This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209242.roa File: AS209242.roa (raw, json) Hash identifier: DN87zSDwXumpAWdRMhxCGIrtO8zYqKYV4ETJcxXgfPc= Subject key identifier: 88:8B:74:4E:63:78:FA:C5:9B:E6:B3:B8:05:C3:74:80:A2:97:32:9B Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 17DF60891510A1C51E58B2C5BFCA4F6C898E6589 Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209242.roa Signing time: Thu 15 Jan 2026 20:22:32 +0000 ROA not before: Thu 15 Jan 2026 20:17:32 +0000 ROA not after: Thu 14 Jan 2027 20:22:32 +0000 asID: 209242 IP address blocks: 86.38.214.0/24 maxlen: 24 89.116.46.0/23 maxlen: 24 89.116.161.0/24 maxlen: 24 89.116.180.0/24 maxlen: 24 89.116.250.0/24 maxlen: 24 89.117.112.0/24 maxlen: 24 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:df:60:89:15:10:a1:c5:1e:58:b2:c5:bf:ca:4f:6c:89:8e:65:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: Jan 15 20:17:32 2026 GMT Not After : Jan 14 20:22:32 2027 GMT Subject: CN=888B744E6378FAC59BE6B3B805C37480A297329B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:18:51:81:42:c5:ab:ba:4f:32:11:24:4f:ac: 25:d2:65:16:06:cb:0b:4e:05:a7:fb:a2:69:8a:be: c0:ad:a3:fa:11:c5:4a:52:6a:86:32:9f:2d:3a:6c: 33:a2:4d:a8:e1:2b:b9:a5:9f:96:c3:c1:e5:3b:a2: 5b:02:e6:62:43:e5:7a:ae:4a:06:c4:ca:8a:1c:b1: ca:07:2e:0f:45:ee:b6:4e:63:e4:9b:0f:14:a1:81: 81:24:0a:aa:3d:db:3a:6e:61:91:a3:e1:b7:3e:bc: 4a:f9:65:c6:17:73:0e:4f:6c:2f:06:6f:68:1c:07: 84:4e:cc:45:dd:ae:61:ac:2f:07:2f:3d:63:e4:62: f2:28:43:82:5b:1a:42:ba:00:4d:36:9e:9c:e6:08: 6c:c1:4a:51:92:95:eb:9b:06:da:d5:89:36:65:0f: c3:e9:40:0c:02:49:7b:da:65:7c:9d:0c:bd:07:86: 8a:30:21:77:96:bf:7e:f4:81:da:f7:4c:0d:c6:67: a5:25:be:3b:67:65:bf:a8:75:ad:28:df:44:86:41: 49:ba:6a:85:68:66:8d:d4:7a:d6:ed:d6:69:94:55: 68:6e:e7:a1:f0:a1:75:97:37:79:5c:ad:f2:d8:57: 49:48:f4:f7:ac:a0:9c:cc:bf:19:09:3e:ec:53:5f: f4:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:8B:74:4E:63:78:FA:C5:9B:E6:B3:B8:05:C3:74:80:A2:97:32:9B X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS209242.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.38.214.0/24 89.116.46.0/23 89.116.161.0/24 89.116.180.0/24 89.116.250.0/24 89.117.112.0/24 Signature Algorithm: sha256WithRSAEncryption af:37:ff:84:0d:d4:cb:87:60:ee:dc:af:e4:d7:66:8b:ef:34: 76:1b:5c:a5:08:45:85:7b:c8:75:bf:a8:8a:43:d0:d9:f6:a5: 9c:5a:a2:59:98:4b:89:4f:b6:8c:b9:8b:f4:3b:3c:4d:8a:c8: 48:e4:94:4e:fc:bd:bf:c7:f4:8e:90:6b:cf:38:4f:40:3d:8d: c3:e0:1e:02:3e:76:f2:02:e8:09:8c:c3:8a:80:c2:36:b1:11: 44:73:d9:32:df:aa:7f:4c:23:6b:f7:61:14:d4:ef:8f:bd:e1: ea:a8:ea:df:13:de:40:2a:c3:95:fd:28:e5:b1:5b:2e:8b:39: 7a:bd:20:d9:9d:a5:10:e1:d9:34:d1:4d:ba:4c:6e:e1:b3:fe: 02:10:2a:90:f8:22:59:2b:3d:3e:e9:e8:5d:25:7b:a2:2e:e0: 0a:27:cb:20:4f:ed:a1:95:3d:ba:b7:45:eb:3e:e6:cd:7d:00: 72:70:f0:18:4d:07:fa:78:75:0e:2a:39:dd:ca:4a:8e:fb:a6: 8d:03:d4:ee:0f:65:4f:9d:eb:e5:15:c7:ee:a7:c6:78:f4:f4: 44:21:49:89:29:bd:45:33:2f:b3:1e:ce:ff:5e:18:3d:4e:b2: 45:91:1b:52:a7:0c:84:a6:dd:e8:40:db:d5:3f:09:2a:96:56: df:c0:fd:f7 -----BEGIN CERTIFICATE----- MIIFQzCCBCugAwIBAgIUF99giRUQocUeWLLFv8pPbImOZYkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNjAxMTUyMDE3MzJaFw0yNzAxMTQyMDIyMzJaMDMxMTAvBgNV BAMTKDg4OEI3NDRFNjM3OEZBQzU5QkU2QjNCODA1QzM3NDgwQTI5NzMyOUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNGFGBQsWruk8yESRPrCXSZRYG ywtOBaf7ommKvsCto/oRxUpSaoYyny06bDOiTajhK7mln5bDweU7olsC5mJD5Xqu SgbEyoocscoHLg9F7rZOY+SbDxShgYEkCqo92zpuYZGj4bc+vEr5ZcYXcw5PbC8G b2gcB4ROzEXdrmGsLwcvPWPkYvIoQ4JbGkK6AE02npzmCGzBSlGSleubBtrViTZl D8PpQAwCSXvaZXydDL0HhoowIXeWv370gdr3TA3GZ6UlvjtnZb+oda0o30SGQUm6 aoVoZo3Uetbt1mmUVWhu56HwoXWXN3lcrfLYV0lI9PesoJzMvxkJPuxTX/SZAgMB AAGjggJNMIICSTAdBgNVHQ4EFgQUiIt0TmN4+sWb5rO4BcN0gKKXMpswHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzIwOTI0Mi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFYm1gMEAVl0LgMEAFl0 oQMEAFl0tAMEAFl0+gMEAFl1cDANBgkqhkiG9w0BAQsFAAOCAQEArzf/hA3Uy4dg 7tyv5Ndmi+80dhtcpQhFhXvIdb+oikPQ2falnFqiWZhLiU+2jLmL9Ds8TYrISOSU Tvy9v8f0jpBrzzhPQD2Nw+AeAj528gLoCYzDioDCNrERRHPZMt+qf0wja/dhFNTv j73h6qjq3xPeQCrDlf0o5bFbLos5er0g2Z2lEOHZNNFNukxu4bP+AhAqkPgiWSs9 PunoXSV7oi7gCifLIE/toZU9urdF6z7mzX0AcnDwGE0H+nh1Dio53cpKjvumjQPU 7g9lT53r5RXH7qfGePT0RCFJiSm9RTMvsx7O/14YPU6yRZEbUqcMhKbd6EDb1T8J KpZW38D99w== -----END CERTIFICATE-----Generated at Sun Jan 25 14:06:52 2026 by rpki-client