Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/JQA-HarJVevrzVlDDxxLwEh8Gs0.roa
File: JQA-HarJVevrzVlDDxxLwEh8Gs0.roa (raw, json)
Hash identifier: DCqgPByQqjOW1Ld1zDzDgjTePs/q3+t/F+AzIwqXHgI=
Subject key identifier: 25:00:3E:1D:AA:C9:55:EB:EB:CD:59:43:0F:1C:4B:C0:48:7C:1A:CD
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 01942067FCFF40D7DFBFF6212656AE30903D
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/JQA-HarJVevrzVlDDxxLwEh8Gs0.roa
Signing time: Wed 01 Jan 2025 05:47:53 +0000
ROA not before: Wed 01 Jan 2025 05:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5430
IP address blocks: 62.104.0.0/16 maxlen: 16
62.104.10.0/23 maxlen: 23
62.104.12.0/22 maxlen: 22
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.18.0/24 maxlen: 24
62.104.20.0/23 maxlen: 24
62.104.45.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.48.0/23 maxlen: 23
62.104.50.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
62.104.95.0/24 maxlen: 24
62.104.96.0/21 maxlen: 22
62.104.104.0/22 maxlen: 22
62.104.164.0/22 maxlen: 22
62.104.164.0/24 maxlen: 24
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
89.58.120.0/21 maxlen: 21
194.97.0.0/18 maxlen: 18
194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.96.0/24 maxlen: 24
194.97.102.0/24 maxlen: 24
194.97.118.0/24 maxlen: 24
194.97.119.0/24 maxlen: 24
194.97.120.0/23 maxlen: 23
194.97.122.0/24 maxlen: 24
194.97.160.0/19 maxlen: 19
194.97.164.0/22 maxlen: 22
195.4.0.0/17 maxlen: 17
195.4.6.0/24 maxlen: 24
195.4.12.0/23 maxlen: 23
195.4.16.0/22 maxlen: 22
195.4.16.0/24 maxlen: 24
195.4.27.0/24 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.176.0/21 maxlen: 24
195.4.176.0/24 maxlen: 24
195.4.178.0/23 maxlen: 23
195.4.216.0/21 maxlen: 21
195.4.224.0/19 maxlen: 19
2001:748::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:fc:ff:40:d7:df:bf:f6:21:26:56:ae:30:90:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Jan 1 05:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25003e1daac955ebebcd59430f1c4bc0487c1acd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:32:d4:f4:b2:f5:78:f8:48:70:ec:0c:44:86:
78:c3:6f:74:63:bf:46:f2:15:59:50:7f:07:b7:cc:
4b:9a:03:13:37:6d:1e:cb:70:c8:aa:b8:ff:33:5c:
18:17:e5:4e:5f:9e:d3:f5:8f:b2:e3:58:a8:bb:8f:
16:bf:f3:bd:67:9f:86:c4:9c:32:97:59:53:04:e9:
54:5b:a6:74:e9:09:e2:e7:02:10:10:72:82:42:a9:
f7:84:3d:7b:67:7e:a7:4d:e8:74:58:df:e8:0c:13:
aa:ba:d5:26:ac:3b:e5:51:72:d8:e0:84:8a:fd:ea:
e0:40:94:08:85:82:01:76:3b:cf:59:a0:e7:01:b5:
6a:db:9a:40:2a:69:0a:01:21:48:f3:5f:b2:51:d3:
f4:56:98:d3:e0:bc:65:9f:fe:44:75:03:fb:30:cf:
ca:e2:76:e5:30:d7:be:1b:b8:fb:68:ad:37:0a:8a:
c2:e5:84:b1:2c:1e:bf:b9:f2:70:56:3c:e3:be:b3:
b9:06:ba:6e:9e:7f:51:dc:c9:9c:3f:88:7a:99:af:
