This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa File: AS396356.roa (raw, json) Hash identifier: Fx3qOuUVJNvcQ04hDjJ7gNDlYqjRLsI1ek/aaacb3uk= Subject key identifier: 78:6F:93:64:D5:99:FB:85:11:C4:9E:5D:83:2D:65:6D:2F:39:D8:B2 Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C Certificate serial: 4BE3771A213A07EB57D686B7A2B14658A20295A0 Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa Signing time: Tue 30 Dec 2025 07:53:23 +0000 ROA not before: Tue 30 Dec 2025 07:48:23 +0000 ROA not after: Tue 29 Dec 2026 07:53:23 +0000 asID: 396356 IP address blocks: 86.38.32.0/24 maxlen: 24 86.38.185.0/24 maxlen: 24 86.38.186.0/24 maxlen: 24 86.38.241.0/24 maxlen: 24 89.116.45.0/24 maxlen: 24 89.116.99.0/24 maxlen: 24 89.116.112.0/24 maxlen: 24 89.116.132.0/24 maxlen: 24 89.116.154.0/24 maxlen: 24 89.116.158.0/24 maxlen: 24 89.116.166.0/24 maxlen: 24 89.116.218.0/24 maxlen: 24 89.116.223.0/24 maxlen: 24 89.116.248.0/24 maxlen: 24 89.116.253.0/24 maxlen: 24 89.117.89.0/24 maxlen: 24 89.117.90.0/24 maxlen: 24 89.117.101.0/24 maxlen: 24 89.117.113.0/24 maxlen: 24 89.117.114.0/24 maxlen: 24 89.117.118.0/24 maxlen: 24 89.117.142.0/24 maxlen: 24 89.117.143.0/24 maxlen: 24 89.117.159.0/24 maxlen: 24 89.117.173.0/24 maxlen: 24 89.117.174.0/24 maxlen: 24 89.117.175.0/24 maxlen: 24 89.117.190.0/24 maxlen: 24 89.117.216.0/24 maxlen: 24 89.117.227.0/24 maxlen: 24 89.117.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:e3:77:1a:21:3a:07:eb:57:d6:86:b7:a2:b1:46:58:a2:02:95:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C Validity Not Before: Dec 30 07:48:23 2025 GMT Not After : Dec 29 07:53:23 2026 GMT Subject: CN=786F9364D599FB8511C49E5D832D656D2F39D8B2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:18:7a:4a:a1:15:a8:42:18:1a:c2:bf:ea:6d: 15:a4:c9:e5:09:88:12:3a:06:6e:7e:59:74:dc:87: e8:dd:d1:ab:ad:fe:a6:00:3c:29:1c:c2:14:90:5d: 58:eb:6a:75:a6:57:d1:fe:e4:c7:56:b1:f0:33:40: 5e:32:b8:ce:f5:a3:fa:c1:d2:95:27:4d:09:41:e6: cc:fe:be:6a:ea:fc:34:a9:d1:e5:03:48:75:6c:6f: cf:3a:ad:b2:ef:c7:ec:6b:cb:2c:e4:45:1f:1e:68: a9:56:37:7f:d2:78:f5:12:82:72:97:e6:52:b0:ce: 57:4a:3d:12:5c:eb:85:fe:3a:bb:f5:4e:1b:a0:4d: 95:d3:3f:db:f2:2a:1d:e8:67:fc:f5:8f:04:ca:48: 6d:97:d5:2f:37:02:5f:9d:f2:37:20:cf:52:f2:4b: 12:f0:3c:22:49:bd:de:a4:fd:a9:07:e9:62:58:87: 84:24:b6:8c:1e:49:db:42:64:6c:85:bc:17:6a:16: da:11:81:5e:2a:c2:75:52:c8:0f:54:a3:6f:b8:ad: 45:ab:12:4e:28:b7:3b:30:0c:eb:b1:31:06:2b:9f: 7f:cf:c9:fd:2e:b1:4d:06:69:ff:56:36:47:84:4d: 0e:aa:99:72:94:ee:73:c7:47:d0:0c:60:f9:4a:71: 93:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:6F:93:64:D5:99:FB:85:11:C4:9E:5D:83:2D:65:6D:2F:39:D8:B2 X509v3 Authority Key Identifier: keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.38.32.0/24 86.38.185.0-86.38.186.255 86.38.241.0/24 89.116.45.0/24 89.116.99.0/24 89.116.112.0/24 89.116.132.0/24 89.116.154.0/24 