Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Hf-Q_FxqKGtJLM7Fvnpw6axxxqY.roa
File: Hf-Q_FxqKGtJLM7Fvnpw6axxxqY.roa (raw, json)
Hash identifier: RAbeFoJHIOA5lReA3wI6/1i748x/dm7Fras16Hrq0Cc=
Subject key identifier: 1D:FF:90:FC:5C:6A:28:6B:49:2C:CE:C5:BE:7A:70:E9:AC:71:C6:A6
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0197613821F73A19B03FBD7E7ADB338535CC
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Hf-Q_FxqKGtJLM7Fvnpw6axxxqY.roa
Signing time: Wed 11 Jun 2025 22:59:17 +0000
ROA not before: Wed 11 Jun 2025 22:59:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.145.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 14:25:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:61:38:21:f7:3a:19:b0:3f:bd:7e:7a:db:33:85:35:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 11 22:59:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dff90fc5c6a286b492ccec5be7a70e9ac71c6a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:62:b4:94:49:e7:f5:b0:82:b5:6d:70:bb:7a:
f9:9c:74:02:3f:d0:7f:90:3d:7c:9e:f8:c3:5b:71:
de:1b:38:ea:7f:cb:d9:bf:35:68:de:8f:10:e9:7b:
da:c8:b2:ac:31:ab:d4:69:d6:81:32:00:44:48:2c:
46:d0:e0:0c:36:76:c1:74:f5:ad:d8:11:d6:d8:03:
d6:22:c3:29:60:5a:ca:71:06:09:1d:37:93:1b:29:
a6:9f:78:a1:d7:38:e4:92:4a:37:0e:f6:6c:2b:db:
23:16:b8:44:bb:f4:f1:b3:50:bb:1c:89:bd:dd:cb:
0a:af:e8:2d:29:b5:91:73:35:ea:e7:82:f5:47:c5:
c9:12:94:0e:4b:13:cb:da:22:cd:9e:66:32:ba:0d:
da:51:7c:d4:e5:6e:66:9e:ec:58:71:5d:3f:4d:32:
a1:17:c0:b4:f7:c0:a5:42:4c:cf:83:bd:b8:17:43:
30:23:a4:be:f7:57:37:f8:a2:d0:b9:40:a2:ed:58:
ac:c5:d9:c4:d2:b7:4a:ea:27:d7:da:df:6a:1f:7c:
4a:30:18:7c:87:4e:59:6b:ff:f2:0f:35:8c:65:5f:
38:cb:f1:58:af:66:3c:7b:47:83:1f:43:0e:0d:85:
6c:31:35:8d:50:ff:3d:c4:1d:9a:af:ad:5f:eb:37:
15:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FF:90:FC:5C:6A:28:6B:49:2C:CE:C5:BE:7A:70:E9:AC:71:C6:A6
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Hf-Q_FxqKGtJLM7Fvnpw6axxxqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.145.0/24
77.90.148.0/24
77.90.164.0/24
77.90.188.0/24
185.230.13.0/24
185.230.15.0/24
Signature Algorithm: sha256WithRSAEncryption
48:60:cf:98:c6:c7:4b:12:86:e3:ca:1f:89:c1:90:16:f5:29:
52:82:43:69:27:10:c2:b3:80:b0:6b:d7:8f:7c:39:9c:4a:5c:
c2:2e:77:35:fa:2b:fe:e6:d0:fa:76:cc:6f:91:f9:de:f3:1f:
14:6d:63:06:4d:dc:15:73:2a:5d:cf:25:00:25:49:1b:4e:be:
42:75:8d:b2:5a:0d:12:b8:0e:4d:39:ea:64:42:ad:d4:4f:81:
99:20:1f:19:31:60:ac:9b:8e:8b:31:f1:ed:77:ef:a5:a4:96:
9f:85:5c:52:ea:d8:bf:37:73:22:1c:ef:5d:96:aa:e8:7e:92:
69:1f:9b:cf:0b:43:c9:9f:89:cf:ba:01:a0:ac:86:5e:85:48:
0e:be:15:12:ab:d8:53:23:c9:ea:e8:b3:2e:90:01:68:a8:a3:
35:0e:a1:cb:50:a6:95:5e:af:14:8b:c8:63:72:79:c7:d4:11:
d2:b3:7c:a1:90:d7:5c:ce:43:5e:5b:f0:ff:71:ca:fc:db:61:
7d:54:53:b5:f0:b8:b4:eb:00:a1:20:ee:22:f6:10:43:29:9d:
69:7f:72:ff:64:76:c1:08:8e:28:de:5e:34:3a:09:15:fc:06:
30:10:9f:ad:ab:21:63:2a:3a:2e:e8:2f:f3:ce:4d:58:7f:de:
15:4c:ae:3b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZdhOCH3OhmwP71+etszhTXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwNjExMjI1OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGZmOTBmYzVjNmEyODZiNDkyY2NlYzViZTdhNzBlOWFjNzFjNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmK0lEnn9bCCtW1wu3r5nHQCP9B/
kD18nvjDW3HeGzjqf8vZvzVo3o8Q6XvayLKsMavUadaBMgBESCxG0OAMNnbBdPWt
2BHW2APWIsMpYFrKcQYJHTeTGymmn3ih1zjkkko3DvZsK9sjFrhEu/Txs1C7HIm9
3csKr+gtKbWRczXq54L1R8XJEpQOSxPL2iLNnmYyug3aUXzU5W5mnuxYcV0/TTKh
F8C098ClQkzPg724F0MwI6S+91c3+KLQuUCi7VisxdnE0rdK6ifX2t9qH3xKMBh8
h05Za//yDzWMZV84y/FYr2Y8e0eDH0MODYVsMTWNUP89xB2ar61f6zcVNwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB3/kPxcaihrSSzOxb56cOmsccamMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvSGYtUV9GeHFLR3RKTE03RnZucHc2YXh4eHFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATVqRAwQA
TVqUAwQATVqkAwQATVq8AwQAueYNAwQAueYPMA0GCSqGSIb3DQEBCwUAA4IBAQBI
YM+YxsdLEobjyh+JwZAW9SlSgkNpJxDCs4Cwa9ePfDmcSlzCLnc1+iv+5tD6dsxv
kfne8x8UbWMGTdwVcypdzyUAJUkbTr5CdY2yWg0SuA5NOepkQq3UT4GZIB8ZMWCs
m46LMfHtd++lpJafhVxS6ti/N3MiHO9dlqrofpJpH5vPC0PJn4nPugGgrIZehUgO
vhUSq9hTI8nq6LMukAFoqKM1DqHLUKaVXq8Ui8hjcnnH1BHSs3yhkNdczkNeW/D/
ccr822F9VFO18Li06wChIO4i9hBDKZ1pf3L/ZHbBCI4o3l40OgkV/AYwEJ+tqyFj
Kjou6C/zzk1Yf94VTK47
-----END CERTIFICATE-----
Generated at Wed Jun 18 21:58:33 2025 by rpki-client