Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/147892b0-7ff7-4d9f-8614-ba9a3d7aa168/59f693965a4fe79bed63919e69d8dce54c202aec.roa
File: 59f693965a4fe79bed63919e69d8dce54c202aec.roa (raw, json)
Hash identifier: DQi1Lhqx9znXn6ity7HuibZ0hHE6PvoitZ4TBDoJgR0=
Subject key identifier: 22:80:09:8D:0A:B3:1A:38:E2:69:33:98:A0:F2:FD:C1:D5:83:9C:A7
Certificate issuer: /CN=12664936ff3e23a04dd6aaf24e9f7f4ca9183528
Certificate serial: 193077
Authority key identifier: D1:03:98:83:D7:74:69:C5:48:D0:D2:9B:47:45:20:8D:CB:64:73:D7
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/12664936ff3e23a04dd6aaf24e9f7f4ca9183528.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/147892b0-7ff7-4d9f-8614-ba9a3d7aa168/59f693965a4fe79bed63919e69d8dce54c202aec.roa
Signing time: Mon 18 Sep 2023 21:09:25 +0000
ROA not before: Sun 17 Sep 2023 21:09:24 +0000
ROA not after: Thu 18 Sep 2025 21:09:24 +0000
asID: 267832
IP address blocks: 45.175.20.0/24 maxlen: 24
170.245.158.0/23 maxlen: 24
2803:c460::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 10 Jan 2024 14:35:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1650807 (0x193077)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12664936ff3e23a04dd6aaf24e9f7f4ca9183528
Validity
Not Before: Sep 17 21:09:24 2023 GMT
Not After : Sep 18 21:09:24 2025 GMT
Subject: CN=59f693965a4fe79bed63919e69d8dce54c202aec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f0:31:2f:33:99:8d:db:6b:67:51:a1:ae:09:
df:2e:15:de:8e:7a:68:d9:09:12:0d:f9:51:7b:74:
de:92:0a:de:07:b6:48:00:58:c5:6d:9b:06:98:0f:
15:a3:9e:9f:ff:8a:87:f3:06:30:d1:ed:62:1a:7a:
10:8f:92:7d:5e:cf:bf:6a:a7:67:70:ee:3e:16:e4:
b5:51:da:18:fe:8d:df:d3:e7:71:9c:14:7e:66:74:
f8:d6:6e:f8:54:87:91:9a:8a:a8:37:4f:39:5b:65:
d7:f9:71:d4:b2:c1:f4:93:58:24:a1:9b:48:33:d3:
4e:ab:fb:a9:b4:70:d8:f4:4b:f3:b3:7d:21:d4:d2:
54:45:6d:60:cb:74:b3:19:9c:8c:57:a8:f9:bc:a2:
31:7e:53:4e:12:08:8c:fe:90:d7:65:77:92:b9:42:
b6:9d:61:1b:7c:d7:99:41:ce:99:fd:21:56:da:5e:
ed:68:4d:59:0d:f2:5f:84:57:ce:a0:2e:81:5a:17:
f3:75:8a:1b:27:22:9a:af:0a:a5:55:43:73:b8:a1:
d4:0c:01:01:ed:3d:29:5e:fd:94:9c:54:91:5a:a6:
0d:e9:ac:f4:41:45:34:7e:99:4f:d6:c9:83:cd:c5:
d3:49:6c:31:f5:2f:c8:ab:29:3f:1e:58:32:80:54:
e6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:80:09:8D:0A:B3:1A:38:E2:69:33:98:A0:F2:FD:C1:D5:83:9C:A7
X509v3 Authority Key Identifier:
keyid:D1:03:98:83:D7:74:69:C5:48:D0:D2:9B:47:45:20:8D:CB:64:73:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/12664936ff3e23a04dd6aaf24e9f7f4ca9183528.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/147892b0-7ff7-4d9f-8614-ba9a3d7aa168/59f693965a4fe79bed63919e69d8dce54c202aec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/147892b0-7ff7-4d9f-8614-ba9a3d7aa168/12664936ff3e23a04dd6aaf24e9f7f4ca9183528.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.175.20.0/24
