Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: gjfIX0glRoy46KdUm2zOFfLd0krqwj7FSXMDeCyelcQ=
Subject key identifier: 74:30:F0:FD:74:AD:50:B1:FF:6C:9F:94:48:74:A9:5B:E3:30:D7:16
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 56807E61FC3CF081A4C3DF00DE2B31FFD6B8DDE0
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa
Signing time: Sat 09 May 2026 23:12:11 +0000
ROA not before: Sat 09 May 2026 23:07:11 +0000
ROA not after: Sat 08 May 2027 23:12:11 +0000
asID: 396356
IP address blocks: 86.38.32.0/24 maxlen: 24
86.38.185.0/24 maxlen: 24
86.38.186.0/24 maxlen: 24
86.38.241.0/24 maxlen: 24
86.38.248.0/24 maxlen: 24
86.38.250.0/24 maxlen: 24
86.38.252.0/24 maxlen: 24
86.38.254.0/24 maxlen: 24
89.116.99.0/24 maxlen: 24
89.116.112.0/24 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.154.0/24 maxlen: 24
89.116.158.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.223.0/24 maxlen: 24
89.116.248.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.117.80.0/24 maxlen: 24
89.117.83.0/24 maxlen: 24
89.117.89.0/24 maxlen: 24
89.117.90.0/24 maxlen: 24
89.117.91.0/24 maxlen: 24
89.117.101.0/24 maxlen: 24
89.117.105.0/24 maxlen: 24
89.117.106.0/24 maxlen: 24
89.117.107.0/24 maxlen: 24
89.117.113.0/24 maxlen: 24
89.117.114.0/24 maxlen: 24
89.117.118.0/24 maxlen: 24
89.117.142.0/24 maxlen: 24
89.117.143.0/24 maxlen: 24
89.117.159.0/24 maxlen: 24
89.117.173.0/24 maxlen: 24
89.117.174.0/24 maxlen: 24
89.117.175.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.117.216.0/24 maxlen: 24
89.117.227.0/24 maxlen: 24
89.117.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:80:7e:61:fc:3c:f0:81:a4:c3:df:00:de:2b:31:ff:d6:b8:dd:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: May 9 23:07:11 2026 GMT
Not After : May 8 23:12:11 2027 GMT
Subject: CN=7430F0FD74AD50B1FF6C9F944874A95BE330D716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a5:db:23:94:8c:41:98:5f:91:d9:1b:21:2a:
f8:ff:88:71:2f:6c:06:cb:95:a9:b0:41:dd:72:0b:
7e:87:be:ca:b5:f9:0f:61:b8:2f:73:09:67:cf:b0:
98:82:a2:24:84:55:e8:60:78:8b:ec:36:24:65:f0:
b9:d4:f8:f7:93:40:21:67:a9:07:5a:93:99:1b:8e:
a9:fd:1d:c0:ef:d1:a1:bc:48:d8:10:81:7d:44:5f:
30:d0:0c:9b:8d:2f:73:85:a0:84:6a:ff:bb:06:98:
da:49:ea:40:9b:b1:46:d4:cf:9e:7c:a8:38:9f:c0:
c8:14:a9:32:e1:f8:97:d4:c5:48:3a:3b:21:c2:3b:
d1:0c:80:af:b7:81:07:ed:3a:e7:c7:93:74:0c:b9:
d0:1c:5f:45:d2:03:96:b5:35:19:f6:89:16:19:1d:
85:14:ec:a9:e5:f5:07:29:8c:6d:27:9b:a8:02:6e:
b4:c2:b4:da:57:85:ff:af:8b:ad:78:3d:fb:b5:90:
59:df:15:3f:95:59:4c:cc:c3:51:9e:5c:be:b0:ab:
be:6a:65:60:dd:79:10:65:1f:4f:83:69:89:7d:e7:
60:f4:a4:d8:83:b3:97:9b:e0:61:41:db:4a:12:2f:
96:96:72:3b:ff:8e:b6:2c:47:70:f9:51:cb:67:6f:
a9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:30:F0:FD:74:AD:50:B1:FF:6C:9F:94:48:74:A9:5B:E3:30:D7:16
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.32.0/24
86.38.185.0-86.38.186.255
86.38.241.0/24
86.38.248.0/24
86.38.250.0/24
