Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/FwVF-Bbn_qnx-L1DlQWlLVmW3D0.roa
File: FwVF-Bbn_qnx-L1DlQWlLVmW3D0.roa (raw, json)
Hash identifier: mambcGlM9VMq/l/XX0cIiR00DK+IFrzXnSQyOu85IoM=
Subject key identifier: 17:05:45:F8:16:E7:FE:A9:F1:F8:BD:43:95:05:A5:2D:59:96:DC:3D
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 029CCCFE
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/FwVF-Bbn_qnx-L1DlQWlLVmW3D0.roa
Signing time: Mon 07 Feb 2022 18:22:10 +0000
ROA not before: Mon 07 Feb 2022 18:22:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3257
IP address blocks: 95.164.216.0/21 maxlen: 24
94.131.48.0/20 maxlen: 24
94.131.176.0/21 maxlen: 24
94.131.96.0/21 maxlen: 24
94.131.104.0/21 maxlen: 24
193.218.156.0/22 maxlen: 22
95.164.192.0/21 maxlen: 21
149.154.176.0/20 maxlen: 24
95.164.208.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43830526 (0x29cccfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Feb 7 18:22:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=170545f816e7fea9f1f8bd439505a52d5996dc3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:81:c5:61:a1:e6:46:b0:1c:a9:00:31:8a:9b:
2f:b6:16:84:a8:7e:37:b1:9c:a0:4b:bc:d2:52:e8:
41:ed:e7:8e:bc:b8:1e:43:7a:ef:b7:22:7c:fb:fc:
6d:06:d4:1f:27:ac:90:af:07:77:ad:ec:19:a6:f4:
04:4a:5e:7b:0f:d8:4e:07:ff:b0:1f:d6:30:52:9c:
ae:1b:81:5d:16:a8:a1:dd:8e:98:44:6a:94:f9:29:
d2:e0:18:42:e3:ee:6b:26:ff:87:3a:2e:a9:82:a6:
db:c1:23:10:fa:05:ca:5f:f1:ce:5f:b8:cc:bf:b6:
f0:e8:09:4d:d2:59:dd:33:ed:48:40:81:7d:6b:73:
87:4f:c1:4f:a5:a6:68:9a:52:de:78:e8:65:a3:05:
45:b8:15:04:60:28:c2:18:6d:68:18:72:ee:a6:1b:
35:78:08:56:79:0b:ba:83:62:cb:71:a0:e1:35:0d:
3e:78:b6:15:1e:da:f9:ef:81:ea:0a:de:74:a8:04:
c1:ae:e9:69:2c:66:58:91:01:f3:d8:cf:61:56:a1:
bf:24:79:50:00:60:e9:49:4b:50:ab:1a:e4:07:f1:
bb:f0:0a:da:91:cd:fb:f9:30:a1:c2:f8:a6:5a:cf:
9c:84:e6:dc:3f:a6:b0:54:66:65:af:76:bc:6f:55:
93:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:05:45:F8:16:E7:FE:A9:F1:F8:BD:43:95:05:A5:2D:59:96:DC:3D
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/FwVF-Bbn_qnx-L1DlQWlLVmW3D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.48.0/20
94.131.96.0/20
94.131.176.0/21
95.164.192.0/21
95.164.208.0/20
149.154.176.0/20
193.218.156.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:06:46:c5:18:d6:fc:43:d5:ba:cd:73:79:0a:7c:92:82:c9:
ed:90:dd:98:16:5c:8d:07:39:52:aa:0f:12:9b:94:6f:e1:46:
