Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1a646a5a-e03b-48ec-8ec3-8065cce10e9e/554a2fde82bfdbb772a775aa175932505a570222.roa
File: 554a2fde82bfdbb772a775aa175932505a570222.roa (raw, json)
Hash identifier: SSdCj9ia2ho+sXLPxCGCfMdy9Ro5mT+0XR4+3qWfCeI=
Subject key identifier: 7D:8D:57:17:C4:D5:E3:02:F9:43:95:B9:BF:2C:5F:6B:47:80:F0:59
Certificate issuer: /CN=7aab3a1b1d30b14b6d9a3fe39cefe867d60ff350
Certificate serial: 0E16B4
Authority key identifier: 5F:58:C6:83:CE:D5:C8:0E:0F:DF:DB:14:B9:1D:DC:AF:3C:E2:AB:2B
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7aab3a1b1d30b14b6d9a3fe39cefe867d60ff350.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/1a646a5a-e03b-48ec-8ec3-8065cce10e9e/554a2fde82bfdbb772a775aa175932505a570222.roa
Signing time: Wed 24 Mar 2021 14:42:05 +0000
ROA not before: Wed 24 Mar 2021 14:42:05 +0000
ROA not after: Tue 24 Mar 2026 14:42:05 +0000
asID: 27742
IP address blocks: 200.30.128.0/24 maxlen: 24
200.30.132.0/24 maxlen: 24
200.30.165.0/24 maxlen: 24
200.30.170.0/24 maxlen: 24
200.30.177.0/24 maxlen: 24
200.30.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 923316 (0xe16b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7aab3a1b1d30b14b6d9a3fe39cefe867d60ff350
Validity
Not Before: Mar 24 14:42:05 2021 GMT
Not After : Mar 24 14:42:05 2026 GMT
Subject: CN=554a2fde82bfdbb772a775aa175932505a570222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7e:f8:2d:8e:8f:b1:e5:8f:06:2b:20:64:4e:
28:89:23:b8:43:6a:2c:af:48:8b:9c:26:9d:f4:55:
c6:d4:4f:d5:aa:2e:40:7b:b5:bb:77:75:0a:26:1b:
55:04:bb:83:1f:53:2f:9b:01:90:9f:a9:d8:84:d9:
5d:e8:f2:87:3e:2e:91:0c:8b:68:aa:e6:b7:c5:23:
8f:65:47:cd:40:d1:3e:09:15:99:09:4e:92:46:65:
c5:9d:6e:d1:26:ce:f3:21:ae:4f:8f:0f:0d:dd:1c:
12:05:c8:23:d5:e0:5e:b1:6e:5d:ab:1d:36:42:86:
37:cd:19:3e:e2:82:0c:0c:d0:4c:06:9a:95:83:b1:
68:7d:a7:7d:6e:7e:7a:97:a1:77:db:b1:70:8d:4f:
48:3e:72:46:e5:26:bc:a0:de:d3:4f:f7:7d:7f:25:
4c:48:5e:fb:5d:60:d6:d7:08:a3:eb:85:af:b0:60:
0d:c9:7b:d6:c8:1f:55:b7:6f:7f:bb:8a:a2:f5:69:
4d:15:d2:a9:25:04:63:83:38:72:ef:59:09:ee:e9:
78:8f:33:39:85:ee:57:98:a8:3b:33:49:8b:5b:86:
90:e9:c3:17:0e:c6:ac:28:d1:40:d9:37:d0:67:07:
b0:5f:8a:d9:1a:43:af:fb:bd:2b:18:c2:84:f5:89:
35:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8D:57:17:C4:D5:E3:02:F9:43:95:B9:BF:2C:5F:6B:47:80:F0:59
X509v3 Authority Key Identifier:
