Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/dc1850c6043c92ae92bbab8466f099b2662e37c4.roa
File: dc1850c6043c92ae92bbab8466f099b2662e37c4.roa (raw, json)
Hash identifier: j0l2JAaV++5atRmrDTf3gI5kzPDjunZh3O+rErAlG/g=
Subject key identifier: 1B:D4:98:7F:EA:BF:21:DC:F8:D3:FC:AA:D6:40:D5:52:DE:CE:61:07
Certificate issuer: /CN=ce64e257eae04ee26d8eb339f148791b31cc0875
Certificate serial: 151B49
Authority key identifier: 67:C6:3B:A4:47:A2:35:D2:28:1C:33:3E:9A:83:87:25:17:A4:B1:BE
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce64e257eae04ee26d8eb339f148791b31cc0875.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/dc1850c6043c92ae92bbab8466f099b2662e37c4.roa
Signing time: Mon 21 Feb 2022 05:45:59 +0000
ROA not before: Wed 24 Mar 2021 03:00:00 +0000
ROA not after: Tue 24 Mar 2026 03:00:00 +0000
asID: 23031
IP address blocks: 66.231.65.0/24 maxlen: 24
66.231.66.0/24 maxlen: 24
66.231.67.0/24 maxlen: 24
66.231.72.0/24 maxlen: 24
66.231.73.0/24 maxlen: 24
66.231.77.0/24 maxlen: 24
66.231.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1383241 (0x151b49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce64e257eae04ee26d8eb339f148791b31cc0875
Validity
Not Before: Mar 24 03:00:00 2021 GMT
Not After : Mar 24 03:00:00 2026 GMT
Subject: CN=dc1850c6043c92ae92bbab8466f099b2662e37c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:26:a4:0a:c4:a2:03:92:82:9d:74:97:d0:30:
e8:95:06:bc:7e:ec:cd:50:33:39:16:8f:cf:94:f7:
7c:c7:83:b0:f9:28:48:0f:d7:f5:21:47:42:cc:51:
c7:89:7a:04:40:57:e8:8c:89:44:38:ab:8b:32:97:
23:87:b3:a2:21:a2:16:7f:18:e5:1c:c9:e9:ae:38:
da:79:da:18:c5:7e:67:fb:37:53:7e:ac:61:d1:09:
c7:c0:33:43:ee:c5:6c:97:d2:52:6f:0f:28:f7:40:
1f:d3:bd:0f:30:55:7e:4f:b4:96:76:7c:39:ed:fc:
bb:b7:0f:b1:09:1b:97:d8:34:e3:20:b5:fe:38:15:
9d:80:3e:ec:ae:60:7f:18:3d:40:50:3c:da:8a:10:
3a:9e:5b:94:9b:a7:f4:86:c0:05:5d:c2:5d:5d:ea:
53:bf:2c:26:db:0e:4a:64:0f:bb:28:f5:f0:ee:b4:
ef:3e:3b:64:a7:70:40:96:65:96:9c:10:d4:5b:11:
82:e8:dc:77:3f:50:4a:8e:40:61:09:7a:45:0e:73:
c7:f9:f6:ee:01:0a:03:b7:2e:dc:86:b9:5d:4a:ef:
69:b1:ec:92:bb:31:2b:7b:a9:40:b3:5b:12:b9:62:
ba:47:0b:5b:43:d4:46:ce:6f:d6:cc:bb:cf:e5:41:
c5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D4:98:7F:EA:BF:21:DC:F8:D3:FC:AA:D6:40:D5:52:DE:CE:61:07
X509v3 Authority Key Identifier:
keyid:67:C6:3B:A4:47:A2:35:D2:28:1C:33:3E:9A:83:87:25:17:A4:B1:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce64e257eae04ee26d8eb339f148791b31cc0875.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/dc1850c6043c92ae92bbab8466f099b2662e37c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/ce64e257eae04ee26d8eb339f148791b31cc0875.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.231.65.0-66.231.67.255
