Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/191c01fe-5e02-4280-b2c3-e3be1f20c06d/d7ab561108fd0b22e39ff1a293b887fd30795fab.roa
File: d7ab561108fd0b22e39ff1a293b887fd30795fab.roa (raw, json)
Hash identifier: AXehZ1hSloNrNAjzcFfSbRBCiZY7WeLHb/1qxJunF6U=
Subject key identifier: 5B:07:C2:64:19:85:75:F6:7E:F4:E0:33:ED:84:6F:97:91:2B:0F:8E
Certificate issuer: /CN=c5ef86124a38f3fc46e85e51e01411db37fdb204
Certificate serial: 0CC64C
Authority key identifier: 86:56:69:72:80:4D:BD:ED:14:7F:F3:A0:38:C2:B6:95:AD:C2:C8:6B
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c5ef86124a38f3fc46e85e51e01411db37fdb204.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/191c01fe-5e02-4280-b2c3-e3be1f20c06d/d7ab561108fd0b22e39ff1a293b887fd30795fab.roa
Signing time: Fri 21 Apr 2023 20:42:27 +0000
ROA not before: Thu 20 Apr 2023 20:42:27 +0000
ROA not after: Mon 21 Apr 2025 20:42:27 +0000
asID: 272086
IP address blocks: 189.85.40.0/23 maxlen: 32
189.85.42.0/24 maxlen: 32
2803:21e0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 837196 (0xcc64c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5ef86124a38f3fc46e85e51e01411db37fdb204
Validity
Not Before: Apr 20 20:42:27 2023 GMT
Not After : Apr 21 20:42:27 2025 GMT
Subject: CN=d7ab561108fd0b22e39ff1a293b887fd30795fab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:84:bb:58:38:08:8a:6d:0a:05:c8:ff:12:a2:
22:f1:c5:d8:9a:fa:9f:31:f7:0f:f2:6e:e8:6b:e4:
bd:1c:4b:29:5d:ff:82:8b:67:51:1a:db:a9:74:85:
ee:2c:57:2e:85:49:a5:d2:a0:f4:66:8a:d3:ed:2f:
f2:73:59:4c:b8:f9:5e:32:c3:51:ff:d5:29:d6:8f:
10:42:52:e8:a5:07:76:aa:1e:d5:5d:60:a2:80:1d:
7a:80:d4:d4:8c:7b:76:4f:cb:a8:c8:f6:e6:5e:d6:
47:ef:6f:67:2a:6c:e6:b5:d4:c6:51:dd:82:ec:cf:
56:5b:92:d4:2a:00:e1:74:fd:4f:21:d5:1e:8f:9d:
a2:96:c7:1f:dc:b7:e0:7e:2d:9c:78:d1:e0:84:0b:
0c:69:95:e0:17:9a:33:bc:f7:75:b6:46:26:62:b7:
b0:63:0f:00:1d:76:b7:86:a3:c2:a1:73:e2:46:04:
e9:5a:cb:2e:f0:cb:c4:3c:b9:02:d8:13:e5:f4:fd:
3d:85:fb:4f:92:10:f4:40:8b:7c:98:45:6f:16:7e:
06:78:ed:6f:55:e2:02:4b:ec:8f:b1:e8:45:b7:7d:
58:0d:98:78:56:23:8f:15:df:d5:f5:41:d2:9d:63:
8a:40:5f:d6:ea:4a:ac:70:0d:00:82:a2:f6:9f:cc:
87:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:07:C2:64:19:85:75:F6:7E:F4:E0:33:ED:84:6F:97:91:2B:0F:8E
X509v3 Authority Key Identifier:
keyid:86:56:69:72:80:4D:BD:ED:14:7F:F3:A0:38:C2:B6:95:AD:C2:C8:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c5ef86124a38f3fc46e85e51e01411db37fdb204.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/191c01fe-5e02-4280-b2c3-e3be1f20c06d/d7ab561108fd0b22e39ff1a293b887fd30795fab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/191c01fe-5e02-4280-b2c3-e3be1f20c06d/c5ef86124a38f3fc46e85e51e01411db37fdb204.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