89.116.158.0/24 89.116.166.0/24 89.116.218.0/24 89.116.223.0/24 89.116.248.0/24 89.116.253.0/24 89.117.89.0-89.117.90.255 89.117.101.0/24 89.117.113.0-89.117.114.255 89.117.118.0/24 89.117.142.0/23 89.117.159.0/24 89.117.173.0-89.117.175.255 89.117.190.0/24 89.117.216.0/24 89.117.227.0/24 89.117.254.0/24 Signature Algorithm: sha256WithRSAEncryption a3:05:4f:49:72:46:99:a2:ad:57:d4:9e:3c:b2:82:85:a0:c0: 19:7f:07:0d:74:25:47:86:13:81:1f:75:3c:b3:da:7f:fc:f9: 7d:76:e7:01:35:a2:7a:b8:0e:45:0b:cb:a7:aa:39:c7:71:d9: 33:93:db:ca:b4:57:04:8b:b1:4c:f6:1e:d3:66:63:56:f4:04: 87:5c:81:c0:da:d3:81:02:87:39:c4:f4:57:44:de:ae:d3:45: 0b:26:18:b9:e6:c3:73:46:7f:27:06:6e:84:ee:5b:52:3e:d4: 85:09:ce:8e:ea:c6:c4:b1:25:0a:d2:3f:a3:56:49:fd:8c:52: c0:64:70:42:cc:88:d5:f0:12:07:85:4f:8e:89:d7:92:bd:a8: f3:ac:20:92:35:03:8f:b1:5c:d8:9e:77:85:47:dd:31:73:80: 87:90:70:4b:29:b9:c9:ea:b9:ae:0b:df:7b:0a:dc:db:29:14: e5:4e:c8:84:b0:ee:af:37:2c:d8:a6:84:c7:36:8d:4c:56:bc: 03:0a:8f:a3:0a:0a:0c:61:03:bf:58:da:05:20:43:02:95:5a: a3:d3:19:9c:22:87:98:f6:00:b0:46:7e:2e:cd:0a:0a:18:9e: d4:b7:ac:53:63:77:88:78:5f:d9:17:02:70:7a:4e:07:ed:74: 51:cd:0b:eb -----BEGIN CERTIFICATE----- MIIF2jCCBMKgAwIBAgIUS+N3GiE6B+tX1oa3orFGWKIClaAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0 OEVGMjc5QzAeFw0yNTEyMzAwNzQ4MjNaFw0yNjEyMjkwNzUzMjNaMDMxMTAvBgNV BAMTKDc4NkY5MzY0RDU5OUZCODUxMUM0OUU1RDgzMkQ2NTZEMkYzOUQ4QjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaGHpKoRWoQhgawr/qbRWkyeUJ iBI6Bm5+WXTch+jd0aut/qYAPCkcwhSQXVjranWmV9H+5MdWsfAzQF4yuM71o/rB 0pUnTQlB5sz+vmrq/DSp0eUDSHVsb886rbLvx+xryyzkRR8eaKlWN3/SePUSgnKX 5lKwzldKPRJc64X+Orv1ThugTZXTP9vyKh3oZ/z1jwTKSG2X1S83Al+d8jcgz1Ly SxLwPCJJvd6k/akH6WJYh4QktoweSdtCZGyFvBdqFtoRgV4qwnVSyA9Uo2+4rUWr Ek4otzswDOuxMQYrn3/Pyf0usU0Gaf9WNkeETQ6qmXKU7nPHR9AMYPlKcZM9AgMB AAGjggLkMIIC4DAdBgNVHQ4EFgQUeG+TZNWZ+4URxJ5dgy1lbS852LIwHwYDVR0j BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5 NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3 OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw ZWFkYTNkNzA1LTAvMC9BUzM5NjM1Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjCB0wYIKwYBBQUHAQcBAf8EgcMwgcAwgb0EAgABMIG2AwQAViYgMAwDBABW JrkDBABWJroDBABWJvEDBABZdC0DBABZdGMDBABZdHADBABZdIQDBABZdJoDBABZ dJ4DBABZdKYDBABZdNoDBABZdN8DBABZdPgDBABZdP0wDAMEAFl1WQMEAFl1WgME AFl1ZTAMAwQAWXVxAwQAWXVyAwQAWXV2AwQBWXWOAwQAWXWfMAwDBABZda0DBARZ daADBABZdb4DBABZddgDBABZdeMDBABZdf4wDQYJKoZIhvcNAQELBQADggEBAKMF T0lyRpmirVfUnjyygoWgwBl/Bw10JUeGE4EfdTyz2n/8+X125wE1onq4DkULy6eq Ocdx2TOT28q0VwSLsUz2HtNmY1b0BIdcgcDa04EChznE9FdE3q7TRQsmGLnmw3NG fycGboTuW1I+1IUJzo7qxsSxJQrSP6NWSf2MUsBkcELMiNXwEgeFT46J15K9qPOs IJI1A4+xXNied4VH3TFzgIeQcEspucnqua4L33sK3NspFOVOyISw7q83LNimhMc2 jUxWvAMKj6MKCgxhA79Y2gUgQwKVWqPTGZwih5j2ALBGfi7NCgoYntS3rFNjd4h4 X9kXAnB6TgftdFHNC+s= -----END CERTIFICATE-----Generated at Sun Jan 25 09:20:36 2026 by rpki-client