0e:ba:83:3e:dd:74:dc:b8:e1:fa:96:7e:b0:00:ee:
a6:ca:01:b7:ea:29:65:89:23:e5:5d:be:6b:64:a1:
c3:12:df:76:72:a2:4e:8d:97:ee:4d:b6:ca:ad:c2:
6a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:00:3E:1D:AA:C9:55:EB:EB:CD:59:43:0F:1C:4B:C0:48:7C:1A:CD
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/JQA-HarJVevrzVlDDxxLwEh8Gs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.58.120.0/21
194.97.0.0/18
194.97.96.0/19
194.97.160.0/19
195.4.0.0/17
195.4.176.0/21
195.4.216.0-195.4.255.255
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
98:6e:0c:a9:ec:f5:4f:da:55:c3:9a:35:c9:e0:2b:0f:79:4e:
e8:49:ad:39:82:58:02:c5:b0:f1:9c:0b:68:2b:fb:76:31:f5:
bb:7e:d0:57:30:86:33:87:93:98:7b:06:1a:17:00:51:d6:80:
19:61:6a:1d:00:e8:2c:ec:a7:41:14:34:ca:fa:00:7c:d3:77:
ce:f6:1c:ec:fa:a4:d1:af:ae:73:0d:da:67:9b:02:ff:ac:a0:
14:e4:85:7c:14:b4:eb:f9:ac:aa:a9:ad:3d:b9:b7:98:0a:ec:
09:bb:e9:8e:52:ae:7d:ce:26:a6:a0:ad:eb:2b:03:96:0c:d3:
10:72:93:0d:63:61:3e:51:cd:fb:a8:53:21:d0:98:1c:0c:15:
40:81:44:6c:e8:6d:c1:27:86:85:15:5f:0d:9d:a2:cb:32:57:
b5:e2:98:e9:6a:e8:23:17:63:f5:d1:e0:35:37:9d:0c:64:02:
3e:7a:a6:23:61:e9:e2:89:cc:97:bc:f1:cc:07:ce:20:32:3f:
c9:54:c6:c3:ee:4f:70:05:81:1e:b1:10:34:d2:5f:6d:df:97:
09:9b:e6:ba:1a:45:dc:f1:39:17:fd:fa:ce:04:06:15:48:25:
93:22:05:4f:c6:b9:34:03:b0:b5:87:10:b8:fa:04:87:6e:76:
a3:0c:04:eb
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZQgZ/z/QNffv/YhJlauMJA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjUwMTAxMDU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTAwM2UxZGFhYzk1NWViZWJjZDU5NDMwZjFjNGJjMDQ4N2MxYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzLU9LL1ePhIcOwMRIZ4w290Y79G
8hVZUH8Ht8xLmgMTN20ey3DIqrj/M1wYF+VOX57T9Y+y41iou48Wv/O9Z5+GxJwy
l1lTBOlUW6Z06Qni5wIQEHKCQqn3hD17Z36nTeh0WN/oDBOqutUmrDvlUXLY4ISK
/ergQJQIhYIBdjvPWaDnAbVq25pAKmkKASFI81+yUdP0VpjT4Lxln/5EdQP7MM/K
4nblMNe+G7j7aK03CorC5YSxLB6/ufJwVjzjvrO5Brpunn9R3MmcP4h6ma8OuoM+
3XTcuOH6ln6wAO6mygG36illiSPlXb5rZKHDEt92cqJOjZfuTbbKrcJqWQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFCUAPh2qyVXr681ZQw8cS8BIfBrNMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvSlFBLUhhckpWZXZyelZsRER4eEx3RWg4R3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwMAPmgDBANZ
OngDBAbCYQADBAXCYWADBAXCYaADBAfDBAADBAPDBLAwCwMEA8ME2AMDAMMEMA0E
AgACMAcDBQAgAQdIMA0GCSqGSIb3DQEBCwUAA4IBAQCYbgyp7PVP2lXDmjXJ4CsP
eU7oSa05glgCxbDxnAtoK/t2MfW7ftBXMIYzh5OYewYaFwBR1oAZYWodAOgs7KdB
FDTK+gB803fO9hzs+qTRr65zDdpnmwL/rKAU5IV8FLTr+ayqqa09ubeYCuwJu+mO
Uq59ziamoK3rKwOWDNMQcpMNY2E+Uc37qFMh0JgcDBVAgURs6G3BJ4aFFV8NnaLL
Mle14pjpaugjF2P10eA1N50MZAI+eqYjYeniicyXvPHMB84gMj/JVMbD7k9wBYEe
sRA00l9t35cJm+a6GkXc8TkX/frOBAYVSCWTIgVPxrk0A7C1hxC4+gSHbnajDATr
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:05:17 2025 by rpki-client