66.231.72.0/23
66.231.76.0/23
Signature Algorithm: sha256WithRSAEncryption
66:b7:ef:ae:13:32:f7:80:5e:b7:e7:30:f6:41:70:3e:12:f1:
1a:dc:31:22:8c:a8:50:6f:44:00:69:93:11:85:ff:4c:a6:c3:
fc:97:5b:a9:86:54:4d:3b:e9:8e:53:e0:cb:9f:48:7a:43:50:
b6:75:06:84:e0:96:f8:88:33:e4:06:7f:6f:ac:bb:fb:4e:6f:
fb:db:7d:46:1e:e9:b8:01:0f:82:6a:89:9e:be:f2:50:d4:9a:
da:8d:e0:75:35:d3:c8:ed:b1:ff:24:17:54:35:27:b3:f6:07:
66:64:be:f3:0c:3f:7d:19:94:c4:2e:4e:08:cf:5e:5e:50:f7:
d1:7d:f9:6b:dd:2c:ed:77:62:46:7d:61:26:e6:b8:f6:19:9a:
e9:85:21:50:6f:c0:df:41:aa:59:a6:1c:d7:d7:eb:19:5a:a0:
ab:4c:1b:8f:ea:b9:a6:e3:30:3f:dc:2d:17:1d:8d:9f:6d:1a:
57:c0:5a:d7:f4:85:77:da:39:14:ad:58:b8:a2:f4:6e:63:b2:
ba:6a:f9:9e:d1:6e:fa:23:9e:ca:9a:74:0b:f2:86:7c:31:99:
65:2e:7d:c7:3d:dd:6e:06:03:9d:12:d3:ec:72:86:5f:9a:89:
79:c2:5e:c3:5c:b2:0d:31:4d:44:80:bc:f3:2c:32:b8:16:5b:
da:3f:63:d5
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIDFRtJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
NjRlMjU3ZWFlMDRlZTI2ZDhlYjMzOWYxNDg3OTFiMzFjYzA4NzUwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhkYzE4NTBjNjA0M2M5
MmFlOTJiYmFiODQ2NmYwOTliMjY2MmUzN2M0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjiakCsSiA5KCnXSX0DDolQa8fuzNUDM5Fo/PlPd8x4Ow+ShI
D9f1IUdCzFHHiXoEQFfojIlEOKuLMpcjh7OiIaIWfxjlHMnprjjaedoYxX5n+zdT
fqxh0QnHwDND7sVsl9JSbw8o90Af070PMFV+T7SWdnw57fy7tw+xCRuX2DTjILX+
OBWdgD7srmB/GD1AUDzaihA6nluUm6f0hsAFXcJdXepTvywm2w5KZA+7KPXw7rTv
Pjtkp3BAlmWWnBDUWxGC6Nx3P1BKjkBhCXpFDnPH+fbuAQoDty7chrldSu9pseyS
uzEre6lAs1sSuWK6RwtbQ9RGzm/WzLvP5UHFxwIDAQABo4ICbzCCAmswHQYDVR0O
BBYEFBvUmH/qvyHc+NP8qtZA1VLezmEHMB8GA1UdIwQYMBaAFGfGO6RHojXSKBwz
PpqDhyUXpLG+MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2U2NGUy
NTdlYWUwNGVlMjZkOGViMzM5ZjE0ODc5MWIzMWNjMDg3NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjViNjM3YzYtY2RjZi00MjNkLThjMGMtY2Q2MTVh
Yjk4YTI0L2RjMTg1MGM2MDQzYzkyYWU5MmJiYWI4NDY2ZjA5OWIyNjYyZTM3YzQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNWI2MzdjNi1jZGNmLTQyM2QtOGMwYy1jZDYx
NWFiOThhMjQvY2U2NGUyNTdlYWUwNGVlMjZkOGViMzM5ZjE0ODc5MWIzMWNjMDg3
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQk
MCIwIAQCAAEwGjAMAwQAQudBAwQCQudAAwQBQudIAwQBQudMMA0GCSqGSIb3DQEB
CwUAA4IBAQBmt++uEzL3gF635zD2QXA+EvEa3DEijKhQb0QAaZMRhf9MpsP8l1up
hlRNO+mOU+DLn0h6Q1C2dQaE4Jb4iDPkBn9vrLv7Tm/7231GHum4AQ+CaomevvJQ
1JrajeB1NdPI7bH/JBdUNSez9gdmZL7zDD99GZTELk4Iz15eUPfRfflr3Sztd2JG
fWEm5rj2GZrphSFQb8DfQapZphzX1+sZWqCrTBuP6rmm4zA/3C0XHY2fbRpXwFrX
9IV32jkUrVi4ovRuY7K6avme0W76I57KmnQL8oZ8MZllLn3HPd1uBgOdEtPscoZf
mol5wl7DXLINMU1EgLzzLDK4FlvaP2PV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:12 2023 by rpki-client on console-fra.rpki-client.org