Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/EG9mgdP5gqRMgp18jNqzBcVM9rQ.roa
File: EG9mgdP5gqRMgp18jNqzBcVM9rQ.roa (raw, json)
Hash identifier: rmSckztpmRPyo53G5zkIaVgAiK8Fg0tJBy/qPFjTRDQ=
Subject key identifier: 10:6F:66:81:D3:F9:82:A4:4C:82:9D:7C:8C:DA:B3:05:C5:4C:F6:B4
Certificate issuer: /CN=892d21566ccfc3bb079ec5854b044ab809804157
Certificate serial: 0A5DD2FA
Authority key identifier: 89:2D:21:56:6C:CF:C3:BB:07:9E:C5:85:4B:04:4A:B8:09:80:41:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iS0hVmzPw7sHnsWFSwRKuAmAQVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/EG9mgdP5gqRMgp18jNqzBcVM9rQ.roa
Signing time: Sat 01 Jan 2022 01:59:15 +0000
ROA not before: Sat 01 Jan 2022 01:59:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205836
IP address blocks: 85.255.94.0/23 maxlen: 23
85.255.94.0/24 maxlen: 24
85.255.92.0/24 maxlen: 24
85.255.92.0/23 maxlen: 23
85.255.95.0/24 maxlen: 24
85.255.92.0/22 maxlen: 22
85.255.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173921018 (0xa5dd2fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=892d21566ccfc3bb079ec5854b044ab809804157
Validity
Not Before: Jan 1 01:59:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=106f6681d3f982a44c829d7c8cdab305c54cf6b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e5:58:7e:fa:0b:1b:fb:6c:05:ba:b8:05:76:
d9:a4:72:cb:46:c7:6c:16:ca:56:dd:10:9e:bc:a3:
7a:3f:f0:e5:78:95:47:7b:11:37:76:b5:1c:46:5f:
26:64:65:e2:27:22:5c:b3:e5:e3:d0:2e:2c:c9:ab:
c5:d7:89:cd:f9:4b:c8:9b:e6:fd:0c:d9:73:50:2a:
b3:c3:4d:62:eb:32:cd:3f:12:6b:fa:e1:e9:1a:26:
1e:77:a1:95:5b:1b:c5:43:f6:72:a9:54:64:85:31:
1c:c4:2a:63:ac:5f:f0:86:df:b6:1a:b2:4c:17:17:
8c:0f:1e:4c:30:14:83:31:1b:b7:50:74:d7:91:19:
13:4e:61:db:51:ac:57:c4:32:65:95:bb:bf:42:28:
0e:dc:82:60:39:f9:ec:40:30:5a:ba:a5:8b:91:fd:
08:4d:04:e3:3d:bb:45:2c:b4:17:8a:e3:45:59:21:
ab:be:c2:01:22:c1:13:a5:b5:33:22:58:31:68:4a:
d6:e9:bf:a1:62:f9:d3:46:f7:c8:2c:73:4a:02:b8:
1f:21:9d:93:7e:a1:55:53:e8:98:fa:4f:91:48:aa:
05:8c:cc:e0:e9:61:74:a5:8d:0b:94:96:b0:45:aa:
ab:df:7e:bf:fd:8b:5d:35:71:c8:5a:e0:2e:4f:0d:
93:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:6F:66:81:D3:F9:82:A4:4C:82:9D:7C:8C:DA:B3:05:C5:4C:F6:B4
X509v3 Authority Key Identifier:
keyid:89:2D:21:56:6C:CF:C3:BB:07:9E:C5:85:4B:04:4A:B8:09:80:41:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iS0hVmzPw7sHnsWFSwRKuAmAQVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/EG9mgdP5gqRMgp18jNqzBcVM9rQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/iS0hVmzPw7sHnsWFSwRKuAmAQVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.92.0/22
