Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/DukIO-8Ai_CUVBdIwA4pivfZ_ek.roa
File: DukIO-8Ai_CUVBdIwA4pivfZ_ek.roa (raw, json)
Hash identifier: 9B6nDblQne3qAzIvQtIOyuisnQQ1Rcf8xA1vGJb8+AQ=
Subject key identifier: 0E:E9:08:3B:EF:00:8B:F0:94:54:17:48:C0:0E:29:8A:F7:D9:FD:E9
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01856ECB75CB62414801673C9090493048A1
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/DukIO-8Ai_CUVBdIwA4pivfZ_ek.roa
Signing time: Sun 01 Jan 2023 19:25:05 +0000
ROA not before: Sun 01 Jan 2023 19:25:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41219
IP address blocks: 185.101.104.0/24 maxlen: 24
185.101.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Oct 2023 06:07:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:75:cb:62:41:48:01:67:3c:90:90:49:30:48:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 19:25:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ee9083bef008bf094541748c00e298af7d9fde9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cb:b6:5c:bb:db:c2:9b:9e:aa:a6:80:94:56:
ed:f1:0a:47:89:85:2a:bd:8d:a9:b7:b2:22:b0:ae:
05:54:8c:19:5f:7f:ec:36:a2:b2:d7:bf:d4:e0:98:
16:a1:c3:a3:d1:71:67:f1:90:17:8a:84:6c:4e:d2:
9a:8f:f4:f8:69:d3:b7:8d:f0:00:56:7b:47:35:2a:
ec:a4:7e:1e:86:bc:53:a2:76:31:cb:08:54:1b:31:
fb:2e:bf:c3:8e:8c:41:22:91:34:99:25:b1:42:58:
d3:18:19:32:51:99:9a:7f:e9:c3:d5:69:b4:5e:23:
73:43:66:dd:ef:88:ea:b7:13:e9:2d:20:38:83:ae:
92:64:b7:f7:70:d6:f0:3a:12:cb:9c:b1:02:30:a9:
65:e2:0f:68:35:5b:e9:98:04:76:6f:45:79:f0:ae:
c9:7f:ae:a5:f7:b7:5f:b4:98:0f:bc:d0:5a:70:fc:
46:b6:ec:9e:16:71:de:b7:ad:fb:7c:88:69:48:60:
c4:19:1e:23:cc:a9:a0:d1:49:0f:3a:a3:ce:9a:ee:
e4:a9:3b:f5:3b:99:64:9f:9f:0c:77:79:51:09:0b:
23:6f:ad:9e:98:39:10:cb:65:1b:70:20:e7:77:7e:
a7:13:da:5a:78:8a:84:38:dc:c2:8c:de:d3:5e:48:
92:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E9:08:3B:EF:00:8B:F0:94:54:17:48:C0:0E:29:8A:F7:D9:FD:E9
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/DukIO-8Ai_CUVBdIwA4pivfZ_ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.104.0/23
Signature Algorithm: sha256WithRSAEncryption
06:26:62:e8:26:9d:11:c3:99:6d:a0:5a:41:ff:d8:a3:aa:3b:
c7:8d:d2:3f:70:3e:8c:91:ea:67:a7:1c:a8:47:0e:80:dd:60:
43:82:95:c8:2e:ce:c6:fd:60:74:97:ac:5b:e7:83:77:75:61:
fd:2d:b4:2f:43:ea:98:5f:23:da:17:b7:3a:54:9c:29:ff:0f:
8a:a0:5b:6c:3b:f6:1f:09:42:d6:73:4f:bc:5a:d9:a4:df:6a:
45:10:91:53:67:4a:d8:7f:e2:5b:43:a1:23:11:0d:c7:f7:62:
17:bd:1b:b3:28:57:11:73:10:0c:60:82:b3:02:af:06:52:41:
3e:bd:78:1f:96:a7:07:61:1c:b2:66:3b:c6:46:64:44:b2:02:
07:b6:a1:66:7d:a9:a9:5f:a0:49:fb:70:40:8b:45:94:e4:c4:
8d:b8:29:e3:f9:85:1f:b7:ea:3f:c5:3f:90:bf:b7:34:c0:65:
d9:ea:79:0b:1c:73:c7:64:21:30:bb:77:23:2c:bf:46:d9:03:
cb:3f:0e:26:93:a5:89:e2:57:19:11:7c:f3:48:e5:7c:4c:1b:
99:3e:5e:cf:0f:fe:95:b2:6d:29:e0:4b:e5:e2:49:b7:05:5c:
20:0e:e6:e1:5a:09:21:de:47:b4:c4:de:fb:dd:3c:fa:b2:fd:
a3:72:85:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy3XLYkFIAWc8kJBJMEihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwMTAxMTkyNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWU5MDgzYmVmMDA4YmYwOTQ1NDE3NDhjMDBlMjk4YWY3ZDlmZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8u2XLvbwpueqqaAlFbt8QpHiYUq
vY2pt7IisK4FVIwZX3/sNqKy17/U4JgWocOj0XFn8ZAXioRsTtKaj/T4adO3jfAA
VntHNSrspH4ehrxTonYxywhUGzH7Lr/DjoxBIpE0mSWxQljTGBkyUZmaf+nD1Wm0
XiNzQ2bd74jqtxPpLSA4g66SZLf3cNbwOhLLnLECMKll4g9oNVvpmAR2b0V58K7J
f66l97dftJgPvNBacPxGtuyeFnHet637fIhpSGDEGR4jzKmg0UkPOqPOmu7kqTv1
O5lkn58Md3lRCQsjb62emDkQy2UbcCDnd36nE9paeIqEONzCjN7TXkiSaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7pCDvvAIvwlFQXSMAOKYr32f3pMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvRHVrSU8tOEFpX0NVVkJkSXdBNHBpdmZaX2VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWVoMA0G
CSqGSIb3DQEBCwUAA4IBAQAGJmLoJp0Rw5ltoFpB/9ijqjvHjdI/cD6Mkepnpxyo
Rw6A3WBDgpXILs7G/WB0l6xb54N3dWH9LbQvQ+qYXyPaF7c6VJwp/w+KoFtsO/Yf
CULWc0+8Wtmk32pFEJFTZ0rYf+JbQ6EjEQ3H92IXvRuzKFcRcxAMYIKzAq8GUkE+
vXgflqcHYRyyZjvGRmREsgIHtqFmfampX6BJ+3BAi0WU5MSNuCnj+YUft+o/xT+Q
v7c0wGXZ6nkLHHPHZCEwu3cjLL9G2QPLPw4mk6WJ4lcZEXzzSOV8TBuZPl7PD/6V
sm0p4Evl4km3BVwgDubhWgkh3ke0xN773Tz6sv2jcoUB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org