Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/1LES7Nll3csM4COw3jR4hN1j9FI.roa
File: 1LES7Nll3csM4COw3jR4hN1j9FI.roa (raw, json)
Hash identifier: CDuZn9xzhU34bP8nxRa7N+Y9xCJUQEf6E0KQ7d+7sAU=
Subject key identifier: D4:B1:12:EC:D9:65:DD:CB:0C:E0:23:B0:DE:34:78:84:DD:63:F4:52
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 0188719759DCDB8BBAC415157D0B3379A62D
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/1LES7Nll3csM4COw3jR4hN1j9FI.roa
Signing time: Wed 31 May 2023 11:35:24 +0000
ROA not before: Wed 31 May 2023 11:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39150
IP address blocks: 95.85.83.0/24 maxlen: 24
95.85.83.128/25 maxlen: 25
95.85.83.0/25 maxlen: 25
91.196.139.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.136.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
93.179.94.0/24 maxlen: 24
93.179.93.0/24 maxlen: 24
93.179.121.0/24 maxlen: 24
93.179.120.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
93.179.69.0/24 maxlen: 24
93.179.68.0/23 maxlen: 23
93.179.66.0/24 maxlen: 24
95.181.213.0/24 maxlen: 24
95.181.212.0/23 maxlen: 23
2a04:8680::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 25 Nov 2023 19:45:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:97:59:dc:db:8b:ba:c4:15:15:7d:0b:33:79:a6:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: May 31 11:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4b112ecd965ddcb0ce023b0de347884dd63f452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c4:1f:35:ae:d0:0c:d2:ed:d8:cd:27:04:b1:
b7:c7:e1:b1:d0:bd:74:9c:f3:34:33:50:eb:41:e3:
71:2a:4e:21:97:59:f7:1b:7e:03:e3:1d:e3:1c:38:
43:d3:98:f4:58:61:5f:9c:5f:de:71:cf:d7:cf:3f:
61:ca:52:64:f5:f0:dc:ae:96:b3:96:d8:17:b9:bb:
65:51:e0:b2:bc:80:e3:6d:a3:04:43:b9:01:86:0f:
2f:87:5f:36:10:7f:71:97:54:98:64:a8:68:87:1a:
32:2e:36:8d:50:60:27:bb:c3:b3:de:ac:00:7b:39:
67:f5:d9:4a:3e:f8:cd:a8:31:50:83:78:1f:84:f1:
5b:20:e7:93:b1:4b:f5:7b:96:41:4e:79:a3:c5:68:
4c:ab:2c:af:b8:de:22:8c:3a:e7:02:1d:c6:c9:f4:
7c:4a:d8:df:1f:3f:22:36:52:fa:0d:af:dd:7d:04:
9f:0c:4f:8b:02:bf:e3:2b:d7:c1:86:89:ad:79:85:
24:ec:da:9c:47:d4:ee:30:2f:33:96:66:79:64:a6:
d2:8e:6f:f9:5d:be:97:68:e4:cd:4c:47:95:f5:c3:
9c:d2:c5:c7:b7:d4:f0:ba:af:9a:96:f0:75:08:1d:
b4:d5:30:a2:86:00:c0:01:95:10:36:16:75:f1:58:
30:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B1:12:EC:D9:65:DD:CB:0C:E0:23:B0:DE:34:78:84:DD:63:F4:52
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/1LES7Nll3csM4COw3jR4hN1j9FI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/22
