Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b343a245-7eaf-4955-90fa-8e6d6fd43ab8/68ab2494fc11ac047b3dedcb5921b8fc9006561d.roa
File: 68ab2494fc11ac047b3dedcb5921b8fc9006561d.roa (raw, json)
Hash identifier: F2KoHxvIT4DrR3z4cpcuJlt8imXwVgDSxRrwg/NMFA8=
Subject key identifier: 8A:FA:22:7F:38:BF:4E:A2:78:13:11:60:EE:D4:81:B7:C2:4F:56:10
Certificate issuer: /CN=a5db578ddaaedcf4375740e85f5f51db4e193706
Certificate serial: 1EB5F9
Authority key identifier: 77:12:68:55:B2:AC:ED:4F:18:E8:4D:88:E8:D2:AF:63:B0:18:27:82
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a5db578ddaaedcf4375740e85f5f51db4e193706.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/b343a245-7eaf-4955-90fa-8e6d6fd43ab8/68ab2494fc11ac047b3dedcb5921b8fc9006561d.roa
Signing time: Fri 10 Mar 2023 16:03:12 +0000
ROA not before: Tue 23 Mar 2021 14:41:42 +0000
ROA not after: Tue 24 Mar 2026 14:41:42 +0000
asID: 52468
IP address blocks: 190.99.117.0/24 maxlen: 24
190.99.118.0/24 maxlen: 24
138.117.140.0/24 maxlen: 24
138.117.141.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2012665 (0x1eb5f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5db578ddaaedcf4375740e85f5f51db4e193706
Validity
Not Before: Mar 23 14:41:42 2021 GMT
Not After : Mar 24 14:41:42 2026 GMT
Subject: CN=68ab2494fc11ac047b3dedcb5921b8fc9006561d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e0:ac:09:bd:35:80:42:b0:d1:9d:a6:f5:7d:
b2:06:ae:1e:f2:56:4f:0c:37:c4:55:1d:e4:a7:ff:
63:3c:d8:1c:2d:f9:1a:13:67:81:b8:4b:86:5a:ee:
e5:eb:f0:7d:e2:57:79:6f:b0:b9:f5:ab:4d:f3:30:
69:f2:30:9a:a3:ea:36:bf:d8:a1:fb:2b:99:e5:5d:
b0:56:25:6a:bf:96:d3:40:bc:4e:f5:23:dc:55:5f:
17:4e:07:93:f4:95:65:da:02:17:3f:34:a4:bb:1b:
c4:52:06:94:74:c8:b0:7e:ce:0d:51:e3:aa:7a:a9:
71:29:b0:19:c3:da:91:08:f2:72:40:16:00:d7:8c:
21:71:4b:d6:e5:af:b4:55:05:51:91:05:06:c5:04:
f2:8f:60:43:53:c1:a0:6d:21:c3:61:ad:09:4d:32:
76:fe:57:4e:99:64:22:9a:ab:5a:72:02:5b:71:27:
1d:09:7f:bb:24:04:d1:de:2a:37:20:62:df:36:23:
d1:13:cc:17:23:63:a2:3b:5a:0c:a7:39:6c:8b:e4:
df:96:4e:4b:87:98:51:7a:f1:67:4f:d5:f8:a8:c8:
b7:1c:30:be:a1:4f:ad:44:4f:ee:53:04:47:ad:0b:
49:85:42:d9:58:1a:27:1d:22:5f:cc:d4:78:eb:48:
d8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:FA:22:7F:38:BF:4E:A2:78:13:11:60:EE:D4:81:B7:C2:4F:56:10
X509v3 Authority Key Identifier:
keyid:77:12:68:55:B2:AC:ED:4F:18:E8:4D:88:E8:D2:AF:63:B0:18:27:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a5db578ddaaedcf4375740e85f5f51db4e193706.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b343a245-7eaf-4955-90fa-8e6d6fd43ab8/68ab2494fc11ac047b3dedcb5921b8fc9006561d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/b343a245-7eaf-4955-90fa-8e6d6fd43ab8/a5db578ddaaedcf4375740e85f5f51db4e193706.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.117.140.0/23
