$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS9009.roa File: AS9009.roa (raw, json) Hash identifier: ZxyOFhheVGaRSl2PKUo0tcWsHYdGHNXfHZ8/EbFXoW0= Subject key identifier: 3D:14:01:86:F6:58:0F:15:D7:2B:00:F6:48:C8:F6:0B:1F:2E:A6:45 Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 55DB42A6B58077300B3DA202A469135931DBADA0 Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS9009.roa Signing time: Mon 19 May 2025 14:54:08 +0000 ROA not before: Mon 19 May 2025 14:49:08 +0000 ROA not after: Mon 18 May 2026 14:54:08 +0000 asID: 9009 IP address blocks: 84.46.170.0/24 maxlen: 24 84.46.234.0/24 maxlen: 24 84.46.235.0/24 maxlen: 24 86.38.178.0/23 maxlen: 24 89.116.102.0/24 maxlen: 24 89.116.163.0/24 maxlen: 24 89.116.215.0/24 maxlen: 24 89.117.64.0/24 maxlen: 24 89.117.65.0/24 maxlen: 24 89.117.82.0/24 maxlen: 24 89.117.88.0/24 maxlen: 24 89.117.89.0/24 maxlen: 24 89.117.90.0/24 maxlen: 24 89.117.113.0/24 maxlen: 24 89.117.114.0/24 maxlen: 24 89.117.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Jun 2025 18:40:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:db:42:a6:b5:80:77:30:0b:3d:a2:02:a4:69:13:59:31:db:ad:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: May 19 14:49:08 2025 GMT Not After : May 18 14:54:08 2026 GMT Subject: CN=3D140186F6580F15D72B00F648C8F60B1F2EA645 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:6a:84:78:65:00:f2:45:3b:00:0f:b2:81:dd: 14:24:d3:65:fe:7a:2f:6d:c9:e2:42:5f:2f:49:23: 8e:5e:13:7f:33:2d:77:0e:87:e2:58:c1:14:ed:35: a6:65:d5:d1:c8:13:78:91:f1:ce:53:0b:5e:0a:7f: 53:96:f3:0a:04:ae:98:59:ac:23:42:c9:62:34:aa: f2:3c:6c:f9:03:d5:a9:e4:6b:d8:d7:de:f9:73:43: 72:d0:09:dc:11:95:56:0e:7a:25:ea:67:0e:21:42: 3f:7a:e7:b7:a0:95:e1:b9:fe:e1:33:01:0d:94:bd: a8:85:21:e8:be:59:87:52:8c:a1:b5:b3:57:60:6a: 55:ab:e0:a3:05:9a:3e:8a:b6:db:3f:f4:6d:b5:a6: 4f:7f:89:16:47:b2:0b:2d:48:f2:0b:26:86:9d:3f: c7:95:bb:2f:c7:08:98:b9:a9:7f:5f:6e:39:75:5f: 2c:c6:11:56:4c:7f:83:65:75:23:c5:03:9c:ed:c7: 43:e6:bf:89:ce:4a:2e:97:2a:99:d2:42:9f:9c:e7: ea:2b:a8:75:4a:ed:70:32:7f:be:5f:c6:33:cb:f5: f5:ba:73:81:9c:de:ea:61:98:0f:fa:f3:f8:57:54: 54:e5:5e:cc:95:f6:8d:7a:0a:33:61:7a:0d:81:6f: 75:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:14:01:86:F6:58:0F:15:D7:2B:00:F6:48:C8:F6:0B:1F:2E:A6:45 X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS9009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.46.170.0/24 84.46.234.0/23 86.38.178.0/23 89.116.102.0/24 89.116.163.0/24 