Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a7caa4b1-1c6d-48ab-9405-96b5c18284c5/65e10ace125f65abd45dc6c3ca7ad14f32c4cb68.roa
File: 65e10ace125f65abd45dc6c3ca7ad14f32c4cb68.roa (raw, json)
Hash identifier: LavP10hvS2pTfBQTLk8c4JBPYQnSyU7irylpN17V8wM=
Subject key identifier: 2C:AB:C8:60:0B:2F:BD:A2:87:9A:B5:DF:51:72:2D:23:EB:A3:FA:2A
Certificate issuer: /CN=f0b0fcc180bba84bf5319f1223a5e1cfe1b1a47e
Certificate serial: 1FE4C7
Authority key identifier: 87:F8:D4:35:76:20:56:6B:10:27:8C:92:DC:36:C0:19:51:36:F4:1C
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f0b0fcc180bba84bf5319f1223a5e1cfe1b1a47e.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/a7caa4b1-1c6d-48ab-9405-96b5c18284c5/65e10ace125f65abd45dc6c3ca7ad14f32c4cb68.roa
Signing time: Wed 29 Mar 2023 12:29:49 +0000
ROA not before: Mon 22 Mar 2021 03:00:00 +0000
ROA not after: Tue 24 Mar 2026 03:00:00 +0000
asID: 14187
IP address blocks: 200.47.172.0/22 maxlen: 24
200.47.216.0/22 maxlen: 24
201.220.32.0/20 maxlen: 24
200.85.224.0/20 maxlen: 24
200.85.240.0/20 maxlen: 24
201.220.48.0/20 maxlen: 24
2800:1d0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 26 Mar 2024 19:26:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2090183 (0x1fe4c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0b0fcc180bba84bf5319f1223a5e1cfe1b1a47e
Validity
Not Before: Mar 22 03:00:00 2021 GMT
Not After : Mar 24 03:00:00 2026 GMT
Subject: CN=65e10ace125f65abd45dc6c3ca7ad14f32c4cb68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9e:28:ff:76:01:d6:45:2b:c3:a3:be:ee:d1:
43:6b:07:9b:19:33:b5:28:fa:65:08:e0:39:30:64:
05:fd:ee:dd:89:39:99:d5:67:25:0d:dc:ee:86:0e:
fe:91:55:da:97:77:d1:7c:4f:19:21:44:62:84:dd:
1e:f6:5c:f2:3c:81:59:27:d5:2e:0d:61:8c:27:1c:
04:ed:6d:a8:80:07:7d:fb:c2:05:4f:22:44:86:6e:
b2:58:72:0d:2f:50:4d:ed:03:91:bf:63:fe:a5:37:
fc:9d:04:0d:3c:76:fe:25:ba:e2:3d:7c:f4:97:f4:
a6:73:ae:d7:68:ed:44:56:97:f4:90:77:b2:a3:a9:
38:ea:99:ec:ff:d0:01:28:12:bf:c0:6a:3b:64:e3:
0a:b0:0c:ab:1e:c4:a6:be:96:a0:51:f4:51:6a:4d:
df:67:75:d8:81:44:05:2c:80:b4:eb:1f:d4:56:2d:
6e:20:a3:2a:83:3f:f4:dd:10:13:69:56:f6:c2:58:
62:86:a5:eb:65:a2:79:b6:df:6c:a3:ef:ff:71:8a:
0f:63:b2:e5:b9:80:59:43:e1:4e:c1:6f:e7:e7:3e:
86:1d:79:4e:91:84:f0:b5:56:c4:89:46:1f:20:f8:
55:43:eb:34:de:1d:8f:3d:6a:21:2d:15:b1:f0:3d:
38:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:AB:C8:60:0B:2F:BD:A2:87:9A:B5:DF:51:72:2D:23:EB:A3:FA:2A
X509v3 Authority Key Identifier:
keyid:87:F8:D4:35:76:20:56:6B:10:27:8C:92:DC:36:C0:19:51:36:F4:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f0b0fcc180bba84bf5319f1223a5e1cfe1b1a47e.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a7caa4b1-1c6d-48ab-9405-96b5c18284c5/65e10ace125f65abd45dc6c3ca7ad14f32c4cb68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/a7caa4b1-1c6d-48ab-9405-96b5c18284c5/f0b0fcc180bba84bf5319f1223a5e1cfe1b1a47e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.47.172.0/22
