Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vn-2CP-u87vQsZ3PYsr-_QKMrJU.roa
File: vn-2CP-u87vQsZ3PYsr-_QKMrJU.roa (raw, json)
Hash identifier: CwOKsidjtbMIwIRjGlnPJJWrjV5eB1N112Oia4W46U0=
Subject key identifier: BE:7F:B6:08:FF:AE:F3:BB:D0:B1:9D:CF:62:CA:FE:FD:02:8C:AC:95
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01911261F576213EF99201C8599E5EA70244
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vn-2CP-u87vQsZ3PYsr-_QKMrJU.roa
Signing time: Fri 02 Aug 2024 09:18:15 +0000
ROA not before: Fri 02 Aug 2024 09:18:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 09 Aug 2024 18:37:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:61:f5:76:21:3e:f9:92:01:c8:59:9e:5e:a7:02:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 2 09:18:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be7fb608ffaef3bbd0b19dcf62cafefd028cac95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e4:24:f4:f2:81:cb:ed:76:aa:cf:06:55:f3:
1a:57:ad:5a:8c:39:9c:6a:01:b2:02:6d:df:7e:53:
46:9a:05:31:ca:fb:73:95:08:c5:d0:9c:5b:09:55:
4f:78:aa:a9:9e:6a:90:fa:3b:46:95:8b:d9:b7:ef:
19:6b:42:16:47:85:7c:17:05:8a:e0:d0:13:13:87:
fd:38:7f:ed:22:25:4b:98:78:0a:89:a1:68:e2:37:
8a:bf:04:c6:8e:f5:0c:c6:2b:1e:bd:e8:ca:f1:e3:
83:cc:00:1a:7c:01:5e:f0:aa:64:df:24:ac:a0:67:
84:c9:47:b9:b7:30:e2:30:8f:c6:41:aa:88:94:f4:
db:e5:f2:e3:a5:8c:cc:c1:10:92:54:e8:f5:d0:e6:
fd:1e:cc:dc:d1:9d:b8:32:44:c0:55:45:aa:3b:68:
6d:3a:a1:2d:38:e0:c2:7b:42:a6:e9:a0:05:c7:e8:
24:f3:55:b6:46:0f:55:3d:05:c6:3a:40:f9:21:2d:
1c:a6:9b:f3:0e:dc:e4:2d:12:9d:e6:8c:9c:87:e4:
ea:58:4d:83:7e:ca:7a:e1:2b:c2:de:e2:c4:cf:a5:
b7:92:ff:3a:e9:45:c0:c3:85:d7:d2:9b:1c:b1:d2:
61:aa:dd:5e:26:32:d9:61:e4:e8:0e:2e:e9:e5:c8:
43:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:7F:B6:08:FF:AE:F3:BB:D0:B1:9D:CF:62:CA:FE:FD:02:8C:AC:95
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vn-2CP-u87vQsZ3PYsr-_QKMrJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0-77.90.154.255
185.230.14.0/24
213.209.138.0/24
213.209.143.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
aa:bc:f9:c0:a8:81:51:e8:15:fa:5a:d7:af:ae:e0:c9:0c:aa:
36:19:ec:5e:53:09:70:89:8c:3b:2b:a0:cb:9f:95:c0:8a:e2:
5a:f4:7b:0b:27:99:af:f5:49:cc:bd:d2:a1:2f:5f:89:8b:f4:
bd:15:fd:71:e4:61:a7:bc:29:90:28:a8:20:0d:97:7c:60:85:
cd:c0:9b:d2:38:52:64:bf:a3:db:08:18:d2:37:2e:96:4b:de:
21:fd:c9:1a:8b:eb:76:ae:92:6d:3b:82:37:84:2f:fd:3e:c9:
7b:d1:be:3f:02:26:62:c1:4b:03:73:75:ec:03:29:d7:29:43:
31:0c:22:7e:ee:bb:32:4a:8e:f2:46:d5:d6:e2:24:77:80:41:
71:a3:18:43:9a:33:51:09:67:45:67:74:0d:9e:8a:b5:6d:7c:
d6:fe:9f:1d:28:ac:f7:ac:82:36:4c:2e:3a:5e:7b:81:b9:bb:
d2:93:3a:57:c3:66:a3:5b:ba:17:8e:b5:cf:53:21:69:68:17:
a6:ef:a2:22:3b:51:4a:d7:32:3a:e8:da:41:23:ff:84:2f:f6:
21:32:48:7b:40:de:6a:06:0f:89:3f:9c:af:0c:36:0b:c6:5c:
ec:30:05:2e:d9:68:b7:c7:6f:72:ae:30:8b:ea:92:53:4d:8d:
92:73:9b:0b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZESYfV2IT75kgHIWZ5epwJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwODAyMDkxODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTdmYjYwOGZmYWVmM2JiZDBiMTlkY2Y2MmNhZmVmZDAyOGNhYzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuQk9PKBy+12qs8GVfMaV61ajDmc
agGyAm3fflNGmgUxyvtzlQjF0JxbCVVPeKqpnmqQ+jtGlYvZt+8Za0IWR4V8FwWK
4NATE4f9OH/tIiVLmHgKiaFo4jeKvwTGjvUMxisevejK8eODzAAafAFe8Kpk3ySs
oGeEyUe5tzDiMI/GQaqIlPTb5fLjpYzMwRCSVOj10Ob9Hszc0Z24MkTAVUWqO2ht
OqEtOODCe0Km6aAFx+gk81W2Rg9VPQXGOkD5IS0cppvzDtzkLRKd5oych+TqWE2D
fsp64SvC3uLEz6W3kv866UXAw4XX0pscsdJhqt1eJjLZYeToDi7p5chDhQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFL5/tgj/rvO70LGdz2LK/v0CjKyVMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvdm4tMkNQLXU4N3ZRc1ozUFlzci1fUUtNckpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDB4BAIAATByMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiDAMAwQATVqLAwQATVqMMAwDBAFN
Wo4DBABNWpAwDAMEAU1akgMEAE1alDAMAwQATVqZAwQATVqaAwQAueYOAwQA1dGK
AwQA1dGPAwQA1dGWMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsF
AAOCAQEAqrz5wKiBUegV+lrXr67gyQyqNhnsXlMJcImMOyugy5+VwIriWvR7CyeZ
r/VJzL3SoS9fiYv0vRX9ceRhp7wpkCioIA2XfGCFzcCb0jhSZL+j2wgY0jculkve
If3JGovrdq6SbTuCN4Qv/T7Je9G+PwImYsFLA3N17AMp1ylDMQwifu67MkqO8kbV
1uIkd4BBcaMYQ5ozUQlnRWd0DZ6KtW181v6fHSis96yCNkwuOl57gbm70pM6V8Nm
o1u6F461z1MhaWgXpu+iIjtRStcyOujaQSP/hC/2ITJIe0DeagYPiT+crww2C8Zc
7DAFLtlot8dvcq4wi+qSU02NknObCw==
-----END CERTIFICATE-----
Generated at Fri Aug 9 20:50:42 2024 by rpki-client on console-fra.rpki-client.org