Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: gb42Nd9uAllDe72Cf8LMzNkg3fCEIA++9gIYwTRzUmA=
Subject key identifier: FB:FF:A4:11:96:88:A2:F2:37:48:71:DA:4B:26:2E:85:C1:D1:23:C9
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 7D91747C853ED28496A99CEF0BF14256C93C3494
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
Signing time: Sun 11 May 2025 00:04:27 +0000
ROA not before: Sat 10 May 2025 23:59:27 +0000
ROA not after: Sun 10 May 2026 00:04:27 +0000
asID: 834
IP address blocks: 84.46.236.0/22 maxlen: 24
86.38.180.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
86.38.184.0/24 maxlen: 24
86.38.187.0/24 maxlen: 24
86.38.246.0/24 maxlen: 24
86.38.251.0/24 maxlen: 24
86.38.255.0/24 maxlen: 24
89.116.45.0/24 maxlen: 24
89.116.64.0/22 maxlen: 24
89.116.72.0/23 maxlen: 24
89.116.148.0/23 maxlen: 23
89.116.165.0/24 maxlen: 24
89.116.210.0/23 maxlen: 23
89.117.0.0/22 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.84.0/24 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.96.0/22 maxlen: 24
89.117.112.0/22 maxlen: 22
89.117.120.0/22 maxlen: 24
89.117.132.0/22 maxlen: 22
89.117.142.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.172.0/22 maxlen: 24
89.117.216.0/23 maxlen: 23
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 03:51:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:91:74:7c:85:3e:d2:84:96:a9:9c:ef:0b:f1:42:56:c9:3c:34:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: May 10 23:59:27 2025 GMT
Not After : May 10 00:04:27 2026 GMT
Subject: CN=FBFFA4119688A2F2374871DA4B262E85C1D123C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e3:e4:c7:d5:fa:9a:9a:0f:b7:b5:15:b2:06:
fb:3d:7a:cd:65:6c:61:90:09:41:91:59:d5:f7:32:
94:ef:46:38:78:c4:ae:5b:6e:14:b8:04:fc:77:96:
8b:38:5a:c4:d4:44:d9:f7:8c:d0:24:9b:e0:30:8f:
4f:74:d5:5f:84:51:d7:61:0c:07:ac:8c:9f:08:50:
2e:34:08:0f:c9:29:60:83:0c:6e:a2:d1:70:df:89:
55:21:1c:ac:cc:b7:aa:ba:fd:45:2b:73:70:40:ac:
57:69:95:19:dd:62:b6:e4:6e:41:3b:a4:46:d2:6a:
a1:5f:73:b0:32:6d:59:5b:07:71:37:06:cb:4c:b8:
c1:ce:ec:eb:84:e5:b6:0c:13:9a:94:0e:c2:25:dd:
80:bb:e7:5b:df:16:05:e7:20:fa:56:d8:5c:fe:78:
c4:17:e8:bd:48:ca:07:cc:25:e4:37:aa:a7:0e:b6:
24:a4:e9:c3:d9:e9:bd:3b:81:33:29:0f:13:01:28:
63:0d:37:9a:74:5c:c6:04:39:08:66:e5:23:29:b0:
bc:ee:8e:ef:60:1d:9e:f7:88:4e:83:4c:ce:d0:20:
d9:12:e4:76:0a:d4:eb:ac:dd:20:9f:ec:62:44:ec:
17:2b:64:52:95:64:17:01:59:92:cf:ba:fb:e8:dc:
66:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FF:A4:11:96:88:A2:F2:37:48:71:DA:4B:26:2E:85:C1:D1:23:C9
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
86.38.180.0-86.38.184.255
86.38.187.0/24
86.38.246.0/24