200.47.216.0/22
200.85.224.0/19
201.220.32.0/19
IPv6:
2800:1d0::/32
Signature Algorithm: sha256WithRSAEncryption
4b:36:be:44:cb:7d:a3:71:aa:b8:e8:10:22:bb:64:bc:33:b5:
74:64:00:71:43:45:54:f1:51:2d:b5:4a:c2:a4:fd:4a:dd:60:
ee:e5:c6:a5:92:27:3f:e8:2d:b5:13:5c:37:fc:90:42:38:ba:
f6:71:17:45:ce:2d:51:74:bc:2b:e1:89:d4:d5:d8:e7:58:c4:
50:22:3c:e4:b0:cc:6a:fd:b8:4d:4d:f2:c0:2a:ba:93:cc:64:
d0:c7:13:4c:60:02:54:7f:ca:93:a4:07:b1:fa:dc:c0:1d:8c:
73:e4:e6:ba:2a:c8:a6:3b:d8:d3:9f:48:34:d2:df:79:23:5a:
4a:37:7e:dc:05:d7:5d:17:98:2a:16:cd:68:5f:f9:e2:b9:5c:
fa:bd:37:09:f4:62:06:0c:1c:4d:c4:95:22:ed:c7:3f:8b:7e:
6d:06:88:a4:61:49:ef:75:85:9c:d0:2b:2a:86:1f:81:50:50:
29:53:13:ab:a4:8b:9e:22:3a:39:d8:ff:62:f5:2f:ac:7a:39:
92:8e:19:44:e3:4a:96:f5:f9:2e:6c:19:f5:cf:ba:2a:17:b2:
83:96:fa:7e:92:f1:0e:31:15:e4:be:64:a9:25:27:20:3f:85:
4b:26:30:19:2d:51:45:36:01:14:91:43:5b:2a:39:1a:7c:32:
2f:36:2d:84
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIDH+THMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGYw
YjBmY2MxODBiYmE4NGJmNTMxOWYxMjIzYTVlMWNmZTFiMWE0N2UwHhcNMjEwMzIy
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg2NWUxMGFjZTEyNWY2
NWFiZDQ1ZGM2YzNjYTdhZDE0ZjMyYzRjYjY4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlp4o/3YB1kUrw6O+7tFDawebGTO1KPplCOA5MGQF/e7diTmZ
1WclDdzuhg7+kVXal3fRfE8ZIURihN0e9lzyPIFZJ9UuDWGMJxwE7W2ogAd9+8IF
TyJEhm6yWHINL1BN7QORv2P+pTf8nQQNPHb+JbriPXz0l/Smc67XaO1EVpf0kHey
o6k46pns/9ABKBK/wGo7ZOMKsAyrHsSmvpagUfRRak3fZ3XYgUQFLIC06x/UVi1u
IKMqgz/03RATaVb2wlhihqXrZaJ5tt9so+//cYoPY7LluYBZQ+FOwW/n5z6GHXlO
kYTwtVbEiUYfIPhVQ+s03h2PPWohLRWx8D04zQIDAQABo4ICfDCCAngwHQYDVR0O
BBYEFCyryGALL72ih5q131FyLSPro/oqMB8GA1UdIwQYMBaAFIf41DV2IFZrECeM
ktw2wBlRNvQcMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjBiMGZj
YzE4MGJiYTg0YmY1MzE5ZjEyMjNhNWUxY2ZlMWIxYTQ3ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTdjYWE0YjEtMWM2ZC00OGFiLTk0MDUtOTZiNWMx
ODI4NGM1LzY1ZTEwYWNlMTI1ZjY1YWJkNDVkYzZjM2NhN2FkMTRmMzJjNGNiNjgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hN2NhYTRiMS0xYzZkLTQ4YWItOTQwNS05NmI1
YzE4Mjg0YzUvZjBiMGZjYzE4MGJiYTg0YmY1MzE5ZjEyMjNhNWUxY2ZlMWIxYTQ3
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEAsgvrAMEAsgv2AMEBchV4AMEBcncIDANBAIAAjAHAwUAKAAB
0DANBgkqhkiG9w0BAQsFAAOCAQEASza+RMt9o3GquOgQIrtkvDO1dGQAcUNFVPFR
LbVKwqT9St1g7uXGpZInP+gttRNcN/yQQji69nEXRc4tUXS8K+GJ1NXY51jEUCI8
5LDMav24TU3ywCq6k8xk0McTTGACVH/Kk6QHsfrcwB2Mc+TmuirIpjvY059INNLf
eSNaSjd+3AXXXReYKhbNaF/54rlc+r03CfRiBgwcTcSVIu3HP4t+bQaIpGFJ73WF
nNArKoYfgVBQKVMTq6SLniI6Odj/YvUvrHo5ko4ZRONKlvX5LmwZ9c+6Kheyg5b6
fpLxDjEV5L5kqSUnID+FSyYwGS1RRTYBFJFDWyo5GnwyLzYthA==
-----END CERTIFICATE-----
Generated at Tue Mar 26 23:06:34 2024 by rpki-client on console-fra.rpki-client.org