189.85.40.0-189.85.42.255
IPv6:
2803:21e0::/32
Signature Algorithm: sha256WithRSAEncryption
69:cf:97:6e:00:9d:03:02:c8:e2:50:eb:19:b2:d5:9d:34:9d:
5f:ef:e9:5b:f3:df:fb:50:bb:87:03:df:e5:b5:0c:e2:6d:5e:
8e:d4:0c:bc:48:a1:02:eb:08:f4:71:3b:31:5d:19:bf:08:e6:
54:9a:37:ad:60:fa:5e:ce:27:72:71:ba:02:a0:ef:7f:c3:41:
c9:04:bb:64:42:cc:e7:24:c0:9d:4d:fd:da:88:a1:bb:73:10:
66:5f:2e:8c:5a:30:89:65:80:7e:d6:96:7b:c9:e2:e4:75:79:
be:76:c4:99:2f:b2:28:57:f6:2d:e2:e6:23:a4:59:9c:0f:90:
c1:8b:f3:9b:38:5b:08:a0:44:b2:57:86:c0:a7:34:b3:2f:3b:
4b:39:e9:3b:75:57:07:31:d9:c6:1b:9e:ad:d4:47:04:05:57:
dd:58:79:15:9b:ee:3c:ab:b1:43:2b:d1:25:89:5c:dd:df:54:
ce:1c:75:6f:5f:a9:ed:50:14:a6:ba:18:ab:6e:bd:c7:c0:39:
fa:4c:2d:fe:da:fe:8d:7d:86:6e:94:9d:ab:de:56:f6:d8:7a:
cf:12:4f:f2:25:ee:d9:11:ab:2a:4c:35:7e:e9:56:5d:f7:ac:
30:1d:49:a7:e1:96:16:0e:76:92:d7:16:a0:25:b7:c5:53:38:
9a:aa:97:66
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgIDDMZMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM1
ZWY4NjEyNGEzOGYzZmM0NmU4NWU1MWUwMTQxMWRiMzdmZGIyMDQwHhcNMjMwNDIw
MjA0MjI3WhcNMjUwNDIxMjA0MjI3WjAzMTEwLwYDVQQDEyhkN2FiNTYxMTA4ZmQw
YjIyZTM5ZmYxYTI5M2I4ODdmZDMwNzk1ZmFiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA+oS7WDgIim0KBcj/EqIi8cXYmvqfMfcP8m7oa+S9HEspXf+C
i2dRGtupdIXuLFcuhUml0qD0ZorT7S/yc1lMuPleMsNR/9Up1o8QQlLopQd2qh7V
XWCigB16gNTUjHt2T8uoyPbmXtZH729nKmzmtdTGUd2C7M9WW5LUKgDhdP1PIdUe
j52ilscf3Lfgfi2ceNHghAsMaZXgF5ozvPd1tkYmYrewYw8AHXa3hqPCoXPiRgTp
Wssu8MvEPLkC2BPl9P09hftPkhD0QIt8mEVvFn4GeO1vVeICS+yPsehFt31YDZh4
ViOPFd/V9UHSnWOKQF/W6kqscA0AgqL2n8yHsQIDAQABo4ICcjCCAm4wHQYDVR0O
BBYEFFsHwmQZhXX2fvTgM+2Eb5eRKw+OMB8GA1UdIwQYMBaAFIZWaXKATb3tFH/z
oDjCtpWtwshrMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzVlZjg2
MTI0YTM4ZjNmYzQ2ZTg1ZTUxZTAxNDExZGIzN2ZkYjIwNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTkxYzAxZmUtNWUwMi00MjgwLWIyYzMtZTNiZTFm
MjBjMDZkL2Q3YWI1NjExMDhmZDBiMjJlMzlmZjFhMjkzYjg4N2ZkMzA3OTVmYWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xOTFjMDFmZS01ZTAyLTQyODAtYjJjMy1lM2Jl
MWYyMGMwNmQvYzVlZjg2MTI0YTM4ZjNmYzQ2ZTg1ZTUxZTAxNDExZGIzN2ZkYjIw
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQn
MCUwFAQCAAEwDjAMAwQDvVUoAwQAvVUqMA0EAgACMAcDBQAoAyHgMA0GCSqGSIb3
DQEBCwUAA4IBAQBpz5duAJ0DAsjiUOsZstWdNJ1f7+lb89/7ULuHA9/ltQzibV6O
1Ay8SKEC6wj0cTsxXRm/COZUmjetYPpezidycboCoO9/w0HJBLtkQsznJMCdTf3a
iKG7cxBmXy6MWjCJZYB+1pZ7yeLkdXm+dsSZL7IoV/Yt4uYjpFmcD5DBi/ObOFsI
oESyV4bApzSzLztLOek7dVcHMdnGG56t1EcEBVfdWHkVm+48q7FDK9EliVzd31TO
HHVvX6ntUBSmuhirbr3HwDn6TC3+2v6NfYZulJ2r3lb22HrPEk/yJe7ZEasqTDV+
6VZd96wwHUmn4ZYWDnaS1xagJbfFUziaqpdm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:01 2024 by rpki-client on console-ams.rpki-client.org