170.245.158.0/23
IPv6:
2803:c460::/32
Signature Algorithm: sha256WithRSAEncryption
0e:84:49:0e:35:2d:f6:13:ec:3d:fd:ea:6a:aa:23:f0:b2:76:
4c:a8:14:3b:5f:3e:c0:93:68:94:bc:46:a2:87:30:2f:70:0d:
18:9d:f2:da:de:d7:49:d0:f8:34:11:8f:96:b0:ee:96:c4:20:
bb:e5:73:3f:f6:ed:c1:a7:6c:68:f7:f7:be:74:ca:32:8e:e5:
cd:83:72:e1:59:8c:fe:82:6d:8f:b6:df:22:19:88:62:7a:60:
a0:11:71:3f:ba:b8:66:65:2d:08:1c:0c:9e:66:cc:ab:e6:fc:
1d:49:b3:70:31:e9:3a:5c:53:38:04:63:8c:92:98:a3:27:f9:
15:98:64:d2:60:65:b3:72:06:4f:c0:10:57:c4:91:3d:e6:f8:
0c:1f:a5:8b:1b:33:fe:35:7e:d1:8c:e5:87:89:40:dc:b0:96:
6a:33:7e:d7:20:d4:49:9e:1e:7e:98:fa:b5:26:3c:a6:3c:9e:
d1:28:97:94:92:83:4b:57:62:40:46:dd:92:d0:c2:bc:da:ec:
0b:cc:a5:8f:0f:07:28:97:fb:01:8f:05:64:ef:6a:be:e0:61:
f7:cd:9c:cc:54:69:47:ea:ce:a6:8b:4f:b1:87:a6:45:50:21:
8e:55:2c:d7:d3:55:44:36:c5:48:9d:47:85:50:5b:d1:e6:12:
d0:3c:37:a6
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIDGTB3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDEy
NjY0OTM2ZmYzZTIzYTA0ZGQ2YWFmMjRlOWY3ZjRjYTkxODM1MjgwHhcNMjMwOTE3
MjEwOTI0WhcNMjUwOTE4MjEwOTI0WjAzMTEwLwYDVQQDEyg1OWY2OTM5NjVhNGZl
NzliZWQ2MzkxOWU2OWQ4ZGNlNTRjMjAyYWVjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgvAxLzOZjdtrZ1GhrgnfLhXejnpo2QkSDflRe3TekgreB7ZI
AFjFbZsGmA8Vo56f/4qH8wYw0e1iGnoQj5J9Xs+/aqdncO4+FuS1UdoY/o3f0+dx
nBR+ZnT41m74VIeRmoqoN085W2XX+XHUssH0k1gkoZtIM9NOq/uptHDY9Evzs30h
1NJURW1gy3SzGZyMV6j5vKIxflNOEgiM/pDXZXeSuUK2nWEbfNeZQc6Z/SFW2l7t
aE1ZDfJfhFfOoC6BWhfzdYobJyKarwqlVUNzuKHUDAEB7T0pXv2UnFSRWqYN6az0
QUU0fplP1smDzcXTSWwx9S/Iqyk/HlgygFTm0QIDAQABo4ICcDCCAmwwHQYDVR0O
BBYEFCKACY0Ksxo44mkzmKDy/cHVg5ynMB8GA1UdIwQYMBaAFNEDmIPXdGnFSNDS
m0dFII3LZHPXMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTI2NjQ5
MzZmZjNlMjNhMDRkZDZhYWYyNGU5ZjdmNGNhOTE4MzUyOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTQ3ODkyYjAtN2ZmNy00ZDlmLTg2MTQtYmE5YTNk
N2FhMTY4LzU5ZjY5Mzk2NWE0ZmU3OWJlZDYzOTE5ZTY5ZDhkY2U1NGMyMDJhZWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xNDc4OTJiMC03ZmY3LTRkOWYtODYxNC1iYTlh
M2Q3YWExNjgvMTI2NjQ5MzZmZjNlMjNhMDRkZDZhYWYyNGU5ZjdmNGNhOTE4MzUy
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAC2vFAMEAar1njANBAIAAjAHAwUAKAPEYDANBgkqhkiG9w0B
AQsFAAOCAQEADoRJDjUt9hPsPf3qaqoj8LJ2TKgUO18+wJNolLxGoocwL3ANGJ3y
2t7XSdD4NBGPlrDulsQgu+VzP/btwadsaPf3vnTKMo7lzYNy4VmM/oJtj7bfIhmI
YnpgoBFxP7q4ZmUtCBwMnmbMq+b8HUmzcDHpOlxTOARjjJKYoyf5FZhk0mBls3IG
T8AQV8SRPeb4DB+lixsz/jV+0Yzlh4lA3LCWajN+1yDUSZ4efpj6tSY8pjye0SiX
lJKDS1diQEbdktDCvNrsC8yljw8HKJf7AY8FZO9qvuBh982czFRpR+rOpotPsYem
RVAhjlUs19NVRDbFSJ1HhVBb0eYS0Dw3pg==
-----END CERTIFICATE-----
Generated at Wed Jan 10 19:13:16 2024 by rpki-client on console-fra.rpki-client.org