86.38.252.0/24
86.38.254.0/24
89.116.99.0/24
89.116.112.0/24
89.116.132.0/24
89.116.154.0/24
89.116.158.0/24
89.116.166.0/24
89.116.218.0/24
89.116.223.0/24
89.116.248.0/24
89.116.253.0/24
89.117.80.0/24
89.117.83.0/24
89.117.89.0-89.117.91.255
89.117.101.0/24
89.117.105.0-89.117.107.255
89.117.113.0-89.117.114.255
89.117.118.0/24
89.117.142.0/23
89.117.159.0/24
89.117.173.0-89.117.175.255
89.117.190.0/24
89.117.216.0/24
89.117.227.0/24
89.117.254.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:14:c5:43:2c:ce:96:e2:d6:96:e3:1e:46:2b:f7:2b:5d:8b:
af:25:08:ee:d5:41:71:c3:88:84:77:88:c5:7c:91:4d:5e:9d:
ca:bb:9b:a4:63:2f:93:58:0d:b8:22:73:65:ff:cb:21:71:93:
ab:38:5d:d7:95:c6:43:f7:db:4c:67:45:48:a8:2d:2c:b4:ef:
64:13:27:bd:c2:f4:60:d7:be:21:a5:17:2f:a1:ba:c4:b4:3c:
a0:dc:36:77:65:92:58:9b:76:44:a5:89:61:d2:e8:d1:de:59:
2a:68:cc:dd:bf:fc:62:d5:89:f3:0c:9f:4b:ed:d9:92:d6:d8:
9b:60:ef:3c:2e:07:7a:08:87:b6:40:e8:41:89:44:43:dc:be:
03:9b:12:6d:d2:7c:0e:9c:c7:01:cf:b7:2f:9d:96:18:2a:bc:
d4:17:f3:c1:46:c6:8d:5c:54:22:c9:2b:0a:44:8a:77:7e:f1:
11:b5:54:a6:82:f8:7d:27:af:67:bf:99:f1:b9:d6:b3:7a:ed:
69:d4:0d:25:5c:36:5c:1a:7d:74:2a:1b:f4:5b:28:cf:09:dd:
f1:74:39:c1:94:37:81:64:94:08:d7:c4:95:1d:a6:86:9d:63:
6f:76:9e:b7:f1:ab:3a:7f:3c:7d:e3:24:04:5c:8e:32:6c:1a:
fa:bc:13:14
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgIUVoB+Yfw88IGkw98A3isx/9a43eAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNjA1MDkyMzA3MTFaFw0yNzA1MDgyMzEyMTFaMDMxMTAvBgNV
BAMTKDc0MzBGMEZENzRBRDUwQjFGRjZDOUY5NDQ4NzRBOTVCRTMzMEQ3MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDpdsjlIxBmF+R2RshKvj/iHEv
bAbLlamwQd1yC36Hvsq1+Q9huC9zCWfPsJiCoiSEVehgeIvsNiRl8LnU+PeTQCFn
qQdak5kbjqn9HcDv0aG8SNgQgX1EXzDQDJuNL3OFoIRq/7sGmNpJ6kCbsUbUz558
qDifwMgUqTLh+JfUxUg6OyHCO9EMgK+3gQftOufHk3QMudAcX0XSA5a1NRn2iRYZ
HYUU7Knl9QcpjG0nm6gCbrTCtNpXhf+vi614Pfu1kFnfFT+VWUzMw1GeXL6wq75q
ZWDdeRBlH0+DaYl952D0pNiDs5eb4GFB20oSL5aWcjv/jrYsR3D5Uctnb6l5AgMB
AAGjggMQMIIDDDAdBgNVHQ4EFgQUdDDw/XStULH/bJ+USHSpW+Mw1xYwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzM5NjM1Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjCB/wYIKwYBBQUHAQcBAf8Ege8wgewwgekEAgABMIHiAwQAViYgMAwDBABW
JrkDBABWJroDBABWJvEDBABWJvgDBABWJvoDBABWJvwDBABWJv4DBABZdGMDBABZ
dHADBABZdIQDBABZdJoDBABZdJ4DBABZdKYDBABZdNoDBABZdN8DBABZdPgDBABZ
dP0DBABZdVADBABZdVMwDAMEAFl1WQMEAll1WAMEAFl1ZTAMAwQAWXVpAwQCWXVo
MAwDBABZdXEDBABZdXIDBABZdXYDBAFZdY4DBABZdZ8wDAMEAFl1rQMEBFl1oAME
AFl1vgMEAFl12AMEAFl14wMEAFl1/jANBgkqhkiG9w0BAQsFAAOCAQEAyxTFQyzO
luLWluMeRiv3K12LryUI7tVBccOIhHeIxXyRTV6dyrubpGMvk1gNuCJzZf/LIXGT
qzhd15XGQ/fbTGdFSKgtLLTvZBMnvcL0YNe+IaUXL6G6xLQ8oNw2d2WSWJt2RKWJ
YdLo0d5ZKmjM3b/8YtWJ8wyfS+3ZktbYm2DvPC4HegiHtkDoQYlEQ9y+A5sSbdJ8
DpzHAc+3L52WGCq81BfzwUbGjVxUIskrCkSKd37xEbVUpoL4fSevZ7+Z8bnWs3rt
adQNJVw2XBp9dCob9Fsozwnd8XQ5wZQ3gWSUCNfElR2mhp1jb3aet/GrOn88feMk
BFyOMmwa+rwTFA==
-----END CERTIFICATE-----
Generated at Tue May 12 22:29:39 2026 by rpki-client