Route Origin Authorization
$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: bCvYI7PIsEHvaaHeeCmYDBs4AwhCvzTLrwnHNmRlSFI=
Subject key identifier: 8C:4A:8C:18:C3:24:DB:AE:22:FC:50:4A:BC:34:CF:0A:5D:27:CA:09
Certificate issuer: /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial: 0A10AEF790C8ABF777AA5BA65F310C93F537A21B
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa
Signing time: Tue 30 Sep 2025 11:36:42 +0000
ROA not before: Tue 30 Sep 2025 11:31:42 +0000
ROA not after: Tue 29 Sep 2026 11:36:42 +0000
asID: 396356
IP address blocks: 86.38.32.0/24 maxlen: 24
86.38.185.0/24 maxlen: 24
86.38.186.0/24 maxlen: 24
86.38.241.0/24 maxlen: 24
89.116.99.0/24 maxlen: 24
89.116.112.0/24 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.154.0/24 maxlen: 24
89.116.158.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.223.0/24 maxlen: 24
89.116.248.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.117.89.0/24 maxlen: 24
89.117.90.0/24 maxlen: 24
89.117.101.0/24 maxlen: 24
89.117.113.0/24 maxlen: 24
89.117.114.0/24 maxlen: 24
89.117.118.0/24 maxlen: 24
89.117.142.0/24 maxlen: 24
89.117.143.0/24 maxlen: 24
89.117.159.0/24 maxlen: 24
89.117.173.0/24 maxlen: 24
89.117.174.0/24 maxlen: 24
89.117.175.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.117.216.0/24 maxlen: 24
89.117.227.0/24 maxlen: 24
89.117.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 07:07:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:10:ae:f7:90:c8:ab:f7:77:aa:5b:a6:5f:31:0c:93:f5:37:a2:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
Validity
Not Before: Sep 30 11:31:42 2025 GMT
Not After : Sep 29 11:36:42 2026 GMT
Subject: CN=8C4A8C18C324DBAE22FC504ABC34CF0A5D27CA09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:69:cb:2b:a7:21:48:02:5e:29:9f:8c:24:46:
f9:80:9c:eb:60:ff:9c:23:64:67:f2:7f:a9:c4:c3:
3c:d6:c9:94:d2:dd:89:9c:dd:e0:88:9d:6e:c6:ef:
b3:de:64:8d:07:b6:8d:3f:71:4c:77:80:9b:6a:83:
88:09:49:38:9f:c5:62:2b:bf:41:e4:9c:f7:1a:2b:
be:35:2b:d5:e1:61:a0:79:60:cd:b2:ba:37:39:5d:
c0:49:18:5f:b3:ef:bb:f1:ed:dc:b9:d8:74:82:bd:
d5:30:4f:2f:f2:8b:24:11:3b:14:34:27:30:a6:ab:
38:47:6a:a7:87:b2:77:4c:d9:8b:66:e4:c5:45:c8:
74:00:91:27:78:d8:a3:b8:a0:76:45:3e:fd:86:42:
10:ae:bf:19:d6:d6:ed:df:7f:43:3a:e3:81:d0:87:
0c:97:c4:ce:33:d4:26:06:fb:39:7f:70:a9:af:9c:
ca:17:eb:e1:0d:6d:c4:d9:b9:06:d9:d7:56:51:ed:
f3:56:c8:57:89:0e:72:0b:04:4d:e1:19:fe:f3:fb:
4f:8d:12:ff:6f:8a:1b:d9:b3:dc:26:18:38:73:42:
17:b2:cf:07:95:4f:2a:1a:7d:66:db:2e:a3:8a:d8:
3d:69:60:16:3a:04:5d:4f:24:c1:4f:0b:c1:d7:ba:
c5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:4A:8C:18:C3:24:DB:AE:22:FC:50:4A:BC:34:CF:0A:5D:27:CA:09
X509v3 Authority Key Identifier:
keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject Information Access:
Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.32.0/24
