$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209242.roa File: AS209242.roa (raw, json) Hash identifier: XQGNaDPu6bq7N5Qp3rQRm/chG6f6z8C/aFYtebdMT/I= Subject key identifier: AC:5C:56:77:4E:D3:FA:A1:3B:D2:E6:57:AD:51:82:04:45:EE:09:E9 Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 2C25663443A6C835BF7DA2F74895F71B2B8AB496 Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209242.roa Signing time: Mon 05 May 2025 11:57:45 +0000 ROA not before: Mon 05 May 2025 11:52:45 +0000 ROA not after: Mon 04 May 2026 11:57:45 +0000 asID: 209242 IP address blocks: 86.38.214.0/24 maxlen: 24 89.116.46.0/23 maxlen: 24 89.116.161.0/24 maxlen: 24 89.116.180.0/24 maxlen: 24 89.116.252.0/24 maxlen: 24 89.117.112.0/24 maxlen: 24 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 May 2025 14:31:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:25:66:34:43:a6:c8:35:bf:7d:a2:f7:48:95:f7:1b:2b:8a:b4:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: May 5 11:52:45 2025 GMT Not After : May 4 11:57:45 2026 GMT Subject: CN=AC5C56774ED3FAA13BD2E657AD51820445EE09E9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:5d:c5:17:db:bf:7c:5d:ee:6c:00:9d:02:df: 77:3f:cd:2b:92:76:1e:14:0d:7a:92:b7:9e:be:06: 4a:16:f6:1c:7f:f8:b8:ec:b0:c8:50:07:93:d8:c5: bd:3c:54:b3:d3:18:0d:15:bd:23:5d:14:7b:05:a1: a3:c3:80:f0:90:68:21:88:31:f7:14:72:08:f4:2e: 2e:45:a1:9d:17:2e:46:4f:4b:11:b4:06:2f:d7:bd: 1c:a6:56:4f:f0:49:cb:e7:39:7d:3c:dc:3d:51:19: 49:81:e4:86:5f:0d:81:46:92:02:cd:5d:ba:a2:2f: f8:bd:0c:9a:0c:75:7a:66:12:b6:ae:22:ca:8a:38: ed:dc:e4:30:0d:1c:aa:ba:8f:57:a4:42:ff:61:d8: 53:32:60:b1:5f:5e:a9:93:4c:0a:45:9b:11:e0:f9: ac:fb:b1:40:64:a9:be:38:af:e7:90:55:05:7a:79: 32:47:7a:f5:e0:00:5c:cb:6e:48:c4:fb:e8:c3:c8: cb:e8:28:12:03:72:26:ba:ed:7a:a8:03:76:3c:79: de:48:0c:0b:f9:4c:00:90:07:d2:d5:cb:f1:4f:ef: ff:d7:0c:17:dd:bf:20:7b:50:c6:d3:33:ed:4a:d4: 9c:93:05:6b:f2:ee:f5:01:67:71:da:d1:49:58:03: 1c:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:5C:56:77:4E:D3:FA:A1:3B:D2:E6:57:AD:51:82:04:45:EE:09:E9 X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209242.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.38.214.0/24 89.116.46.0/23 89.116.161.0/24 89.116.180.0/24 89.116.252.0/24 89.117.112.0/24 Signature Algorithm: sha256WithRSAEncryption 08:1e:4d:e9:00:75:4c:bf:47:91:bd:ef:54:90:bc:0a:f9:8b: 5b:25:ba:45:76:f2:1e:a1:68:99:51:08:5e:99:83:0b:bf:55: 44:05:af:f9:8d:a4:18:af:3b:e6:c3:b0:7d:88:74:03:cf:06: 74:59:01:3d:10:48:60:92:56:89:b1:c4:ac:65:05:9c:3e:ef: 0d:32:86:db:1e:83:ea:65:45:2f:8c:74:9d:d7:e6:7f:1b:3b: 5a:40:b2:7c:bf:c6:4f:60:0d:69:80:3b:6e:74:78:92:c5:31: fb:5e:ce:51:e2:ed:5f:b5:aa:6b:66:b0:3b:04:c4:7e:6d:9a: 97:aa:7e:c8:c2:70:0f:9b:2d:31:f2:76:76:89:a4:de:d9:0e: 64:b1:a3:d9:90:a0:ef:74:49:c7:fc:b8:1e:e6:3b:55:2b:ef: 14:21:0a:e1:b4:81:d0:ff:58:36:ea:64:26:f1:8b:c2:f4:8b: ee:e4:09:41:08:bd:42:64:94:45:71:e4:59:ee:ce:f3:20:80: 1c:a5:48:db:cc:27:84:4d:fb:8d:0f:10:fd:68:0f:a3:4f:f6: 3b:c2:3a:87:5f:fe:47:56:ae:b6:1b:bf:e1:93:7f:55:d9:b7: b3:5c:fe:ef:12:45:89:f6:94:14:a4:66:bc:e4:0d:aa:e6:11: d9:da:60:4f -----BEGIN CERTIFICATE----- MIIFQzCCBCugAwIBAgIULCVmNEOmyDW/faL3SJX3GyuKtJYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNTA1MDUxMTUyNDVaFw0yNjA1MDQxMTU3NDVaMDMxMTAvBgNV BAMTKEFDNUM1Njc3NEVEM0ZBQTEzQkQyRTY1N0FENTE4MjA0NDVFRTA5RTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkXcUX2798Xe5sAJ0C33c/zSuS dh4UDXqSt56+BkoW9hx/+LjssMhQB5PYxb08VLPTGA0VvSNdFHsFoaPDgPCQaCGI MfcUcgj0Li5FoZ0XLkZPSxG0Bi/XvRymVk/wScvnOX083D1RGUmB5IZfDYFGkgLN XbqiL/i9DJoMdXpmErauIsqKOO3c5DANHKq6j1ekQv9h2FMyYLFfXqmTTApFmxHg +az7sUBkqb44r+eQVQV6eTJHevXgAFzLbkjE++jDyMvoKBIDcia67XqoA3Y8ed5I DAv5TACQB9LVy/FP7//XDBfdvyB7UMbTM+1K1JyTBWvy7vUBZ3Ha0UlYAxwzAgMB AAGjggJNMIICSTAdBgNVHQ4EFgQUrFxWd07T+qE70uZXrVGCBEXuCekwHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzIwOTI0Mi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFYm1gMEAVl0LgMEAFl0 oQMEAFl0tAMEAFl0/AMEAFl1cDANBgkqhkiG9w0BAQsFAAOCAQEACB5N6QB1TL9H kb3vVJC8CvmLWyW6RXbyHqFomVEIXpmDC79VRAWv+Y2kGK875sOwfYh0A88GdFkB PRBIYJJWibHErGUFnD7vDTKG2x6D6mVFL4x0ndfmfxs7WkCyfL/GT2ANaYA7bnR4 ksUx+17OUeLtX7Wqa2awOwTEfm2al6p+yMJwD5stMfJ2domk3tkOZLGj2ZCg73RJ x/y4HuY7VSvvFCEK4bSB0P9YNupkJvGLwvSL7uQJQQi9QmSURXHkWe7O8yCAHKVI 28wnhE37jQ8Q/WgPo0/2O8I6h1/+R1authu/4ZN/Vdm3s1z+7xJFifaUFKRmvOQN quYR2dpgTw== -----END CERTIFICATE-----Generated at Mon May 12 18:31:45 2025 by rpki-client