Signature Algorithm: sha256WithRSAEncryption
58:d7:8a:49:19:f5:14:b8:f0:a9:67:60:45:99:03:85:eb:6f:
95:bc:cb:89:96:bf:30:99:1a:f8:39:d1:c9:9e:d2:9f:60:4d:
52:bf:49:6c:99:85:44:7e:a5:19:53:30:6a:78:d8:23:48:1b:
db:a4:10:3a:57:3b:c7:f5:b5:f1:cf:03:64:f7:52:7a:03:4b:
87:dd:27:26:ad:1e:4a:d3:b1:de:ae:93:40:b1:8f:6f:ee:39:
b8:1e:33:61:04:63:35:bf:a2:23:b3:62:84:ef:16:93:87:2a:
a4:0e:c5:7a:bb:8b:78:fa:7a:a0:e2:9b:5f:91:b8:a7:99:eb:
72:96:c0:fd:1f:df:fa:a1:c3:57:40:05:bf:ca:43:09:11:41:
cf:2d:23:53:9a:25:f7:e5:79:bf:14:e1:72:13:da:30:40:50:
e0:18:d8:71:db:3f:a1:c4:10:de:b2:e4:c1:e5:f8:8b:f4:0c:
1d:0d:e5:dd:32:09:7f:2c:43:79:64:93:f1:06:ab:35:11:c7:
84:24:cd:9a:7e:3c:e0:ca:0a:f2:c7:dc:ca:bb:d5:ad:8d:fe:
37:bd:dd:30:c7:c6:6d:df:ef:dc:1c:05:44:d1:5f:41:49:b2:
6f:68:fc:55:a3:8c:4a:a1:63:d2:df:35:e6:c9:c2:45:d3:b2:
5b:73:64:7b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECl3S+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OTJkMjE1NjZjY2ZjM2JiMDc5ZWM1ODU0YjA0NGFiODA5ODA0MTU3MB4XDTIyMDEw
MTAxNTkxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTA2ZjY2ODFkM2Y5
ODJhNDRjODI5ZDdjOGNkYWIzMDVjNTRjZjZiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANflWH76Cxv7bAW6uAV22aRyy0bHbBbKVt0Qnryjej/w5XiV
R3sRN3a1HEZfJmRl4iciXLPl49AuLMmrxdeJzflLyJvm/QzZc1Aqs8NNYusyzT8S
a/rh6RomHnehlVsbxUP2cqlUZIUxHMQqY6xf8IbfthqyTBcXjA8eTDAUgzEbt1B0
15EZE05h21GsV8QyZZW7v0IoDtyCYDn57EAwWrqli5H9CE0E4z27RSy0F4rjRVkh
q77CASLBE6W1MyJYMWhK1um/oWL500b3yCxzSgK4HyGdk36hVVPomPpPkUiqBYzM
4OlhdKWNC5SWsEWqq99+v/2LXTVxyFrgLk8NkzECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQQb2aB0/mCpEyCnXyM2rMFxUz2tDAfBgNVHSMEGDAWgBSJLSFWbM/Duwee
xYVLBEq4CYBBVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lTMGhWbXpQdzdzSG5zV0ZTd1JLdUFtQVFWYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvZDU5N2IwLTY0MjUtNDI1Zi1iNzIzLTRlYjhiMGI0OWM0YS8x
L0VHOW1nZFA1Z3FSTWdwMThqTnF6QmNWTTlyUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
ZDU5N2IwLTY0MjUtNDI1Zi1iNzIzLTRlYjhiMGI0OWM0YS8xL2lTMGhWbXpQdzdz
SG5zV0ZTd1JLdUFtQVFWYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlX/XDANBgkqhkiG9w0BAQsFAAOC
AQEAWNeKSRn1FLjwqWdgRZkDhetvlbzLiZa/MJka+DnRyZ7Sn2BNUr9JbJmFRH6l
GVMwanjYI0gb26QQOlc7x/W18c8DZPdSegNLh90nJq0eStOx3q6TQLGPb+45uB4z
YQRjNb+iI7NihO8Wk4cqpA7FeruLePp6oOKbX5G4p5nrcpbA/R/f+qHDV0AFv8pD
CRFBzy0jU5ol9+V5vxThchPaMEBQ4BjYcds/ocQQ3rLkweX4i/QMHQ3l3TIJfyxD
eWST8QarNRHHhCTNmn484MoK8sfcyrvVrY3+N73dMMfGbd/v3BwFRNFfQUmyb2j8
VaOMSqFj0t815snCRdOyW3Nkew==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:15:10 2025 by rpki-client