89.116.215.0/24 89.117.64.0/23 89.117.82.0/24 89.117.88.0-89.117.90.255 89.117.113.0-89.117.114.255 89.117.154.0/24 Signature Algorithm: sha256WithRSAEncryption 58:f8:88:85:8f:9d:e9:1d:c0:93:8e:97:0e:dd:b1:d5:2c:75: 8b:1a:22:a9:86:5d:e4:74:c8:86:60:df:3f:ca:fc:3a:af:2d: d5:41:fd:62:a0:5a:ba:8e:69:4e:d6:1e:63:93:25:a6:cb:57: e0:c3:56:0d:9c:eb:2b:89:c4:9d:45:71:58:e0:bf:cd:e9:88: aa:cb:20:b1:32:be:d6:7c:43:35:05:3a:95:e2:76:54:6a:5f: 1b:b8:34:7f:93:86:9c:22:11:6d:59:b0:02:29:8c:d7:e6:7a: 58:20:93:02:4f:9e:0f:20:5b:e4:76:6c:c6:a0:94:b9:ab:4e: 98:54:71:e9:e4:77:e2:89:b6:dc:b0:f1:4b:d1:b7:9f:95:bd: 6c:24:5b:50:38:54:70:64:17:f1:63:cd:3a:c6:29:11:f3:ad: c7:d2:f2:a1:f8:96:9b:dc:a9:b4:48:45:ed:7b:fd:f2:4f:97: 2d:1b:23:b0:44:0b:ce:2d:11:37:6b:ca:e5:5a:3a:87:d3:17: f8:52:b9:87:8c:89:d9:48:f5:07:cf:79:2e:28:45:c7:6b:60: d4:aa:d7:f7:a0:93:8f:3a:14:50:7a:c4:ec:90:25:f4:33:5c: a0:35:33:9a:e9:95:c5:a5:ab:c6:70:d5:38:19:92:bb:8d:1b: 1b:17:e3:73 -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgIUVdtCprWAdzALPaICpGkTWTHbraAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNTA1MTkxNDQ5MDhaFw0yNjA1MTgxNDU0MDhaMDMxMTAvBgNV BAMTKDNEMTQwMTg2RjY1ODBGMTVENzJCMDBGNjQ4QzhGNjBCMUYyRUE2NDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMaoR4ZQDyRTsAD7KB3RQk02X+ ei9tyeJCXy9JI45eE38zLXcOh+JYwRTtNaZl1dHIE3iR8c5TC14Kf1OW8woErphZ rCNCyWI0qvI8bPkD1anka9jX3vlzQ3LQCdwRlVYOeiXqZw4hQj9657egleG5/uEz AQ2UvaiFIei+WYdSjKG1s1dgalWr4KMFmj6Ktts/9G21pk9/iRZHsgstSPILJoad P8eVuy/HCJi5qX9fbjl1XyzGEVZMf4NldSPFA5ztx0Pmv4nOSi6XKpnSQp+c5+or qHVK7XAyf75fxjPL9fW6c4Gc3uphmA/68/hXVFTlXsyV9o16CjNheg2Bb3VdAgMB AAGjggJ5MIICdTAdBgNVHQ4EFgQUPRQBhvZYDxXXKwD2SMj2Cx8upkUwHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMHAGCCsGAQUFBwELBGQwYjBgBggrBgEFBQcwC4ZUcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzkwMDkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwawYIKwYBBQUHAQcBAf8EXDBaMFgEAgABMFIDBABULqoDBAFULuoDBAFWJrID BABZdGYDBABZdKMDBABZdNcDBAFZdUADBABZdVIwDAMEA1l1WAMEAFl1WjAMAwQA WXVxAwQAWXVyAwQAWXWaMA0GCSqGSIb3DQEBCwUAA4IBAQBY+IiFj53pHcCTjpcO 3bHVLHWLGiKphl3kdMiGYN8/yvw6ry3VQf1ioFq6jmlO1h5jkyWmy1fgw1YNnOsr icSdRXFY4L/N6YiqyyCxMr7WfEM1BTqV4nZUal8buDR/k4acIhFtWbACKYzX5npY IJMCT54PIFvkdmzGoJS5q06YVHHp5HfiibbcsPFL0beflb1sJFtQOFRwZBfxY806 xikR863H0vKh+Jab3Km0SEXte/3yT5ctGyOwRAvOLRE3a8rlWjqH0xf4UrmHjInZ SPUHz3kuKEXHa2DUqtf3oJOPOhRQesTskCX0M1ygNTOa6ZXFpavGcNU4GZK7jRsb F+Nz -----END CERTIFICATE-----Generated at Tue Jun 3 10:22:17 2025 by rpki-client