93.179.66.0/24
93.179.68.0/23
93.179.93.0-93.179.94.255
93.179.120.0/23
95.85.83.0/24
95.181.212.0/23
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/32
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
ad:1a:a5:2a:e0:b3:80:3f:f1:ac:59:e6:94:5e:83:39:21:a9:
79:07:3f:3e:62:ba:dc:0e:ea:b0:6a:6f:7d:3b:f5:c6:1d:c8:
5e:c9:f8:10:c7:d1:ef:2e:ba:a5:ca:31:d4:47:24:85:68:22:
e8:d4:0a:26:3c:a0:98:46:34:b1:1a:c5:93:5d:76:72:0e:8c:
b9:2d:00:bd:4f:7e:f1:e0:ae:0f:eb:d8:5e:fa:bd:4a:62:06:
f8:39:aa:74:3c:4f:84:e1:71:36:c0:ed:a1:1d:09:18:91:eb:
c2:62:56:bf:bd:97:e9:ec:69:ca:9d:53:dc:1c:9e:3d:d6:91:
90:dd:55:bf:67:7c:5d:80:e0:2b:f6:f3:2b:23:cd:53:54:6e:
bf:03:92:f4:c8:2a:98:ea:68:7a:11:99:17:b5:ab:fd:88:62:
a4:73:42:9b:bf:8f:16:6b:ce:0c:8f:d8:7d:d3:f2:41:12:5a:
ed:02:ba:74:29:a6:f5:1e:51:4c:bf:4e:d8:cd:65:1e:f6:17:
89:75:02:44:cf:f6:99:32:46:94:84:eb:ed:e8:c4:72:c3:92:
77:98:8c:06:11:80:e5:49:cf:d2:85:f5:e1:44:f4:1c:3a:aa:
51:10:32:c4:47:d6:38:1b:12:6a:5e:e0:35:25:51:d4:16:9d:
e4:24:ff:7e
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYhxl1nc24u6xBUVfQszeaYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjMwNTMxMTEzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGIxMTJlY2Q5NjVkZGNiMGNlMDIzYjBkZTM0Nzg4NGRkNjNmNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncQfNa7QDNLt2M0nBLG3x+Gx0L10
nPM0M1DrQeNxKk4hl1n3G34D4x3jHDhD05j0WGFfnF/ecc/Xzz9hylJk9fDcrpaz
ltgXubtlUeCyvIDjbaMEQ7kBhg8vh182EH9xl1SYZKhohxoyLjaNUGAnu8Oz3qwA
ezln9dlKPvjNqDFQg3gfhPFbIOeTsUv1e5ZBTnmjxWhMqyyvuN4ijDrnAh3GyfR8
StjfHz8iNlL6Da/dfQSfDE+LAr/jK9fBhomteYUk7NqcR9TuMC8zlmZ5ZKbSjm/5
Xb6XaOTNTEeV9cOc0sXHt9Twuq+alvB1CB201TCihgDAAZUQNhZ18VgwxQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFNSxEuzZZd3LDOAjsN40eITdY/RSMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvMUxFUzdObGwzY3NNNENPdzNqUjRoTjFqOUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQCW8SIAwQA
XbNCAwQBXbNEMAwDBABds10DBABds14DBAFds3gDBABfVVMDBAFftdQDBABtxIUD
BADDtggwFAQCAAIwDgMFACoEhoADBQAqCdXAMA0GCSqGSIb3DQEBCwUAA4IBAQCt
GqUq4LOAP/GsWeaUXoM5Ial5Bz8+YrrcDuqwam99O/XGHcheyfgQx9HvLrqlyjHU
RySFaCLo1AomPKCYRjSxGsWTXXZyDoy5LQC9T37x4K4P69he+r1KYgb4Oap0PE+E
4XE2wO2hHQkYkevCYla/vZfp7GnKnVPcHJ491pGQ3VW/Z3xdgOAr9vMrI81TVG6/
A5L0yCqY6mh6EZkXtav9iGKkc0Kbv48Wa84Mj9h90/JBElrtArp0Kab1HlFMv07Y
zWUe9heJdQJEz/aZMkaUhOvt6MRyw5J3mIwGEYDlSc/ShfXhRPQcOqpREDLER9Y4
GxJqXuA1JVHUFp3kJP9+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:30 2024 by rpki-client on console-fra.rpki-client.org