73:db:ef:2b:fb:8b:59:2b:fe:85:e3:a0:94:c6:65:34:0a:4b:
99:c4:b5:f9:76:28:55:15:20:72:ab:24:7a:d6:78:79:14:78:
40:c3:0c:ea:7b:e2:90:d9:b9:04:be:6c:94:10:4c:1d:0b:98:
67:2c:4d:9f:32:cf:53:be:c6:24:79:47:5e:53:f1:0e:7a:b3:
4b:07:f0:a8:6b:56:d5:88:09:62:59:8d:ed:c6:44:62:80:9d:
7d:0e:22:02:4c:3a:bd:a8:e2:6b:14:bf:f9:0b:2b:17:c2:6f:
85:a5:dc:4a:3e:40:30:2f:dc:0c:2b:e9:49:d1:61:95:df:59:
92:11:bb:b5:c0:e0:47:ff:78:3d:09:4d:d3:2a:27:50:60:3f:
33:54:62:02:e1:e6:f6:54:f1:b6:e6:81:4b:cc:e1:07:75:53:
78:74:9e:37:58:9f:3e:e9:34:90:7a:7e:b0:8f:97:b7:c2:ad:
be:39:75:5f:fe:4e:f3:7f:57:b6:54:3f:84:65:bb:f4:0a:2c:
ee:ab:45:e3:50:48:e5:09:b5:8e:d6:38:bb:e1:7e:f4:66:ec:
4f:0f:95:90
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEApzM/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDc0M2VkNjNlODY4ZWY1MGY2ZDg0YzAwMDNhODM0ODNmYzYyYTAzMB4XDTIyMDIw
NzE4MjIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTcwNTQ1ZjgxNmU3
ZmVhOWYxZjhiZDQzOTUwNWE1MmQ1OTk2ZGMzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGBxWGh5kawHKkAMYqbL7YWhKh+N7GcoEu80lLoQe3njry4
HkN677cifPv8bQbUHyeskK8Hd63sGab0BEpeew/YTgf/sB/WMFKcrhuBXRaood2O
mERqlPkp0uAYQuPuayb/hzouqYKm28EjEPoFyl/xzl+4zL+28OgJTdJZ3TPtSECB
fWtzh0/BT6WmaJpS3njoZaMFRbgVBGAowhhtaBhy7qYbNXgIVnkLuoNiy3Gg4TUN
Pni2FR7a+e+B6gredKgEwa7paSxmWJEB89jPYVahvyR5UABg6UlLUKsa5Afxu/AK
2pHN+/kwocL4plrPnITm3D+msFRmZa92vG9VkxUCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBQXBUX4Fuf+qfH4vUOVBaUtWZbcPTAfBgNVHSMEGDAWgBRtdD7WPoaO9Q9t
hMAAOoNIP8YqAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JYUS0xajZHanZVUGJZVEFBRHFEU0RfR0tnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvZTA1MzUyLWYxNDgtNDBhMC04N2E0LWU5NzI0YTdhNmJjOC8x
L0Z3VkYtQmJuX3FueC1MMURsUVdsTFZtVzNEMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
ZTA1MzUyLWYxNDgtNDBhMC04N2E0LWU5NzI0YTdhNmJjOC8xL2JYUS0xajZHanZV
UGJZVEFBRHFEU0RfR0tnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEBF6DMAMEBF6DYAMEA16DsAMEA1+k
wAMEBF+k0AMEBJWasAMEAsHanDANBgkqhkiG9w0BAQsFAAOCAQEASwZGxRjW/EPV
us1zeQp8koLJ7ZDdmBZcjQc5UqoPEpuUb+FGc9vvK/uLWSv+heOglMZlNApLmcS1
+XYoVRUgcqsketZ4eRR4QMMM6nvikNm5BL5slBBMHQuYZyxNnzLPU77GJHlHXlPx
DnqzSwfwqGtW1YgJYlmN7cZEYoCdfQ4iAkw6vajiaxS/+QsrF8JvhaXcSj5AMC/c
DCvpSdFhld9ZkhG7tcDgR/94PQlN0yonUGA/M1RiAuHm9lTxtuaBS8zhB3VTeHSe
N1ifPuk0kHp+sI+Xt8Ktvjl1X/5O839XtlQ/hGW79Aos7qtF41BI5Qm1jtY4u+F+
9GbsTw+VkA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:08 2025 by rpki-client