190.99.117.0-190.99.118.255
Signature Algorithm: sha256WithRSAEncryption
58:7e:55:51:e7:70:b6:88:61:82:3c:32:8b:46:92:dd:69:fe:
d1:be:02:51:6f:bf:2b:04:46:25:ba:89:cc:d4:ed:49:71:ad:
ec:27:df:2b:3a:39:5c:af:ad:62:16:ed:02:cc:2a:33:66:a0:
bb:89:4c:d4:31:85:9d:88:7f:79:ff:58:df:c4:3e:07:45:9d:
90:0f:cc:51:52:8d:a8:4a:98:f4:d4:75:36:e4:c6:1d:24:fe:
3f:43:d3:de:19:c4:b0:45:05:9f:87:ea:32:b2:17:77:42:4b:
5b:a2:46:45:06:d0:f4:d2:36:45:32:0e:f4:45:8c:b3:2d:66:
1d:f7:3e:2e:1b:4c:46:3e:5a:98:5e:65:91:a4:39:cd:d6:f4:
ee:08:5e:fb:a9:e7:a0:e6:5f:9d:10:1f:81:20:1f:75:a6:44:
d8:34:83:50:e5:92:9b:a9:61:af:92:e5:66:7b:13:36:7f:8e:
be:96:14:62:69:5c:3f:2a:b4:87:25:01:b7:a3:4a:6f:04:88:
f9:71:ca:6b:c2:63:ad:41:76:da:ac:8a:10:6e:98:2b:78:72:
59:78:9b:03:4a:b4:6a:70:56:a8:e8:89:2a:20:28:27:03:5b:
be:a7:c6:02:99:89:9f:be:96:5f:55:a6:31:af:5d:f7:42:23:
bc:4f:9c:c0
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIDHrX5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
ZGI1NzhkZGFhZWRjZjQzNzU3NDBlODVmNWY1MWRiNGUxOTM3MDYwHhcNMjEwMzIz
MTQ0MTQyWhcNMjYwMzI0MTQ0MTQyWjAzMTEwLwYDVQQDEyg2OGFiMjQ5NGZjMTFh
YzA0N2IzZGVkY2I1OTIxYjhmYzkwMDY1NjFkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxeCsCb01gEKw0Z2m9X2yBq4e8lZPDDfEVR3kp/9jPNgcLfka
E2eBuEuGWu7l6/B94ld5b7C59atN8zBp8jCao+o2v9ih+yuZ5V2wViVqv5bTQLxO
9SPcVV8XTgeT9JVl2gIXPzSkuxvEUgaUdMiwfs4NUeOqeqlxKbAZw9qRCPJyQBYA
14whcUvW5a+0VQVRkQUGxQTyj2BDU8GgbSHDYa0JTTJ2/ldOmWQimqtacgJbcScd
CX+7JATR3io3IGLfNiPRE8wXI2OiO1oMpzlsi+Tflk5Lh5hRevFnT9X4qMi3HDC+
oU+tRE/uUwRHrQtJhULZWBonHSJfzNR460jYAQIDAQABo4ICaTCCAmUwHQYDVR0O
BBYEFIr6In84v06ieBMRYO7UgbfCT1YQMB8GA1UdIwQYMBaAFHcSaFWyrO1PGOhN
iOjSr2OwGCeCMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTVkYjU3
OGRkYWFlZGNmNDM3NTc0MGU4NWY1ZjUxZGI0ZTE5MzcwNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjM0M2EyNDUtN2VhZi00OTU1LTkwZmEtOGU2ZDZm
ZDQzYWI4LzY4YWIyNDk0ZmMxMWFjMDQ3YjNkZWRjYjU5MjFiOGZjOTAwNjU2MWQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iMzQzYTI0NS03ZWFmLTQ5NTUtOTBmYS04ZTZk
NmZkNDNhYjgvYTVkYjU3OGRkYWFlZGNmNDM3NTc0MGU4NWY1ZjUxZGI0ZTE5Mzcw
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQe
MBwwGgQCAAEwFAMEAYp1jDAMAwQAvmN1AwQAvmN2MA0GCSqGSIb3DQEBCwUAA4IB
AQBYflVR53C2iGGCPDKLRpLdaf7RvgJRb78rBEYluonM1O1Jca3sJ98rOjlcr61i
Fu0CzCozZqC7iUzUMYWdiH95/1jfxD4HRZ2QD8xRUo2oSpj01HU25MYdJP4/Q9Pe
GcSwRQWfh+oyshd3QktbokZFBtD00jZFMg70RYyzLWYd9z4uG0xGPlqYXmWRpDnN
1vTuCF77qeeg5l+dEB+BIB91pkTYNINQ5ZKbqWGvkuVmexM2f46+lhRiaVw/KrSH
JQG3o0pvBIj5ccprwmOtQXbarIoQbpgreHJZeJsDSrRqcFao6IkqICgnA1u+p8YC
mYmfvpZfVaYxr133QiO8T5zA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:36 2023 by rpki-client on console-fra.rpki-client.org