Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/01B9FFB08E5EBB01D7F54A4F3D203CA08AEA4FD2A200E9168C68E53F60DECC47/0/32342e3135322e35382e302f32342d3234203d3e20323637383233.roa
File: 32342e3135322e35382e302f32342d3234203d3e20323637383233.roa (raw, json)
Hash identifier: mSS6oFDwJrBxkKMVtnBheoidZGQ1UhxvPEHdqz7Z90M=
Subject key identifier: 76:FB:43:01:C6:1D:6F:B6:EE:D1:C2:F7:6B:02:75:0A:BE:89:20:C1
Certificate issuer: /CN=66BA51E5AD3A5CC255E600193211E3B420DACCCB
Certificate serial: 495FB775DDB0AC872699888D4496A4FDEB472958
Authority key identifier: 66:BA:51:E5:AD:3A:5C:C2:55:E6:00:19:32:11:E3:B4:20:DA:CC:CB
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/66BA51E5AD3A5CC255E600193211E3B420DACCCB.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/01B9FFB08E5EBB01D7F54A4F3D203CA08AEA4FD2A200E9168C68E53F60DECC47/0/32342e3135322e35382e302f32342d3234203d3e20323637383233.roa
Signing time: Sat 14 Dec 2024 14:45:00 +0000
ROA not before: Sat 14 Dec 2024 14:40:00 +0000
ROA not after: Sat 13 Dec 2025 14:45:00 +0000
asID: 267823
IP address blocks: 24.152.58.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:5f:b7:75:dd:b0:ac:87:26:99:88:8d:44:96:a4:fd:eb:47:29:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66BA51E5AD3A5CC255E600193211E3B420DACCCB
Validity
Not Before: Dec 14 14:40:00 2024 GMT
Not After : Dec 13 14:45:00 2025 GMT
Subject: CN=76FB4301C61D6FB6EED1C2F76B02750ABE8920C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:27:bb:fc:b7:b6:a0:c0:59:6a:17:9f:23:76:
02:4d:fd:55:9e:23:e5:44:42:57:9c:ba:5e:fe:75:
79:ee:d3:08:d8:88:bc:ee:26:2a:6b:ce:79:01:2f:
04:e9:95:96:7d:98:8c:5a:fe:1e:29:ba:c8:27:4c:
1f:62:39:80:fe:b0:8a:03:47:c2:59:22:34:35:30:
79:4e:86:9b:87:1a:fb:56:60:d5:85:3b:11:02:cb:
e1:c5:65:d2:de:8a:f1:8d:11:b5:bf:01:e5:b2:7d:
22:60:e0:5a:d6:38:eb:db:99:cc:68:b1:cf:db:00:
e4:5d:f2:a7:13:fe:cd:f0:c7:c5:f4:11:d1:aa:04:
0b:23:7a:10:5e:31:1b:7c:b9:64:bc:13:b2:7c:07:
02:a8:50:7f:77:9a:c9:a4:5e:17:35:33:a8:54:ba:
da:fb:68:d6:2e:37:71:2c:ef:57:8f:64:89:28:5b:
8f:68:1b:8b:c8:7b:5d:d4:3e:64:b8:eb:72:1b:af:
58:2f:55:1c:6f:9c:2e:f0:c3:5d:39:b5:11:32:62:
23:e5:a9:cd:3a:7e:38:3f:2d:a2:a6:7a:3b:b5:04:
73:76:3c:6e:ac:64:55:84:d8:e2:b7:9b:28:90:5d:
fd:5d:6a:a7:19:86:9d:61:1e:d2:67:58:3c:02:96:
06:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:FB:43:01:C6:1D:6F:B6:EE:D1:C2:F7:6B:02:75:0A:BE:89:20:C1
X509v3 Authority Key Identifier:
keyid:66:BA:51:E5:AD:3A:5C:C2:55:E6:00:19:32:11:E3:B4:20:DA:CC:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/01B9FFB08E5EBB01D7F54A4F3D203CA08AEA4FD2A200E9168C68E53F60DECC47/0/66BA51E5AD3A5CC255E600193211E3B420DACCCB.crl
