Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/0pen-07CT0sXSUJ1i8_R5c8SMhU.roa
File: 0pen-07CT0sXSUJ1i8_R5c8SMhU.roa (raw, json)
Hash identifier: 24/dvTeK6EDf+29JUOLVODAuhNJDdzralBT5/GbskrU=
Subject key identifier: D2:97:A7:FB:4E:C2:4F:4B:17:49:42:75:8B:CF:D1:E5:CF:12:32:15
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 0197E1DA3775EF110081139C16AA29E901C3
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/0pen-07CT0sXSUJ1i8_R5c8SMhU.roa
Signing time: Sun 06 Jul 2025 22:27:44 +0000
ROA not before: Sun 06 Jul 2025 22:27:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204154
IP address blocks: 46.17.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Jul 2025 16:11:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:da:37:75:ef:11:00:81:13:9c:16:aa:29:e9:01:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 6 22:27:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d297a7fb4ec24f4b174942758bcfd1e5cf123215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ae:38:c7:06:c7:eb:45:1b:88:3f:48:81:90:
c2:b1:9b:b6:24:6b:13:5a:21:ac:0f:ae:7c:4d:a3:
dc:b3:56:42:72:cc:d5:d8:cf:ee:f7:81:f1:fd:7c:
9d:09:14:8e:ea:d1:89:8a:28:7a:58:b9:c8:06:09:
bf:ca:c4:c8:9d:54:19:2f:b7:1e:6d:8c:37:17:63:
7f:0e:90:cd:b4:37:70:a7:d3:2d:79:be:e7:4d:81:
47:e4:35:7a:ce:65:9f:c4:69:2c:82:f1:fd:ef:67:
ca:8e:5c:3e:91:9a:75:d3:39:6f:2b:48:8d:b8:24:
46:5c:e9:c1:17:b6:4c:b7:fb:38:0f:17:aa:7a:63:
62:dc:d2:49:5e:4a:61:7e:a4:e9:ec:58:f0:f8:4e:
68:9d:ed:75:34:3e:8e:6a:0d:2a:6f:98:0b:03:04:
c7:ff:c4:24:93:2b:3f:2d:82:88:70:84:63:7e:dd:
08:73:ff:2d:b9:92:4c:e9:c6:b8:20:5a:ff:2b:2c:
21:90:79:10:51:b3:65:43:c5:7d:53:70:3f:1f:d7:
e6:43:07:a9:03:91:4d:bd:a0:d7:81:b7:ed:49:da:
91:3e:36:11:f1:31:a1:62:b6:f7:93:5c:95:59:a7:
61:74:b3:85:92:a5:c6:63:18:fe:1a:b1:9b:87:59:
f6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:97:A7:FB:4E:C2:4F:4B:17:49:42:75:8B:CF:D1:E5:CF:12:32:15
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/0pen-07CT0sXSUJ1i8_R5c8SMhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.107.0/24
Signature Algorithm: sha256WithRSAEncryption
03:16:da:3c:22:aa:44:c9:95:18:79:43:19:74:f3:3c:f8:2e:
2d:02:af:06:18:0c:73:22:fd:9a:2e:d8:7e:90:cc:19:ae:d5:
4a:08:ce:44:db:06:1c:44:d0:af:85:04:83:af:0f:38:21:12:
d9:93:0a:a0:0d:8b:79:27:3d:ee:15:6c:b2:98:55:36:e1:de:
82:63:70:18:9b:2b:64:2c:d6:66:d0:fc:49:13:18:70:c3:41:
b2:94:0b:62:26:56:51:49:16:83:b4:ac:89:ae:a6:a1:a0:ab:
fd:f5:4a:3a:95:b2:37:45:5a:63:3c:3f:59:de:c8:ba:cc:42:
fa:2b:f1:e8:a3:de:a9:84:67:69:9b:da:94:5d:10:05:ad:c0:
2a:bd:9b:51:ed:b7:e3:48:86:97:95:d4:f8:e2:a7:4b:1a:32:
b2:58:fc:08:1a:d2:93:20:de:79:4d:04:bf:a6:4a:ec:36:c5:
0d:d9:ce:e1:4b:9b:29:9f:b4:e5:f0:ec:20:20:ed:ca:95:d5:
ab:70:05:b8:31:fc:da:92:4f:ca:37:e6:a0:4a:0f:6a:03:9c:
65:ca:54:e7:f3:68:1e:b2:41:49:f6:a3:4c:c8:1a:62:79:21:
ed:c5:0f:1d:cc:f4:ea:0d:82:33:a6:40:40:14:1a:fb:fc:4d:
1e:28:0a:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfh2jd17xEAgROcFqop6QHDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzA2MjIyNzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjk3YTdmYjRlYzI0ZjRiMTc0OTQyNzU4YmNmZDFlNWNmMTIzMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq44xwbH60UbiD9IgZDCsZu2JGsT
WiGsD658TaPcs1ZCcszV2M/u94Hx/XydCRSO6tGJiih6WLnIBgm/ysTInVQZL7ce
bYw3F2N/DpDNtDdwp9Mteb7nTYFH5DV6zmWfxGksgvH972fKjlw+kZp10zlvK0iN
uCRGXOnBF7ZMt/s4DxeqemNi3NJJXkphfqTp7Fjw+E5one11ND6Oag0qb5gLAwTH
/8Qkkys/LYKIcIRjft0Ic/8tuZJM6ca4IFr/KywhkHkQUbNlQ8V9U3A/H9fmQwep
A5FNvaDXgbftSdqRPjYR8TGhYrb3k1yVWadhdLOFkqXGYxj+GrGbh1n2ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKXp/tOwk9LF0lCdYvP0eXPEjIVMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvMHBlbi0wN0NUMHNYU1VKMWk4X1I1YzhTTWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhFrMA0G
CSqGSIb3DQEBCwUAA4IBAQADFto8IqpEyZUYeUMZdPM8+C4tAq8GGAxzIv2aLth+
kMwZrtVKCM5E2wYcRNCvhQSDrw84IRLZkwqgDYt5Jz3uFWyymFU24d6CY3AYmytk
LNZm0PxJExhww0GylAtiJlZRSRaDtKyJrqahoKv99Uo6lbI3RVpjPD9Z3si6zEL6
K/Hoo96phGdpm9qUXRAFrcAqvZtR7bfjSIaXldT44qdLGjKyWPwIGtKTIN55TQS/
pkrsNsUN2c7hS5spn7Tl8OwgIO3KldWrcAW4Mfzakk/KN+agSg9qA5xlylTn82ge
skFJ9qNMyBpieSHtxQ8dzPTqDYIzpkBAFBr7/E0eKAq8
-----END CERTIFICATE-----
Generated at Mon Jul 21 00:22:05 2025 by rpki-client