Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/XoDE-1vvGih4BaiDaOmEPDUR8Cc.roa
File: XoDE-1vvGih4BaiDaOmEPDUR8Cc.roa (raw, json)
Hash identifier: ZuaFADNW4hHkDp2JSz1M3pj1Qt5ghZ4AqFI+HvCc2Ac=
Subject key identifier: 5E:80:C4:FB:5B:EF:1A:28:78:05:A8:83:68:E9:84:3C:35:11:F0:27
Certificate issuer: /CN=0ff8f94454f6ca6a7d70be455b2d6405f98fbcce
Certificate serial: 01856F1D8CB26E07E92A267B7DCA7013A12A
Authority key identifier: 0F:F8:F9:44:54:F6:CA:6A:7D:70:BE:45:5B:2D:64:05:F9:8F:BC:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_j5RFT2ymp9cL5FWy1kBfmPvM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/XoDE-1vvGih4BaiDaOmEPDUR8Cc.roa
Signing time: Sun 01 Jan 2023 20:54:45 +0000
ROA not before: Sun 01 Jan 2023 20:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42807
IP address blocks: 94.199.200.0/23 maxlen: 23
94.199.200.0/22 maxlen: 22
94.199.205.0/24 maxlen: 24
94.199.204.0/24 maxlen: 24
94.199.206.0/24 maxlen: 24
94.199.207.0/24 maxlen: 24
141.98.204.0/22 maxlen: 22
88.218.129.0/24 maxlen: 24
88.218.128.0/24 maxlen: 24
5.253.140.0/22 maxlen: 22
152.89.36.0/22 maxlen: 22
37.230.104.0/21 maxlen: 21
37.230.106.0/23 maxlen: 23
37.230.110.0/23 maxlen: 23
92.119.76.0/22 maxlen: 22
178.157.8.0/21 maxlen: 21
185.99.196.0/22 maxlen: 22
185.15.40.0/22 maxlen: 22
31.207.84.0/24 maxlen: 24
31.207.83.0/24 maxlen: 24
31.207.85.0/24 maxlen: 24
31.207.80.0/24 maxlen: 24
31.207.82.0/24 maxlen: 24
31.207.81.0/24 maxlen: 24
31.207.87.0/24 maxlen: 24
31.207.86.0/24 maxlen: 24
213.159.0.0/21 maxlen: 21
213.159.28.0/22 maxlen: 22
213.159.31.0/24 maxlen: 24
171.22.184.0/22 maxlen: 22
109.232.216.0/21 maxlen: 21
109.232.216.0/23 maxlen: 23
109.232.219.0/24 maxlen: 24
109.232.218.0/24 maxlen: 24
109.232.222.0/24 maxlen: 24
109.232.221.0/24 maxlen: 24
109.232.223.0/24 maxlen: 24
2a03:adc0:1::/48 maxlen: 48
2a03:adc1::/32 maxlen: 32
2a03:adc0:2::/48 maxlen: 48
2a03:adc0::/48 maxlen: 48
2a03:adc2::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:8c:b2:6e:07:e9:2a:26:7b:7d:ca:70:13:a1:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff8f94454f6ca6a7d70be455b2d6405f98fbcce
Validity
Not Before: Jan 1 20:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e80c4fb5bef1a287805a88368e9843c3511f027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:08:cd:19:26:f1:43:49:71:ff:54:91:25:ff:
e4:d5:de:e6:5d:42:70:be:b4:78:e4:3c:74:46:1f:
16:a1:bc:66:98:2a:f1:fe:66:6b:81:01:b3:c5:e5:
10:54:ca:8a:e5:5c:c7:5f:54:fc:a1:86:55:ff:72:
5c:bd:ba:ba:8f:bd:2e:1a:f7:17:af:98:7f:90:a4:
a0:e7:cd:2f:ee:41:f0:bf:e1:8e:d1:a0:17:44:bc:
ec:cc:3d:b7:97:5c:51:66:b5:9e:69:ae:45:21:43:
86:29:95:61:89:5e:8d:56:26:69:6c:c3:6f:6b:7c:
5d:5b:59:46:94:e3:05:3c:33:5c:98:a0:3f:20:b5:
0c:b0:31:5e:f0:ad:6d:7e:e6:ee:96:04:a2:5a:2c:
81:11:49:44:db:2e:a9:94:23:59:b5:aa:4a:8f:1f:
15:50:fa:8e:6e:03:96:94:c6:a4:84:d8:bd:2a:d8:
8d:50:ed:53:bb:90:eb:ac:8c:5f:a3:7d:47:cb:1f:
d8:a2:d5:82:63:b1:b3:8b:10:80:f4:35:2f:1e:16:
6a:f3:50:43:8d:58:8c:6d:01:f9:43:fa:ac:f2:a3:
27:1b:d2:05:d1:e2:e5:d6:d0:ea:b7:6f:09:dc:a0:
6a:e4:c6:ce:f3:e8:90:6c:a0:84:d8:38:0a:83:a8:
8e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:80:C4:FB:5B:EF:1A:28:78:05:A8:83:68:E9:84:3C:35:11:F0:27
X509v3 Authority Key Identifier:
keyid:0F:F8:F9:44:54:F6:CA:6A:7D:70:BE:45:5B:2D:64:05:F9:8F:BC:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_j5RFT2ymp9cL5FWy1kBfmPvM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/XoDE-1vvGih4BaiDaOmEPDUR8Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/D_j5RFT2ymp9cL5FWy1kBfmPvM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.140.0/22
31.207.80.0/21
37.230.104.0/21
88.218.128.0/23
92.119.76.0/22
94.199.200.0/21
109.232.216.0/21
141.98.204.0/22
152.89.36.0/22
171.22.184.0/22
178.157.8.0/21
185.15.40.0/22
185.99.196.0/22
213.159.0.0/21
213.159.28.0/22
IPv6:
2a03:adc0::-2a03:adc0:2:ffff:ffff:ffff:ffff:ffff
2a03:adc1::-2a03:adc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0a:25:02:f3:5f:ef:55:e1:2d:8c:f8:73:12:a9:71:67:f8:9f:
16:85:b9:51:ac:88:e1:18:3a:73:19:12:f6:e6:4a:09:2f:c2:
33:4e:8c:d2:a9:39:42:c2:17:ce:9e:b9:90:e1:97:94:2a:fa:
30:c4:d4:30:d8:8f:5c:cc:e6:f5:c2:eb:6d:49:3a:1d:1a:c7:
76:f3:f0:70:7a:7d:34:43:09:dd:54:dd:84:96:ff:cb:bb:f0:
55:c4:12:28:6d:b6:90:c4:36:f2:dd:2a:da:cf:40:05:f7:a2:
d6:1a:a7:0c:a4:34:3c:c3:66:cc:03:47:97:bb:58:42:9c:41:
9b:35:0b:3f:3a:0d:cd:c4:ec:50:94:34:0b:42:5a:ac:44:58:
78:6b:c3:62:c2:03:a8:b7:bf:69:b7:d4:8f:31:cc:07:7f:8f:
f5:83:30:3c:0d:16:33:06:93:7a:b1:78:72:4e:61:30:6d:7b:
15:a5:a4:2d:42:5e:24:ed:85:a7:49:25:0a:35:2a:75:7f:fc:
d5:5b:fd:8a:50:7f:a9:df:05:95:d9:8d:1a:c2:c8:18:f5:d7:
12:28:bf:53:f6:3a:f3:5b:75:07:ba:57:4e:8b:73:1e:e3:11:
58:f4:7a:a2:7e:0b:ec:76:5b:84:c7:78:41:c6:a0:4a:9e:3d:
ad:ba:e4:5d
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYVvHYyybgfpKiZ7fcpwE6EqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjhmOTQ0NTRmNmNhNmE3ZDcwYmU0NTViMmQ2NDA1Zjk4
ZmJjY2UwHhcNMjMwMTAxMjA1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTgwYzRmYjViZWYxYTI4NzgwNWE4ODM2OGU5ODQzYzM1MTFmMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugjNGSbxQ0lx/1SRJf/k1d7mXUJw
vrR45Dx0Rh8WobxmmCrx/mZrgQGzxeUQVMqK5VzHX1T8oYZV/3Jcvbq6j70uGvcX
r5h/kKSg580v7kHwv+GO0aAXRLzszD23l1xRZrWeaa5FIUOGKZVhiV6NViZpbMNv
a3xdW1lGlOMFPDNcmKA/ILUMsDFe8K1tfubulgSiWiyBEUlE2y6plCNZtapKjx8V
UPqObgOWlMakhNi9KtiNUO1Tu5DrrIxfo31Hyx/YotWCY7GzixCA9DUvHhZq81BD
jViMbQH5Q/qs8qMnG9IF0eLl1tDqt28J3KBq5MbO8+iQbKCE2DgKg6iOKwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFF6AxPtb7xooeAWog2jphDw1EfAnMB8GA1UdIwQY
MBaAFA/4+URU9spqfXC+RVstZAX5j7zOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9qNVJGVDJ5bXA5Y0w1Rld5MWtCZm1Qdk00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMWIxZGYtNzUwYS00NzMyLWI3ODMt
ZTg2MTlhYTc1NjgwLzEvWG9ERS0xdnZHaWg0QmFpRGFPbUVQRFVSOENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMWIxZGYtNzUwYS00NzMyLWI3ODMtZTg2MTlhYTc1Njgw
LzEvRF9qNVJGVDJ5bXA5Y0w1Rld5MWtCZm1Qdk00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDBgBAIAATBaAwQCBf2M
AwQDH89QAwQDJeZoAwQBWNqAAwQCXHdMAwQDXsfIAwQDbejYAwQCjWLMAwQCmFkk
AwQCqxa4AwQDsp0IAwQCuQ8oAwQCuWPEAwQD1Z8AAwQC1Z8cMCgEAgACMCIwEAMF
BioDrcADBwAqA63AAAIwDgMFACoDrcEDBQAqA63CMA0GCSqGSIb3DQEBCwUAA4IB
AQAKJQLzX+9V4S2M+HMSqXFn+J8WhblRrIjhGDpzGRL25koJL8IzTozSqTlCwhfO
nrmQ4ZeUKvowxNQw2I9czOb1wuttSTodGsd28/Bwen00QwndVN2Elv/Lu/BVxBIo
bbaQxDby3Sraz0AF96LWGqcMpDQ8w2bMA0eXu1hCnEGbNQs/Og3NxOxQlDQLQlqs
RFh4a8NiwgOot79pt9SPMcwHf4/1gzA8DRYzBpN6sXhyTmEwbXsVpaQtQl4k7YWn
SSUKNSp1f/zVW/2KUH+p3wWV2Y0awsgY9dcSKL9T9jrzW3UHuldOi3Me4xFY9Hqi
fgvsdluEx3hBxqBKnj2tuuRd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:15 2023 by rpki-client on console-fra.rpki-client.org