86.38.185.0-86.38.186.255
86.38.241.0/24
89.116.99.0/24
89.116.112.0/24
89.116.132.0/24
89.116.154.0/24
89.116.158.0/24
89.116.166.0/24
89.116.218.0/24
89.116.223.0/24
89.116.248.0/24
89.116.253.0/24
89.117.89.0-89.117.90.255
89.117.101.0/24
89.117.113.0-89.117.114.255
89.117.118.0/24
89.117.142.0/23
89.117.159.0/24
89.117.173.0-89.117.175.255
89.117.190.0/24
89.117.216.0/24
89.117.227.0/24
89.117.254.0/24
Signature Algorithm: sha256WithRSAEncryption
85:e4:ce:cd:ba:cb:3f:38:42:0c:1a:c8:51:d2:8f:83:4d:26:
24:03:05:cb:c3:1d:32:69:de:c9:77:84:7a:f8:7d:59:6a:9a:
38:73:e1:71:67:f1:a9:a7:0e:d1:ad:dc:c2:ca:48:b5:11:45:
24:e8:7d:c0:9a:c6:cd:c2:80:ef:fe:7d:c7:29:67:4e:f9:6c:
c0:37:44:bf:7a:3e:0f:25:ee:cf:51:f0:fd:6d:94:a5:a0:8b:
ac:38:e7:4d:0e:61:ff:62:9c:11:87:3a:16:50:80:eb:5c:44:
ef:f0:41:3c:ee:70:6f:8c:66:36:91:ef:1a:7c:17:ad:6f:46:
84:42:5f:1f:90:9a:39:4e:d6:0f:de:f0:58:37:1d:a4:f6:d2:
2d:92:c0:fc:b1:e6:a8:41:38:9c:01:2d:06:fc:96:ae:72:4d:
13:d3:65:3c:f6:19:4b:42:61:e3:e0:78:80:29:66:1f:1b:ab:
a4:5a:cc:00:7a:38:55:1a:f7:f5:9c:79:60:e1:78:c5:28:e2:
bd:80:03:3d:7c:6c:d4:a5:0c:e8:9d:b7:ca:18:8b:c3:5a:ba:
bc:d1:19:b3:63:7a:07:c3:45:7e:32:e7:f5:07:b9:76:04:33:
ac:5b:85:82:1d:66:9b:34:5c:20:c6:55:14:2c:e1:b0:a3:26:
df:0e:a9:30
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUChCu95DIq/d3qlumXzEMk/U3ohswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNTA5MzAxMTMxNDJaFw0yNjA5MjkxMTM2NDJaMDMxMTAvBgNV
BAMTKDhDNEE4QzE4QzMyNERCQUUyMkZDNTA0QUJDMzRDRjBBNUQyN0NBMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCracsrpyFIAl4pn4wkRvmAnOtg
/5wjZGfyf6nEwzzWyZTS3Ymc3eCInW7G77PeZI0Hto0/cUx3gJtqg4gJSTifxWIr
v0HknPcaK741K9XhYaB5YM2yujc5XcBJGF+z77vx7dy52HSCvdUwTy/yiyQROxQ0
JzCmqzhHaqeHsndM2Ytm5MVFyHQAkSd42KO4oHZFPv2GQhCuvxnW1u3ff0M644HQ
hwyXxM4z1CYG+zl/cKmvnMoX6+ENbcTZuQbZ11ZR7fNWyFeJDnILBE3hGf7z+0+N
Ev9vihvZs9wmGDhzQheyzweVTyoafWbbLqOK2D1pYBY6BF1PJMFPC8HXusVnAgMB
AAGjggLeMIIC2jAdBgNVHQ4EFgQUjEqMGMMk264i/FBKvDTPCl0nygkwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzM5NjM1Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjCBzQYIKwYBBQUHAQcBAf8Egb0wgbowgbcEAgABMIGwAwQAViYgMAwDBABW
JrkDBABWJroDBABWJvEDBABZdGMDBABZdHADBABZdIQDBABZdJoDBABZdJ4DBABZ
dKYDBABZdNoDBABZdN8DBABZdPgDBABZdP0wDAMEAFl1WQMEAFl1WgMEAFl1ZTAM
AwQAWXVxAwQAWXVyAwQAWXV2AwQBWXWOAwQAWXWfMAwDBABZda0DBARZdaADBABZ
db4DBABZddgDBABZdeMDBABZdf4wDQYJKoZIhvcNAQELBQADggEBAIXkzs26yz84
QgwayFHSj4NNJiQDBcvDHTJp3sl3hHr4fVlqmjhz4XFn8amnDtGt3MLKSLURRSTo
fcCaxs3CgO/+fccpZ075bMA3RL96Pg8l7s9R8P1tlKWgi6w4500OYf9inBGHOhZQ
gOtcRO/wQTzucG+MZjaR7xp8F61vRoRCXx+QmjlO1g/e8Fg3HaT20i2SwPyx5qhB
OJwBLQb8lq5yTRPTZTz2GUtCYePgeIApZh8bq6RazAB6OFUa9/WceWDheMUo4r2A
Az18bNSlDOidt8oYi8NaurzRGbNjegfDRX4y5/UHuXYEM6xbhYIdZps0XCDGVRQs
4bCjJt8OqTA=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:38:10 2025 by rpki-client