Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/01B9FFB08E5EBB01D7F54A4F3D203CA08AEA4FD2A200E9168C68E53F60DECC47/0/32342e3135322e35382e302f32332d3233203d3e20323730303033.roa
File: 32342e3135322e35382e302f32332d3233203d3e20323730303033.roa (raw, json)
Hash identifier: NPDmv+MPeXfpbtkVjdChJ3qIdvjitmPuoZDcGP7TZds=
Subject key identifier: 79:83:57:F0:94:F6:D3:AD:A5:FC:8C:6D:B7:69:07:E7:AD:3F:58:CF
Certificate issuer: /CN=66BA51E5AD3A5CC255E600193211E3B420DACCCB
Certificate serial: 38CFAEA9AD09EA601C176C0BE248C13AE4AFD884
Authority key identifier: 66:BA:51:E5:AD:3A:5C:C2:55:E6:00:19:32:11:E3:B4:20:DA:CC:CB
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/66BA51E5AD3A5CC255E600193211E3B420DACCCB.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/01B9FFB08E5EBB01D7F54A4F3D203CA08AEA4FD2A200E9168C68E53F60DECC47/0/32342e3135322e35382e302f32332d3233203d3e20323730303033.roa
Signing time: Mon 25 Nov 2024 20:00:00 +0000
ROA not before: Mon 25 Nov 2024 19:55:00 +0000
ROA not after: Mon 24 Nov 2025 20:00:00 +0000
asID: 270003
IP address blocks: 24.152.58.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:cf:ae:a9:ad:09:ea:60:1c:17:6c:0b:e2:48:c1:3a:e4:af:d8:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66BA51E5AD3A5CC255E600193211E3B420DACCCB
Validity
Not Before: Nov 25 19:55:00 2024 GMT
Not After : Nov 24 20:00:00 2025 GMT
Subject: CN=798357F094F6D3ADA5FC8C6DB76907E7AD3F58CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6c:39:90:f3:d5:2c:2c:6f:c7:46:d1:ef:f3:
48:5d:c9:80:fa:f9:c9:5b:48:2a:f6:91:5b:f4:ae:
2a:8e:f5:a0:8c:9a:e9:75:e9:a0:51:88:d1:98:58:
70:0c:7b:cb:52:2c:9b:25:02:a6:4a:f2:19:a6:d8:
b6:71:d1:2d:cb:ae:39:96:df:8e:98:1f:47:ac:70:
aa:98:51:c5:cd:a8:2e:81:2f:32:32:66:92:36:dc:
f9:3f:e1:fe:cf:f7:6c:3e:1f:f9:c0:12:f5:59:49:
8d:7b:8c:30:24:74:2e:da:c0:29:d0:8a:29:b4:94:
3b:f1:1f:b1:79:3e:8e:97:15:2b:d3:4b:6a:bf:f8:
80:e8:8b:24:00:77:44:c2:31:66:a6:32:69:6e:1a:
37:f7:2b:5a:44:d8:b1:76:59:a9:42:4e:f6:79:3d:
0c:88:fd:0b:f4:33:a9:4a:9e:d5:56:0f:bd:76:77:
dc:b1:3f:82:0a:e4:aa:80:6e:b9:a8:c6:04:db:56:
0c:be:8d:af:2b:83:50:d2:cd:bd:0d:9a:af:9a:f5:
76:d3:e9:31:1e:39:8b:3c:2b:03:75:64:c8:f9:65:
bf:97:08:59:ce:76:ba:97:31:a5:d8:51:01:4d:c2:
f4:2b:94:f1:0d:ac:72:00:c8:87:eb:52:7b:84:44:
5a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:83:57:F0:94:F6:D3:AD:A5:FC:8C:6D:B7:69:07:E7:AD:3F:58:CF
X509v3 Authority Key Identifier:
keyid:66:BA:51:E5:AD:3A:5C:C2:55:E6:00:19:32:11:E3:B4:20:DA:CC:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/01B9FFB08E5EBB01D7F54A4F3D203CA08AEA4FD2A200E9168C68E53F60DECC47/0/66BA51E5AD3A5CC255E600193211E3B420DACCCB.crl
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/66BA51E5AD3A5CC255E600193211E3B420DACCCB.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/01B9FFB08E5EBB01D7F54A4F3D203CA08AEA4FD2A200E9168C68E53F60DECC47/0/32342e3135322e35382e302f32332d3233203d3e20323730303033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.152.58.0/23
