Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/eFF3LCFLj3K1DBoArESHbB5_FN8.roa
File: eFF3LCFLj3K1DBoArESHbB5_FN8.roa (raw, json)
Hash identifier: qLL9V5LZ+PnxYIx1CC++Q8TWbFw/CjLVJO7ui4D8kaY=
Subject key identifier: 78:51:77:2C:21:4B:8F:72:B5:0C:1A:00:AC:44:87:6C:1E:7F:14:DF
Certificate issuer: /CN=cb20606de730456edd7335cc882cbdf4396f3460
Certificate serial: 01856D93E4019D615B1E3B73F212E47C6C5C
Authority key identifier: CB:20:60:6D:E7:30:45:6E:DD:73:35:CC:88:2C:BD:F4:39:6F:34:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yyBgbecwRW7dczXMiCy99DlvNGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/eFF3LCFLj3K1DBoArESHbB5_FN8.roa
Signing time: Sun 01 Jan 2023 13:44:46 +0000
ROA not before: Sun 01 Jan 2023 13:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43679
IP address blocks: 78.28.0.0/24 maxlen: 24
93.94.17.0/24 maxlen: 24
93.94.16.0/21 maxlen: 21
93.94.16.0/22 maxlen: 22
93.94.22.0/24 maxlen: 24
93.94.20.0/23 maxlen: 23
93.94.23.0/24 maxlen: 24
2a02:e88::/48 maxlen: 48
2a02:e88::/32 maxlen: 32
2a02:e88::/33 maxlen: 33
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:e4:01:9d:61:5b:1e:3b:73:f2:12:e4:7c:6c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb20606de730456edd7335cc882cbdf4396f3460
Validity
Not Before: Jan 1 13:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7851772c214b8f72b50c1a00ac44876c1e7f14df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:71:0b:1c:d2:29:ae:a3:88:24:fa:d9:1f:f4:
df:13:aa:e6:b4:02:f9:00:a2:71:b7:6b:5d:e5:46:
03:96:f1:94:fe:46:82:3b:22:aa:3b:b5:f3:2c:62:
21:3c:c5:82:5f:71:6d:b9:8c:29:aa:d6:04:4a:b3:
a6:90:66:37:fa:74:e7:9e:02:2d:61:43:50:1f:22:
9e:d7:2a:8e:52:34:7e:b4:91:c4:79:e9:62:7d:41:
f3:e7:56:fb:9a:9a:b8:3c:54:f4:19:02:40:0b:2d:
3a:88:35:8e:e6:5a:38:4b:f2:67:e4:88:31:e3:fc:
42:1b:95:56:2d:89:85:66:d5:3e:7a:54:aa:39:04:
dc:e3:4d:3d:e4:43:ae:c7:94:1a:35:db:d0:2a:aa:
d5:cf:a2:69:f1:f7:85:1c:ba:48:31:93:9f:92:c5:
26:95:0e:9d:93:44:35:98:74:16:a1:61:fe:d0:4b:
07:5e:d7:33:15:d0:6e:88:4b:49:c2:0e:05:67:5b:
6f:50:6b:05:ad:fb:b6:ce:9b:03:d3:9f:86:00:9f:
c4:8c:30:39:52:b3:8f:19:3c:2b:7d:fa:14:71:b5:
ff:9e:6b:8c:1e:ad:22:74:54:c7:96:9a:18:b8:a2:
48:f9:5b:4e:6b:21:9c:01:4c:99:ba:59:84:43:d7:
c8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:51:77:2C:21:4B:8F:72:B5:0C:1A:00:AC:44:87:6C:1E:7F:14:DF
X509v3 Authority Key Identifier:
keyid:CB:20:60:6D:E7:30:45:6E:DD:73:35:CC:88:2C:BD:F4:39:6F:34:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyBgbecwRW7dczXMiCy99DlvNGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/eFF3LCFLj3K1DBoArESHbB5_FN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/yyBgbecwRW7dczXMiCy99DlvNGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.28.0.0/24
