Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/M_CsMexNrlCbbdVGYlbfwxt0mBM.roa
File: M_CsMexNrlCbbdVGYlbfwxt0mBM.roa (raw, json)
Hash identifier: dwvm9kmx6QH3BqFCQAKmVcau7W20h2o4mpu1khW0L7s=
Subject key identifier: 33:F0:AC:31:EC:4D:AE:50:9B:6D:D5:46:62:56:DF:C3:1B:74:98:13
Certificate issuer: /CN=cfd3a3f1069fcd512da514f66d6ee34ba3debb0f
Certificate serial: 0190106A84736FAAA64965BCD74AD36187F2
Authority key identifier: CF:D3:A3:F1:06:9F:CD:51:2D:A5:14:F6:6D:6E:E3:4B:A3:DE:BB:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9Oj8QafzVEtpRT2bW7jS6Peuw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/M_CsMexNrlCbbdVGYlbfwxt0mBM.roa
Signing time: Thu 13 Jun 2024 07:05:34 +0000
ROA not before: Thu 13 Jun 2024 07:05:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47564
IP address blocks: 91.204.200.0/22 maxlen: 22
176.107.226.0/23 maxlen: 23
176.107.228.0/23 maxlen: 23
176.107.232.0/23 maxlen: 23
176.107.234.0/24 maxlen: 24
176.107.236.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/z9Oj8QafzVEtpRT2bW7jS6Peuw8.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/z9Oj8QafzVEtpRT2bW7jS6Peuw8.mft
rsync://rpki.ripe.net/repository/DEFAULT/z9Oj8QafzVEtpRT2bW7jS6Peuw8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:10:6a:84:73:6f:aa:a6:49:65:bc:d7:4a:d3:61:87:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfd3a3f1069fcd512da514f66d6ee34ba3debb0f
Validity
Not Before: Jun 13 07:05:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33f0ac31ec4dae509b6dd5466256dfc31b749813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6e:22:37:91:f2:b5:a3:22:e8:c1:98:3b:8a:
1a:72:3d:19:f8:95:88:95:41:3a:3f:6b:a0:0c:18:
7f:20:44:b9:43:db:29:c9:09:fe:cc:e2:b2:aa:5f:
03:18:39:d2:e7:47:cb:88:f4:92:50:8b:2c:c9:29:
02:bd:e7:88:7c:7b:e0:c2:73:37:e1:09:b1:48:27:
a6:65:ec:e1:47:53:81:dd:32:0e:c0:5a:c5:43:60:
03:50:c5:6a:07:55:bf:22:56:4a:41:f1:26:d3:ba:
be:52:a3:bf:00:38:3d:3f:e7:c5:c4:f1:f6:33:8f:
e7:13:92:0c:98:38:fd:8c:4f:92:0b:ee:85:14:38:
fb:67:34:e9:00:dc:b9:b2:28:ef:a4:4d:38:34:64:
ac:70:9a:b4:21:7d:70:17:3f:fe:ea:bb:e2:61:85:
7e:f7:3f:f2:c7:78:d9:74:46:fd:33:a3:87:43:d4:
78:75:ba:d7:f6:3c:9b:95:5a:7e:70:cb:a9:75:27:
07:a2:75:c6:98:2a:e4:b9:8c:fd:12:eb:70:41:64:
0a:de:ea:59:3b:a9:8e:5d:f7:92:2a:3b:c0:c2:4a:
1b:45:f4:ce:7b:2b:03:66:e2:17:de:cc:aa:9e:b5:
47:bb:b3:90:85:7d:1b:95:73:71:e5:1b:a6:3d:1f:
47:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F0:AC:31:EC:4D:AE:50:9B:6D:D5:46:62:56:DF:C3:1B:74:98:13
X509v3 Authority Key Identifier:
keyid:CF:D3:A3:F1:06:9F:CD:51:2D:A5:14:F6:6D:6E:E3:4B:A3:DE:BB:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9Oj8QafzVEtpRT2bW7jS6Peuw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/M_CsMexNrlCbbdVGYlbfwxt0mBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/z9Oj8QafzVEtpRT2bW7jS6Peuw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.200.0/22
