Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/uYST-R1VCa1nkCbgNf5eul_FVz0.roa
File: uYST-R1VCa1nkCbgNf5eul_FVz0.roa (raw, json)
Hash identifier: S1oKCmzZMf9D6tXzAhbC+DOsODz5Q8Mt3t1FForkEWM=
Subject key identifier: B9:84:93:F9:1D:55:09:AD:67:90:26:E0:35:FE:5E:BA:5F:C5:57:3D
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 0196164DAEF63FE49781462F246A2CDD5E81
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/uYST-R1VCa1nkCbgNf5eul_FVz0.roa
Signing time: Tue 08 Apr 2025 16:48:31 +0000
ROA not before: Tue 08 Apr 2025 16:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54600
IP address blocks: 116.204.164.0/23 maxlen: 23
116.204.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Apr 2025 16:39:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:16:4d:ae:f6:3f:e4:97:81:46:2f:24:6a:2c:dd:5e:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Apr 8 16:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b98493f91d5509ad679026e035fe5eba5fc5573d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:26:8e:8a:1d:96:b0:00:98:e3:54:74:d0:29:
95:6b:8b:6e:ce:8e:5e:69:1b:da:32:c0:c1:a9:d0:
7c:db:cf:1f:76:66:bb:e3:4b:19:06:b3:2e:be:d2:
9b:8a:c7:fc:b5:d1:92:00:b0:d6:fc:c8:64:7d:c8:
a8:91:c3:5d:33:91:5f:37:e4:87:8b:ce:45:5f:41:
13:b2:b1:bb:36:1c:20:ec:38:65:80:59:1b:a4:7f:
a5:6f:dd:cd:ec:1e:9b:59:3c:56:96:2d:cd:0d:0a:
07:24:b5:be:e7:e9:9f:81:db:89:5d:00:e1:f3:20:
bb:cf:75:dc:84:e2:3a:96:05:74:51:f6:a0:3f:98:
eb:92:1f:79:19:df:9d:9d:a0:15:5c:4c:f4:c4:a5:
81:c9:18:47:15:4d:80:42:89:74:e3:91:3a:15:11:
79:1c:10:a3:13:63:71:1e:0d:0a:15:33:1f:18:25:
f1:1e:6b:b8:0b:34:b0:04:59:34:7b:4c:8a:1d:80:
d3:f6:93:ce:5d:d4:21:a2:8b:4a:c4:40:b7:db:72:
d9:cb:7b:44:f8:f0:82:47:fa:ba:25:bd:96:9f:65:
61:43:01:2f:91:cb:75:d4:81:36:cf:e3:0f:f5:16:
d4:22:f0:94:24:70:be:4d:35:78:86:4e:21:c9:38:
6e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:84:93:F9:1D:55:09:AD:67:90:26:E0:35:FE:5E:BA:5F:C5:57:3D
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/uYST-R1VCa1nkCbgNf5eul_FVz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.204.164.0-116.204.166.255
Signature Algorithm: sha256WithRSAEncryption
6e:cf:9a:f8:52:69:0f:d0:29:60:50:2b:21:e8:65:65:14:ad:
02:98:9b:91:27:96:49:e5:24:80:f7:fd:53:e3:f8:a1:2a:78:
f1:7a:59:be:ed:ae:ac:f4:11:f2:cd:62:8b:3c:40:85:08:3d:
90:a4:a8:ef:cf:05:42:8a:ab:09:33:2b:b9:f1:1d:48:19:f9:
2f:c7:43:c6:86:c7:34:6e:48:3e:1e:fe:e8:e3:e1:3f:05:eb:
71:04:fd:43:e6:5f:4f:81:2b:c2:f7:43:0e:2b:e0:d4:9d:81:
bf:a7:0e:45:97:17:fd:09:43:00:bf:18:4a:75:d0:04:61:ee:
5f:5a:7a:fb:ac:dc:02:57:a7:bb:3b:50:19:6b:23:89:ee:37:
0e:80:0c:c2:29:14:8b:c0:29:83:db:75:8b:1b:8b:04:93:5c:
35:38:35:f1:07:32:9a:a4:4e:53:7e:6d:a4:84:f4:60:23:9f:
4c:35:33:51:99:70:ce:a2:32:d2:3a:65:1b:4d:a4:75:a7:5e:
9a:67:3d:75:6f:ac:4e:ec:5b:a7:69:34:c0:92:a4:3b:f0:08:
9d:ce:ba:29:d6:ef:8d:7b:34:92:aa:eb:bb:3c:45:6a:fd:32:
9b:43:f4:d4:b1:68:de:17:f9:4e:8e:ef:f1:c7:65:6e:86:ba:
9f:95:cb:db
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZYWTa72P+SXgUYvJGos3V6BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjUwNDA4MTY0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTg0OTNmOTFkNTUwOWFkNjc5MDI2ZTAzNWZlNWViYTVmYzU1NzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iaOih2WsACY41R00CmVa4tuzo5e
aRvaMsDBqdB8288fdma740sZBrMuvtKbisf8tdGSALDW/MhkfciokcNdM5FfN+SH
i85FX0ETsrG7Nhwg7DhlgFkbpH+lb93N7B6bWTxWli3NDQoHJLW+5+mfgduJXQDh
8yC7z3XchOI6lgV0UfagP5jrkh95Gd+dnaAVXEz0xKWByRhHFU2AQol045E6FRF5
HBCjE2NxHg0KFTMfGCXxHmu4CzSwBFk0e0yKHYDT9pPOXdQhootKxEC323LZy3tE
+PCCR/q6Jb2Wn2VhQwEvkct11IE2z+MP9RbUIvCUJHC+TTV4hk4hyThuUwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLmEk/kdVQmtZ5Am4DX+XrpfxVc9MB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvdVlTVC1SMVZDYTFua0NiZ05mNWV1bF9GVnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJ0zKQD
BAB0zKYwDQYJKoZIhvcNAQELBQADggEBAG7PmvhSaQ/QKWBQKyHoZWUUrQKYm5En
lknlJID3/VPj+KEqePF6Wb7trqz0EfLNYos8QIUIPZCkqO/PBUKKqwkzK7nxHUgZ
+S/HQ8aGxzRuSD4e/ujj4T8F63EE/UPmX0+BK8L3Qw4r4NSdgb+nDkWXF/0JQwC/
GEp10ARh7l9aevus3AJXp7s7UBlrI4nuNw6ADMIpFIvAKYPbdYsbiwSTXDU4NfEH
MpqkTlN+baSE9GAjn0w1M1GZcM6iMtI6ZRtNpHWnXppnPXVvrE7sW6dpNMCSpDvw
CJ3OuinW7417NJKq67s8RWr9MptD9NSxaN4X+U6O7/HHZW6Gup+Vy9s=
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:31:24 2025 by rpki-client