93.94.16.0/21
IPv6:
2a02:e88::/32
Signature Algorithm: sha256WithRSAEncryption
1c:03:09:df:65:c8:54:29:67:b1:bf:51:93:94:0e:a0:7a:cf:
b9:48:c9:c2:0e:90:72:3b:43:33:a0:b6:a4:ba:29:03:8d:93:
dd:62:59:bb:bf:72:18:5a:f9:58:59:c8:54:06:a9:f0:a0:b9:
01:0a:39:62:e9:80:80:77:c9:08:cb:71:05:2a:c8:cf:24:be:
f6:57:4e:42:b5:61:8b:3c:99:59:08:80:bd:b4:e2:6d:ff:de:
79:1e:c5:66:c8:54:13:73:c4:4d:a7:b9:01:30:4c:c0:84:69:
a6:d6:fc:79:6f:b1:25:28:5c:bb:e9:ad:02:bb:03:3f:99:c3:
c4:65:d8:ba:3e:6d:5d:8d:9c:3c:44:96:25:21:d8:86:54:f1:
0d:44:60:cc:09:cd:44:d4:f1:56:6a:6c:f3:78:13:33:74:1f:
87:4c:a2:38:bf:e8:83:c9:4d:f0:6a:5a:4d:4d:3b:79:2d:48:
d1:7a:f5:53:98:1e:39:26:f6:d1:29:0a:38:78:38:4a:ae:eb:
4a:fd:98:b3:ca:74:f1:05:49:cc:c5:0c:ba:0f:31:da:72:50:
be:69:ca:d3:81:1a:9a:80:4f:93:c6:42:46:9d:8e:e7:01:40:
c9:6e:73:6f:39:65:a2:20:03:6a:c3:74:48:fc:25:ae:88:f1:
2c:7b:20:ac
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtk+QBnWFbHjtz8hLkfGxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjA2MDZkZTczMDQ1NmVkZDczMzVjYzg4MmNiZGY0Mzk2
ZjM0NjAwHhcNMjMwMTAxMTM0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODUxNzcyYzIxNGI4ZjcyYjUwYzFhMDBhYzQ0ODc2YzFlN2YxNGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3ELHNIprqOIJPrZH/TfE6rmtAL5
AKJxt2td5UYDlvGU/kaCOyKqO7XzLGIhPMWCX3FtuYwpqtYESrOmkGY3+nTnngIt
YUNQHyKe1yqOUjR+tJHEeelifUHz51b7mpq4PFT0GQJACy06iDWO5lo4S/Jn5Igx
4/xCG5VWLYmFZtU+elSqOQTc40095EOux5QaNdvQKqrVz6Jp8feFHLpIMZOfksUm
lQ6dk0Q1mHQWoWH+0EsHXtczFdBuiEtJwg4FZ1tvUGsFrfu2zpsD05+GAJ/EjDA5
UrOPGTwrffoUcbX/nmuMHq0idFTHlpoYuKJI+VtOayGcAUyZulmEQ9fIQwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHhRdywhS49ytQwaAKxEh2wefxTfMB8GA1UdIwQY
MBaAFMsgYG3nMEVu3XM1zIgsvfQ5bzRgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlCZ2JlY3dSVzdkY3pYTWlDeTk5RGx2TkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iZjdhMjgtYmYxZS00ODM1LWJlZWQt
YjNkODZhYTQzYmM1LzEvZUZGM0xDRkxqM0sxREJvQXJFU0hiQjVfRk44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iZjdhMjgtYmYxZS00ODM1LWJlZWQtYjNkODZhYTQzYmM1
LzEveXlCZ2JlY3dSVzdkY3pYTWlDeTk5RGx2TkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAThwAAwQD
XV4QMA0EAgACMAcDBQAqAg6IMA0GCSqGSIb3DQEBCwUAA4IBAQAcAwnfZchUKWex
v1GTlA6ges+5SMnCDpByO0MzoLakuikDjZPdYlm7v3IYWvlYWchUBqnwoLkBCjli
6YCAd8kIy3EFKsjPJL72V05CtWGLPJlZCIC9tOJt/955HsVmyFQTc8RNp7kBMEzA
hGmm1vx5b7ElKFy76a0CuwM/mcPEZdi6Pm1djZw8RJYlIdiGVPENRGDMCc1E1PFW
amzzeBMzdB+HTKI4v+iDyU3walpNTTt5LUjRevVTmB45JvbRKQo4eDhKrutK/Ziz
ynTxBUnMxQy6DzHaclC+acrTgRqagE+TxkJGnY7nAUDJbnNvOWWiIANqw3RI/CWu
iPEseyCs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:43 2024 by rpki-client on console-fra.rpki-client.org