Signature Algorithm: sha256WithRSAEncryption
91:28:dc:be:aa:28:d6:32:a9:b7:2f:b9:7e:e0:b9:65:84:dc:
57:69:06:75:21:13:39:66:9e:56:70:0a:0b:05:04:eb:cf:84:
36:2a:2d:59:46:1a:c6:1d:1e:90:09:0d:89:59:0a:98:9c:9e:
c7:23:73:a7:11:20:bf:49:96:3f:4a:92:9f:3c:59:3f:ed:34:
0b:45:24:52:3b:e5:f2:e5:7f:f7:90:20:f4:b4:fc:84:3d:58:
b5:9d:7a:2e:05:6b:8d:5b:aa:7d:81:d1:f8:79:1d:3c:99:d4:
a8:77:3c:1f:58:bb:6e:2a:5b:ef:34:1c:f7:d5:0f:5a:bd:33:
03:86:1d:1a:78:3b:5c:3c:e1:d4:b8:ad:3f:e1:ef:04:41:10:
42:96:10:b3:61:ac:e4:bf:f0:61:53:e8:ac:5b:77:f1:95:76:
37:4a:bc:86:0f:2e:fa:98:4e:18:03:d9:69:82:de:20:74:d8:
e7:90:78:79:37:df:6c:33:9e:5f:dc:0f:94:70:01:ee:16:78:
16:41:e9:26:60:7a:21:07:bd:1d:9e:ea:94:3e:57:a1:08:f2:
9b:46:7e:a9:98:a1:a0:df:1b:d7:08:ac:1c:2f:6b:17:26:ae:
fb:e4:c4:fd:2c:da:3b:ac:92:90:37:e0:04:43:a8:ce:22:63:
22:75:b6:47
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUOM+uqa0J6mAcF2wL4kjBOuSv2IQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjZCQTUxRTVBRDNBNUNDMjU1RTYwMDE5MzIxMUUzQjQy
MERBQ0NDQjAeFw0yNDExMjUxOTU1MDBaFw0yNTExMjQyMDAwMDBaMDMxMTAvBgNV
BAMTKDc5ODM1N0YwOTRGNkQzQURBNUZDOEM2REI3NjkwN0U3QUQzRjU4Q0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+bDmQ89UsLG/HRtHv80hdyYD6
+clbSCr2kVv0riqO9aCMmul16aBRiNGYWHAMe8tSLJslAqZK8hmm2LZx0S3LrjmW
346YH0escKqYUcXNqC6BLzIyZpI23Pk/4f7P92w+H/nAEvVZSY17jDAkdC7awCnQ
iim0lDvxH7F5Po6XFSvTS2q/+IDoiyQAd0TCMWamMmluGjf3K1pE2LF2WalCTvZ5
PQyI/Qv0M6lKntVWD712d9yxP4IK5KqAbrmoxgTbVgy+ja8rg1DSzb0Nmq+a9XbT
6TEeOYs8KwN1ZMj5Zb+XCFnOdrqXMaXYUQFNwvQrlPENrHIAyIfrUnuERFoZAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUeYNX8JT2062l/Ixtt2kH560/WM8wHwYDVR0j
BBgwFoAUZrpR5a06XMJV5gAZMhHjtCDazMswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMUI5RkZCMDhFNUVCQjAxRDdGNTRBNEYzRDIwM0NBMDhB
RUE0RkQyQTIwMEU5MTY4QzY4RTUzRjYwREVDQzQ3LzAvNjZCQTUxRTVBRDNBNUND
MjU1RTYwMDE5MzIxMUUzQjQyMERBQ0NDQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NkJBNTFFNUFEM0E1Q0MyNTVF
NjAwMTkzMjExRTNCNDIwREFDQ0NCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDFCOUZGQjA4RTVFQkIwMUQ3RjU0QTRGM0QyMDNDQTA4QUVBNEZEMkEy
MDBFOTE2OEM2OEU1M0Y2MERFQ0M0Ny8wLzMyMzQyZTMxMzUzMjJlMzUzODJlMzAy
ZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzczMDMwMzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEARiYOjAN
BgkqhkiG9w0BAQsFAAOCAQEAkSjcvqoo1jKpty+5fuC5ZYTcV2kGdSETOWaeVnAK
CwUE68+ENiotWUYaxh0ekAkNiVkKmJyexyNzpxEgv0mWP0qSnzxZP+00C0UkUjvl
8uV/95Ag9LT8hD1YtZ16LgVrjVuqfYHR+HkdPJnUqHc8H1i7bipb7zQc99UPWr0z
A4YdGng7XDzh1LitP+HvBEEQQpYQs2Gs5L/wYVPorFt38ZV2N0q8hg8u+phOGAPZ
aYLeIHTY55B4eTffbDOeX9wPlHAB7hZ4FkHpJmB6IQe9HZ7qlD5XoQjym0Z+qZih
oN8b1wisHC9rFyau++TE/SzaO6ySkDfgBEOoziJjInW2Rw==
-----END CERTIFICATE-----
Generated at Wed Dec 18 20:33:18 2024 by rpki-client on console-ams.rpki-client.org