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/66BA51E5AD3A5CC255E600193211E3B420DACCCB.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/01B9FFB08E5EBB01D7F54A4F3D203CA08AEA4FD2A200E9168C68E53F60DECC47/0/32342e3135322e35382e302f32342d3234203d3e20323637383233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.152.58.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:4a:31:9f:58:aa:f5:99:da:68:fc:a2:60:4b:3a:59:40:f6:
f6:81:64:59:d6:41:23:7f:7e:46:3c:e3:c5:bc:d7:18:89:0f:
c2:e5:25:f5:67:f5:bb:29:25:fb:47:e8:e7:5c:ac:d1:05:0b:
e7:24:05:49:eb:6c:fe:52:73:3c:0a:c4:4e:fc:61:9f:48:88:
61:52:f8:3c:5a:f5:fc:8f:81:c2:05:ae:e1:b9:7b:2d:77:10:
ef:1f:ca:2a:af:2f:fa:f3:1d:5b:f3:41:66:31:0c:1a:a6:eb:
7b:39:13:14:71:59:df:e3:c2:67:c2:e0:9c:7f:4e:1a:e8:49:
f6:1b:a7:02:19:19:78:d0:a4:04:cd:bd:8b:ef:5b:67:06:f0:
78:15:42:a4:e2:ec:09:4a:65:a0:f2:88:7d:d6:01:53:b4:ab:
69:8b:46:75:4c:bd:3a:0d:f4:94:36:f7:69:d3:00:b6:56:3c:
56:72:6a:ee:56:fa:41:b5:e1:e5:d1:f4:96:8c:2a:2f:8d:3e:
3a:1f:03:82:43:b7:dd:91:d5:72:62:2b:bd:66:47:c0:90:02:
99:11:ec:3d:92:fb:1f:3d:cf:44:a8:24:8a:61:54:a0:fb:b1:
7b:1f:f7:fa:f1:dc:9e:ad:8d:40:a4:de:06:9c:de:d7:46:76:
14:87:c5:1a
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUSV+3dd2wrIcmmYiNRJak/etHKVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjZCQTUxRTVBRDNBNUNDMjU1RTYwMDE5MzIxMUUzQjQy
MERBQ0NDQjAeFw0yNDEyMTQxNDQwMDBaFw0yNTEyMTMxNDQ1MDBaMDMxMTAvBgNV
BAMTKDc2RkI0MzAxQzYxRDZGQjZFRUQxQzJGNzZCMDI3NTBBQkU4OTIwQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVJ7v8t7agwFlqF58jdgJN/VWe
I+VEQlecul7+dXnu0wjYiLzuJiprznkBLwTplZZ9mIxa/h4pusgnTB9iOYD+sIoD
R8JZIjQ1MHlOhpuHGvtWYNWFOxECy+HFZdLeivGNEbW/AeWyfSJg4FrWOOvbmcxo
sc/bAORd8qcT/s3wx8X0EdGqBAsjehBeMRt8uWS8E7J8BwKoUH93msmkXhc1M6hU
utr7aNYuN3Es71ePZIkoW49oG4vIe13UPmS463Ibr1gvVRxvnC7ww105tREyYiPl
qc06fjg/LaKmeju1BHN2PG6sZFWE2OK3myiQXf1daqcZhp1hHtJnWDwClgYRAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUdvtDAcYdb7bu0cL3awJ1Cr6JIMEwHwYDVR0j
BBgwFoAUZrpR5a06XMJV5gAZMhHjtCDazMswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMUI5RkZCMDhFNUVCQjAxRDdGNTRBNEYzRDIwM0NBMDhB
RUE0RkQyQTIwMEU5MTY4QzY4RTUzRjYwREVDQzQ3LzAvNjZCQTUxRTVBRDNBNUND
MjU1RTYwMDE5MzIxMUUzQjQyMERBQ0NDQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NkJBNTFFNUFEM0E1Q0MyNTVF
NjAwMTkzMjExRTNCNDIwREFDQ0NCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDFCOUZGQjA4RTVFQkIwMUQ3RjU0QTRGM0QyMDNDQTA4QUVBNEZEMkEy
MDBFOTE2OEM2OEU1M0Y2MERFQ0M0Ny8wLzMyMzQyZTMxMzUzMjJlMzUzODJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEABiYOjAN
BgkqhkiG9w0BAQsFAAOCAQEAbUoxn1iq9ZnaaPyiYEs6WUD29oFkWdZBI39+Rjzj
xbzXGIkPwuUl9Wf1uykl+0fo51ys0QUL5yQFSets/lJzPArETvxhn0iIYVL4PFr1
/I+BwgWu4bl7LXcQ7x/KKq8v+vMdW/NBZjEMGqbrezkTFHFZ3+PCZ8LgnH9OGuhJ
9hunAhkZeNCkBM29i+9bZwbweBVCpOLsCUploPKIfdYBU7SraYtGdUy9Og30lDb3
adMAtlY8VnJq7lb6QbXh5dH0lowqL40+Oh8DgkO33ZHVcmIrvWZHwJACmRHsPZL7
Hz3PRKgkimFUoPuxex/3+vHcnq2NQKTeBpze10Z2FIfFGg==
-----END CERTIFICATE-----
Generated at Wed Dec 18 21:09:27 2024 by rpki-client on console-fra.rpki-client.org