Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mshereBNr_k1l5Pnp1X-0VV2g7c.roa
File: mshereBNr_k1l5Pnp1X-0VV2g7c.roa (raw, json)
Hash identifier: ku1aSN5h/j8BGDyOPG1zo7TVfsa9c7xsTQjzztB3L8A=
Subject key identifier: 9A:C8:5E:AD:E0:4D:AF:F9:35:97:93:E7:A7:55:FE:D1:55:76:83:B7
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BFF4915328DD0B0B1B58EAA1F777D7C07
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mshereBNr_k1l5Pnp1X-0VV2g7c.roa
Signing time: Fri 24 Nov 2023 03:04:21 +0000
ROA not before: Fri 24 Nov 2023 03:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:ff48:da7f/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ff:49:15:32:8d:d0:b0:b1:b5:8e:aa:1f:77:7d:7c:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 24 03:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ac85eade04daff9359793e7a755fed1557683b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:af:7d:47:a4:26:ce:e2:2f:34:63:c9:27:a9:
e8:fd:e9:ff:b5:4f:43:72:f9:18:27:07:f6:aa:7c:
a9:c2:51:1a:a3:a2:58:01:6e:76:73:46:b6:84:42:
8b:53:ba:2c:ff:83:76:6b:b5:42:1c:71:76:25:95:
33:a6:8d:aa:5a:5b:89:0d:aa:aa:a6:30:27:6e:42:
81:97:fc:d4:7d:bc:80:14:61:ba:32:30:8c:41:9f:
cc:a1:2e:38:95:51:5f:33:cb:68:36:88:06:0b:37:
a3:95:5b:14:05:89:28:5f:7f:12:4d:04:1b:f8:1d:
45:9d:10:76:3d:ec:24:ca:e9:3e:57:2f:2a:c8:b9:
17:ce:88:cb:fc:83:1f:d1:bc:0e:42:d9:4a:4d:86:
d6:5e:15:fe:03:b6:78:d6:84:9a:ed:d2:85:5e:91:
52:86:5a:ae:d6:2b:c2:a9:da:e0:da:fa:dd:ef:59:
9d:f0:af:4f:48:0d:51:92:80:70:af:50:22:d8:f3:
8c:85:4f:0a:8b:75:de:c5:71:c1:f3:39:a1:18:59:
bc:b3:c5:f6:48:a1:64:57:14:b7:e8:af:0c:1f:9c:
e2:9b:e9:e1:3d:b6:cd:6c:12:02:04:4f:da:3f:44:
5d:14:7f:bb:d8:c3:df:01:78:bf:35:da:8f:81:b1:
ed:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C8:5E:AD:E0:4D:AF:F9:35:97:93:E7:A7:55:FE:D1:55:76:83:B7
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mshereBNr_k1l5Pnp1X-0VV2g7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b0:1f:6c:d0:1d:c0:43:b3:45:5c:cc:23:c7:c3:c8:36:20:fa:
b0:ee:a6:bb:e0:df:89:d3:94:b2:cb:37:5c:b2:28:30:7b:a8:
14:2e:c9:40:1d:33:bc:ad:78:65:15:22:df:e4:b2:8e:d5:32:
77:d3:2f:88:f5:b8:82:04:d7:d0:45:9d:5a:de:59:60:98:8d:
a1:af:21:7a:9c:3e:ff:ff:75:89:42:32:20:94:66:26:31:b4:
cb:07:24:50:38:78:aa:5d:03:2a:7a:76:15:e5:fd:dd:44:a4:
b4:44:ac:e5:a6:35:0e:7f:b1:ce:2e:c5:92:30:51:ef:dd:50:
7f:44:4a:dd:bf:10:57:3e:15:58:25:82:92:f4:a4:3c:94:9a:
24:e6:68:8e:1c:98:ab:16:e5:25:d7:5d:e5:6f:2c:4a:b3:60:
02:dc:d8:80:85:f5:34:c0:ef:e5:fb:79:e6:63:73:10:7b:82:
18:9a:bc:de:c3:0a:9c:44:d1:b8:0e:56:6f:92:65:ef:3c:3d:
0f:73:77:61:31:fa:c2:8e:41:cc:5e:80:eb:4b:29:2e:ed:ad:
e5:2c:bc:0a:f8:99:fd:76:9d:ac:33:09:d7:6c:bf:99:69:7c:
bd:2f:a8:e4:d3:0b:64:4f:17:ce:91:0f:70:87:2f:d4:72:5b:
ba:96:a5:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv/SRUyjdCwsbWOqh93fXwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI0MDMwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWM4NWVhZGUwNGRhZmY5MzU5NzkzZTdhNzU1ZmVkMTU1NzY4M2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5699R6QmzuIvNGPJJ6no/en/tU9D
cvkYJwf2qnypwlEao6JYAW52c0a2hEKLU7os/4N2a7VCHHF2JZUzpo2qWluJDaqq
pjAnbkKBl/zUfbyAFGG6MjCMQZ/MoS44lVFfM8toNogGCzejlVsUBYkoX38STQQb
+B1FnRB2Pewkyuk+Vy8qyLkXzojL/IMf0bwOQtlKTYbWXhX+A7Z41oSa7dKFXpFS
hlqu1ivCqdrg2vrd71md8K9PSA1RkoBwr1Ai2POMhU8Ki3XexXHB8zmhGFm8s8X2
SKFkVxS36K8MH5zim+nhPbbNbBICBE/aP0RdFH+72MPfAXi/NdqPgbHt+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJrIXq3gTa/5NZeT56dV/tFVdoO3MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbXNoZXJlQk5yX2sxbDVQbnAxWC0wVlYyZzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALAfbNAdwEOzRVzMI8fD
yDYg+rDuprvg34nTlLLLN1yyKDB7qBQuyUAdM7yteGUVIt/kso7VMnfTL4j1uIIE
19BFnVreWWCYjaGvIXqcPv//dYlCMiCUZiYxtMsHJFA4eKpdAyp6dhXl/d1EpLRE
rOWmNQ5/sc4uxZIwUe/dUH9ESt2/EFc+FVglgpL0pDyUmiTmaI4cmKsW5SXXXeVv
LEqzYALc2ICF9TTA7+X7eeZjcxB7ghiavN7DCpxE0bgOVm+SZe88PQ9zd2Ex+sKO
QcxegOtLKS7treUsvAr4mf12nawzCddsv5lpfL0vqOTTC2RPF86RD3CHL9RyW7qW
pT8=
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:24:16 2025 by rpki-client