$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS9009.roa File: AS9009.roa (raw, json) Hash identifier: ywK5AmYxDB12Sv+O0LSoX6uYzvV7dYheA8FzjkDLpfQ= Subject key identifier: 28:83:38:DA:28:D0:02:8F:A0:73:D8:1A:81:5C:47:3F:33:4D:5A:A2 Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 0E08E7966F177EDF473C1E14F91EEDDF53CED4CF Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS9009.roa Signing time: Tue 02 Sep 2025 11:39:20 +0000 ROA not before: Tue 02 Sep 2025 11:34:20 +0000 ROA not after: Tue 01 Sep 2026 11:39:20 +0000 asID: 9009 IP address blocks: 84.46.170.0/24 maxlen: 24 84.46.234.0/24 maxlen: 24 84.46.235.0/24 maxlen: 24 86.38.178.0/23 maxlen: 24 89.116.102.0/24 maxlen: 24 89.116.163.0/24 maxlen: 24 89.116.215.0/24 maxlen: 24 89.117.64.0/24 maxlen: 24 89.117.82.0/24 maxlen: 24 89.117.88.0/24 maxlen: 24 89.117.89.0/24 maxlen: 24 89.117.90.0/24 maxlen: 24 89.117.113.0/24 maxlen: 24 89.117.114.0/24 maxlen: 24 89.117.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Sep 2025 19:09:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:08:e7:96:6f:17:7e:df:47:3c:1e:14:f9:1e:ed:df:53:ce:d4:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: Sep 2 11:34:20 2025 GMT Not After : Sep 1 11:39:20 2026 GMT Subject: CN=288338DA28D0028FA073D81A815C473F334D5AA2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1b:b9:7c:16:59:28:40:69:56:77:e6:78:b4: 6c:fa:bd:ed:12:e9:ef:9c:bd:e1:af:90:c9:6d:92: 55:03:b2:71:8b:90:19:90:15:ff:f7:59:0e:09:f7: 4f:47:b1:9b:0f:42:b6:06:c0:af:17:5e:55:5f:ad: 7a:5b:01:8c:3d:d1:47:2f:34:f8:47:62:b0:7e:12: b2:14:6d:68:48:bf:4a:66:40:e2:0a:1c:43:7d:7d: 72:48:87:7e:40:8f:33:23:92:52:da:87:33:9b:d2: 8e:27:d2:c9:ac:57:93:f3:8e:29:c5:e4:8b:51:1f: 42:5a:a9:58:64:3a:2a:7b:2a:ab:8f:1b:92:a3:ef: 83:56:e8:f3:37:91:87:44:2e:eb:ae:d2:2c:82:d2: 2d:08:73:de:a5:ca:24:7b:01:fe:01:9a:6f:cc:4b: 09:82:b7:23:cc:c2:44:4f:60:2c:52:38:da:e4:b1: 40:ad:a1:84:1d:e6:c8:53:9f:82:8e:82:40:1b:5b: 03:f9:db:30:ec:42:c2:2f:16:e5:2a:d0:69:1d:9a: da:d9:d5:b2:e2:e9:04:79:d5:04:4e:7a:57:ad:1f: b3:6b:b8:53:d3:2c:17:dd:31:04:35:9b:b2:84:f0: 66:dd:44:ff:43:72:3a:51:8a:1d:70:d0:92:43:a0: 89:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:83:38:DA:28:D0:02:8F:A0:73:D8:1A:81:5C:47:3F:33:4D:5A:A2 X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS9009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.46.170.0/24 84.46.234.0/23 86.38.178.0/23 89.116.102.0/24 89.116.163.0/24 89.116.215.0/24 