176.107.226.0-176.107.229.255
176.107.232.0-176.107.234.255
176.107.236.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:ba:c3:41:0a:18:93:4d:b0:ba:b4:6e:d4:58:cb:df:60:48:
76:d7:73:50:4b:b2:9f:2f:a3:c6:fb:71:15:2d:5c:27:28:3a:
e2:43:ed:6e:bd:31:c6:7a:35:fa:7f:78:8f:64:11:cc:25:b4:
83:a1:b6:2f:b9:44:6c:5b:5c:8b:be:9e:48:af:0b:1c:32:90:
51:67:80:63:87:59:ac:80:00:99:80:06:a8:5a:d4:e1:e7:01:
35:dc:bb:87:3e:35:c0:33:35:da:57:2c:79:3c:63:7f:2e:31:
15:a5:25:fb:48:85:79:c4:d4:4b:d4:23:78:6e:32:be:67:be:
bd:70:88:5c:6b:48:7c:75:c9:62:4e:b3:d0:81:13:5c:17:6c:
6c:79:ff:73:13:5a:86:c2:f5:4e:1f:fc:fb:07:27:98:a0:0d:
25:96:3f:8a:5d:b0:d4:45:cd:eb:74:1e:34:f6:b6:5b:e6:d7:
8e:16:43:93:72:27:c2:87:8d:73:1d:d1:7f:ab:91:10:2f:14:
b0:36:d6:65:e3:7c:23:92:bb:15:8a:ed:c4:25:1f:37:54:68:
09:e3:32:eb:79:69:9a:8d:b1:99:ca:9a:0c:bf:50:91:1b:c7:
8c:cc:92:0f:8e:ab:b9:7c:88:90:59:23:32:c2:ea:b5:1b:8c:
83:e1:c1:15
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZAQaoRzb6qmSWW810rTYYfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZDNhM2YxMDY5ZmNkNTEyZGE1MTRmNjZkNmVlMzRiYTNk
ZWJiMGYwHhcNMjQwNjEzMDcwNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2YwYWMzMWVjNGRhZTUwOWI2ZGQ1NDY2MjU2ZGZjMzFiNzQ5ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqG4iN5HytaMi6MGYO4oacj0Z+JWI
lUE6P2ugDBh/IES5Q9spyQn+zOKyql8DGDnS50fLiPSSUIssySkCveeIfHvgwnM3
4QmxSCemZezhR1OB3TIOwFrFQ2ADUMVqB1W/IlZKQfEm07q+UqO/ADg9P+fFxPH2
M4/nE5IMmDj9jE+SC+6FFDj7ZzTpANy5sijvpE04NGSscJq0IX1wFz/+6rviYYV+
9z/yx3jZdEb9M6OHQ9R4dbrX9jyblVp+cMupdScHonXGmCrkuYz9EutwQWQK3upZ
O6mOXfeSKjvAwkobRfTOeysDZuIX3syqnrVHu7OQhX0blXNx5RumPR9HpwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDPwrDHsTa5Qm23VRmJW38MbdJgTMB8GA1UdIwQY
MBaAFM/To/EGn81RLaUU9m1u40uj3rsPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejlPajhRYWZ6VkV0cFJUMmJXN2pTNlBldXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iM2Y4MjUtZGEzOC00OTg5LTk2Mjkt
MzgyOTIwMTU1ZmZiLzEvTV9Dc01leE5ybENiYmRWR1lsYmZ3eHQwbUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iM2Y4MjUtZGEzOC00OTg5LTk2MjktMzgyOTIwMTU1ZmZi
LzEvejlPajhRYWZ6VkV0cFJUMmJXN2pTNlBldXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCW8zIMAwD
BAGwa+IDBAGwa+QwDAMEA7Br6AMEALBr6gMEAbBr7DANBgkqhkiG9w0BAQsFAAOC
AQEAi7rDQQoYk02wurRu1FjL32BIdtdzUEuyny+jxvtxFS1cJyg64kPtbr0xxno1
+n94j2QRzCW0g6G2L7lEbFtci76eSK8LHDKQUWeAY4dZrIAAmYAGqFrU4ecBNdy7
hz41wDM12lcseTxjfy4xFaUl+0iFecTUS9QjeG4yvme+vXCIXGtIfHXJYk6z0IET
XBdsbHn/cxNahsL1Th/8+wcnmKANJZY/il2w1EXN63QeNPa2W+bXjhZDk3InwoeN
cx3Rf6uREC8UsDbWZeN8I5K7FYrtxCUfN1RoCeMy63lpmo2xmcqaDL9QkRvHjMyS
D46ruXyIkFkjMsLqtRuMg+HBFQ==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:41:04 2024 by rpki-client on console-fra.rpki-client.org