86.38.251.0/24
86.38.255.0/24
89.116.45.0/24
89.116.64.0/22
89.116.72.0/23
89.116.148.0/23
89.116.165.0/24
89.116.210.0/23
89.117.0.0/22
89.117.12.0/23
89.117.84.0/24
89.117.94.0-89.117.99.255
89.117.112.0/22
89.117.120.0/22
89.117.132.0/22
89.117.142.0/23
89.117.158.0/23
89.117.172.0/22
89.117.216.0/23
Signature Algorithm: sha256WithRSAEncryption
69:11:2c:ce:62:ff:36:f5:7a:b9:9c:f5:6d:da:30:ca:65:9a:
34:23:2a:af:20:86:53:61:0b:4d:d6:2b:28:1a:d4:47:c6:ad:
14:63:f3:c4:67:89:82:4a:5a:6c:50:1c:12:2c:75:32:8f:92:
27:18:74:fc:78:7f:cd:16:9a:46:fd:81:d0:12:cd:41:ea:a8:
bd:5f:96:88:de:64:ef:e2:45:8f:f0:a8:b5:f7:7f:08:31:93:
d0:67:74:01:75:35:a7:49:83:62:66:22:68:1d:cd:23:34:1e:
73:32:98:d9:b3:99:3c:51:a7:56:ec:85:28:94:48:e2:4e:30:
52:69:52:28:8f:f7:12:fa:2f:2f:2e:4e:ee:e2:de:d6:6f:41:
69:1f:a1:b2:ac:81:31:b3:c1:d9:63:81:9c:5f:b2:7d:31:b9:
b4:29:02:cd:b4:6e:0d:48:71:fb:2c:ef:f9:b3:a9:29:02:bf:
5e:90:b0:62:6c:88:8f:53:f9:10:8d:5c:98:6d:0a:86:3e:cb:
64:a5:08:11:cf:8d:5f:e2:e2:17:ce:62:e6:b6:b4:ed:55:07:
36:3b:78:94:12:2f:35:0c:93:f2:41:55:50:c1:aa:49:ff:1b:
66:75:30:68:cb:fc:8a:05:49:7c:84:97:88:2c:3f:8b:09:58:
fe:04:db:93
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUfZF0fIU+0oSWqZzvC/FCVsk8NJQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNTA1MTAyMzU5MjdaFw0yNjA1MTAwMDA0MjdaMDMxMTAvBgNV
BAMTKEZCRkZBNDExOTY4OEEyRjIzNzQ4NzFEQTRCMjYyRTg1QzFEMTIzQzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ4+TH1fqamg+3tRWyBvs9es1l
bGGQCUGRWdX3MpTvRjh4xK5bbhS4BPx3los4WsTURNn3jNAkm+Awj0901V+EUddh
DAesjJ8IUC40CA/JKWCDDG6i0XDfiVUhHKzMt6q6/UUrc3BArFdplRndYrbkbkE7
pEbSaqFfc7AybVlbB3E3BstMuMHO7OuE5bYME5qUDsIl3YC751vfFgXnIPpW2Fz+
eMQX6L1IygfMJeQ3qqcOtiSk6cPZ6b07gTMpDxMBKGMNN5p0XMYEOQhm5SMpsLzu
ju9gHZ73iE6DTM7QINkS5HYK1Ous3SCf7GJE7BcrZFKVZBcBWZLPuvvo3GahAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQU+/+kEZaIovI3SHHaSyYuhcHRI8kwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjCBtwYIKwYBBQUHAQcBAf8EgacwgaQwgaEEAgABMIGaAwQCVC7sMAwDBAJWJrQD
BABWJrgDBABWJrsDBABWJvYDBABWJvsDBABWJv8DBABZdC0DBAJZdEADBAFZdEgD
BAFZdJQDBABZdKUDBAFZdNIDBAJZdQADBAFZdQwDBABZdVQwDAMEAVl1XgMEAll1
YAMEAll1cAMEAll1eAMEAll1hAMEAVl1jgMEAVl1ngMEAll1rAMEAVl12DANBgkq
hkiG9w0BAQsFAAOCAQEAaREszmL/NvV6uZz1bdowymWaNCMqryCGU2ELTdYrKBrU
R8atFGPzxGeJgkpabFAcEix1Mo+SJxh0/Hh/zRaaRv2B0BLNQeqovV+WiN5k7+JF
j/Cotfd/CDGT0Gd0AXU1p0mDYmYiaB3NIzQeczKY2bOZPFGnVuyFKJRI4k4wUmlS
KI/3EvovLy5O7uLe1m9BaR+hsqyBMbPB2WOBnF+yfTG5tCkCzbRuDUhx+yzv+bOp
KQK/XpCwYmyIj1P5EI1cmG0Khj7LZKUIEc+NX+LiF85i5ra07VUHNjt4lBIvNQyT
8kFVUMGqSf8bZnUwaMv8igVJfISXiCw/iwlY/gTbkw==
-----END CERTIFICATE-----
Generated at Sun May 11 20:29:47 2025 by rpki-client