89.117.64.0/24 89.117.82.0/24 89.117.88.0-89.117.90.255 89.117.113.0-89.117.114.255 89.117.154.0/24 Signature Algorithm: sha256WithRSAEncryption 42:38:fd:45:98:90:48:38:1c:df:fa:41:e9:63:34:31:57:b4: 0f:0a:4e:4a:73:2a:44:a8:00:a7:e8:78:57:c3:4c:46:ee:08: c8:70:6a:28:b6:f0:40:0c:e6:56:90:75:db:e7:3c:39:ab:2d: 2a:50:b8:a0:b7:73:59:6c:c0:c2:d5:43:7c:47:b5:e3:da:3e: f1:15:7e:fe:6e:e4:87:21:e5:1b:c7:bc:74:c4:b4:15:43:54: 30:a9:b1:4f:15:a2:3c:5f:90:14:a7:86:00:3f:ac:be:c4:71: f5:88:17:02:71:73:68:5f:bc:a5:cc:c1:46:ed:f6:04:20:9e: 40:cf:c4:2b:1c:f0:0f:dd:9e:75:e4:1b:88:0a:ec:58:94:4e: cf:e1:ea:d5:55:64:7c:de:ed:54:a5:4a:cc:b5:b2:c8:f8:f6: 1f:85:0b:c7:97:0e:26:d2:f7:bb:99:1e:5a:41:27:7f:2b:22: b0:79:e5:ca:ef:fc:46:bf:ec:a9:ca:2e:81:43:f8:6d:1e:01: 57:3d:73:49:62:c8:21:d3:ed:fa:a1:92:56:ae:ae:c4:6d:a9: 8c:b3:a7:36:d2:c2:00:3d:17:12:61:6a:7b:7e:a7:6b:44:29: 03:a2:dd:5d:f8:c7:6b:f6:0c:16:f7:20:de:f9:7a:fb:85:b4: ac:2b:9c:3e -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgIUDgjnlm8Xft9HPB4U+R7t31PO1M8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNTA5MDIxMTM0MjBaFw0yNjA5MDExMTM5MjBaMDMxMTAvBgNV BAMTKDI4ODMzOERBMjhEMDAyOEZBMDczRDgxQTgxNUM0NzNGMzM0RDVBQTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOG7l8FlkoQGlWd+Z4tGz6ve0S 6e+cveGvkMltklUDsnGLkBmQFf/3WQ4J909HsZsPQrYGwK8XXlVfrXpbAYw90Ucv NPhHYrB+ErIUbWhIv0pmQOIKHEN9fXJIh35AjzMjklLahzOb0o4n0smsV5PzjinF 5ItRH0JaqVhkOip7KquPG5Kj74NW6PM3kYdELuuu0iyC0i0Ic96lyiR7Af4Bmm/M SwmCtyPMwkRPYCxSONrksUCtoYQd5shTn4KOgkAbWwP52zDsQsIvFuUq0GkdmtrZ 1bLi6QR51QROeletH7NruFPTLBfdMQQ1m7KE8GbdRP9DcjpRih1w0JJDoInRAgMB AAGjggJ5MIICdTAdBgNVHQ4EFgQUKIM42ijQAo+gc9gagVxHPzNNWqIwHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMHAGCCsGAQUFBwELBGQwYjBgBggrBgEFBQcwC4ZUcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzkwMDkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwawYIKwYBBQUHAQcBAf8EXDBaMFgEAgABMFIDBABULqoDBAFULuoDBAFWJrID BABZdGYDBABZdKMDBABZdNcDBABZdUADBABZdVIwDAMEA1l1WAMEAFl1WjAMAwQA WXVxAwQAWXVyAwQAWXWaMA0GCSqGSIb3DQEBCwUAA4IBAQBCOP1FmJBIOBzf+kHp YzQxV7QPCk5KcypEqACn6HhXw0xG7gjIcGootvBADOZWkHXb5zw5qy0qULigt3NZ bMDC1UN8R7Xj2j7xFX7+buSHIeUbx7x0xLQVQ1QwqbFPFaI8X5AUp4YAP6y+xHH1 iBcCcXNoX7ylzMFG7fYEIJ5Az8QrHPAP3Z515BuICuxYlE7P4erVVWR83u1UpUrM tbLI+PYfhQvHlw4m0ve7mR5aQSd/KyKweeXK7/xGv+ypyi6BQ/htHgFXPXNJYsgh 0+36oZJWrq7EbamMs6c20sIAPRcSYWp7fqdrRCkDot1d+Mdr9gwW9yDe+Xr7hbSs K5w+ -----END CERTIFICATE-----Generated at Fri Sep 5 06:06:50 2025 by rpki-client