:e0:9c:de:2c:96:f4:d8:f1:42:00:8c:82:26:
ca:6f:ea:81:a8:12:53:61:9d:5b:5c:88:27:2f:80:5e:64:d9:
8f:d8:66:e5:f3:3a:e9:f3:18:1c:64:d2:61:ff:15:c7:9f:c8:
68:ad:c1:6b:b6:5d:aa:53:60:28:90:ee:15:2f:ff:66:59:8f:
9c:88:a5:fd:56:ea:e4:dd:24:e7:9c:6b:97:5e:a3:2e:fe:2e:
de:e3:88:f0:8b:67:82:5e:ae:f3:bf:81:fd:c3:06:33:bb:79:
85:af:c5:ea:1b:6e:51:c2:7b:14:dc:19:c0:f7:e9:6c:72:a1:
ee:69:d4:12:be:77:c1:36:a6:b2:be:5f:97:65:c9:76:15:68:
ab:d5:67:95:78:17:37:ad:fc:0d:ac:d0:39:be:4c:82:1f:d1:
0c:dc:34:68:e6:3b:64:9f:5a:32:15:d2:9c:8e:0f:bc:f2:24:
bc:9b:bf:41:ae:7b:0c:4d:b4:69:03:ee:17:2a:46:c9:25:d0:
bc:a3:af:85:d2:17:60:25:29:bc:0b:1e:c5:32:f2:c5:e0:05:
e7:45:44:e2
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgIUQDf+xfQ2SZwExGFc1Pw5ifb4EoIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNTAyMTQwNzMzMDdaFw0yNjAyMTMwNzM4MDdaMDMxMTAvBgNV
BAMTKEE1QUM0NzM0OEVBRTc2ODUyMEQ1MkE2QzA5QzA1RUY3OUI4NjVGNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCC4tWjbm0pCeFOinNlCK3uJ5St
BxeNrv4jBYH24NTVRSb+LhXJES3d+bNu4KWptIJgZchm1gs5GQ6xV5MlxZm0B6v6
H+73K/9tFGHryR7utII6BhPE/++zezqrHG8OLAbD2aGANvNvtOrfFWi4AioyEfwJ
RTfzKv5666l2armSDv6z4pgJUopoF3arkn6/H2mlW9PA2zP6yIOReMANKSxhl7Vy
Lu6+BFg7KlCVKo2JKesTfBQKwnG9bfxZibbzkp/f3iP6KJy5X5DfTz0smc60rVkN
bey3IPyEVd8S1Ox+Q4dRWhN2mkSgRtR0cn/bzf0CiCCwqSVfBOQL/ZcUILGxAgMB
AAGjggK/MIICuzAdBgNVHQ4EFgQUpaxHNI6udoUg1SpsCcBe95uGX2EwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjCBsQYIKwYBBQUHAQcBAf8EgaEwgZ4wgZsEAgABMIGUAwQCVC7sMAwDBAJWJrQD
BABWJrgDBABWJrsDBABWJvYDBABWJvkDBABWJvsDBAJZdEADBAFZdEgDBAFZdJQD
BABZdKwDBABZdLYDBAFZdNIDBAJZdQADBAFZdQwwDAMEAVl1XgMEAll1YAMEAll1
cAMEAll1eAMEAll1hAMEAVl1jgMEAVl1ngMEAll1rAMEAVl12DANBgkqhkiG9w0B
AQsFAAOCAQEAYdHyVHw/R5sjISgvxBDSvMYsmTyAWkWn3FybY8HU0nzkcf9gv1Ue
2/DgnN4slvTY8UIAjIImym/qgagSU2GdW1yIJy+AXmTZj9hm5fM66fMYHGTSYf8V
x5/IaK3Ba7ZdqlNgKJDuFS//ZlmPnIil/Vbq5N0k55xrl16jLv4u3uOI8Itngl6u
87+B/cMGM7t5ha/F6htuUcJ7FNwZwPfpbHKh7mnUEr53wTamsr5fl2XJdhVoq9Vn
lXgXN638DazQOb5Mgh/RDNw0aOY7ZJ9aMhXSnI4PvPIkvJu/Qa57DE20aQPuFypG
ySXQvKOvhdIXYCUpvAsexTLyxeAF50VE4g==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:25:45 2025 by rpki-client