keyid:5F:58:C6:83:CE:D5:C8:0E:0F:DF:DB:14:B9:1D:DC:AF:3C:E2:AB:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7aab3a1b1d30b14b6d9a3fe39cefe867d60ff350.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1a646a5a-e03b-48ec-8ec3-8065cce10e9e/554a2fde82bfdbb772a775aa175932505a570222.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/1a646a5a-e03b-48ec-8ec3-8065cce10e9e/7aab3a1b1d30b14b6d9a3fe39cefe867d60ff350.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.30.128.0/24
200.30.132.0/24
200.30.165.0/24
200.30.170.0/24
200.30.177.0/24
200.30.182.0/24
Signature Algorithm: sha256WithRSAEncryption
01:a5:58:20:4c:b4:55:9a:c3:c2:03:22:55:ac:55:13:1d:b5:
53:37:91:46:58:91:14:cd:26:40:29:75:8b:a2:cf:b0:0f:c1:
1a:3f:bf:a9:91:b6:aa:4d:14:fd:f8:65:75:76:b1:75:25:49:
e4:d9:bd:a7:a1:c3:20:a9:96:9b:67:8a:be:cf:ad:9f:e7:ff:
09:be:37:9e:c6:95:10:a1:27:b8:c0:f4:06:e3:79:13:f3:73:
e3:5f:63:a0:8e:3f:15:5a:d7:fc:13:bd:d4:0d:8a:23:c9:a9:
64:d2:9a:dc:f8:9a:76:87:f1:1b:86:2e:da:6e:79:2c:a5:dd:
f4:f5:db:06:10:0a:98:a0:62:44:b0:e4:37:44:e7:10:86:d8:
b0:69:a4:af:52:f6:a9:9f:80:82:47:e9:f0:50:47:09:f4:4b:
66:11:c4:ff:6e:bc:6e:0e:1b:98:a4:6c:b4:d3:90:60:58:bd:
9a:d5:9f:dd:49:b4:5c:aa:d7:d2:00:94:e0:b5:a0:58:9e:85:
29:fb:59:5e:b6:22:4d:38:29:31:d3:78:f3:38:30:39:7c:2c:
fd:bf:be:d6:06:d9:49:c2:a9:5d:4a:3e:9a:05:56:98:3e:16:
ee:a9:a7:f8:1f:2e:20:04:c7:f2:5c:ac:5b:34:46:fd:ce:52:
20:4b:00:a0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIDDha0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdh
YWIzYTFiMWQzMGIxNGI2ZDlhM2ZlMzljZWZlODY3ZDYwZmYzNTAwHhcNMjEwMzI0
MTQ0MjA1WhcNMjYwMzI0MTQ0MjA1WjAzMTEwLwYDVQQDEyg1NTRhMmZkZTgyYmZk
YmI3NzJhNzc1YWExNzU5MzI1MDVhNTcwMjIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArn74LY6PseWPBisgZE4oiSO4Q2osr0iLnCad9FXG1E/Vqi5A
e7W7d3UKJhtVBLuDH1MvmwGQn6nYhNld6PKHPi6RDItoqua3xSOPZUfNQNE+CRWZ
CU6SRmXFnW7RJs7zIa5Pjw8N3RwSBcgj1eBesW5dqx02QoY3zRk+4oIMDNBMBpqV
g7Fofad9bn56l6F327FwjU9IPnJG5Sa8oN7TT/d9fyVMSF77XWDW1wij64WvsGAN
yXvWyB9Vt29/u4qi9WlNFdKpJQRjgzhy71kJ7ul4jzM5he5XmKg7M0mLW4aQ6cMX
DsasKNFA2TfQZwewX4rZGkOv+70rGMKE9Yk13wIDAQABo4ICeTCCAnUwHQYDVR0O
BBYEFH2NVxfE1eMC+UOVub8sX2tHgPBZMB8GA1UdIwQYMBaAFF9YxoPO1cgOD9/b
FLkd3K884qsrMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvN2FhYjNh
MWIxZDMwYjE0YjZkOWEzZmUzOWNlZmU4NjdkNjBmZjM1MC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWE2NDZhNWEtZTAzYi00OGVjLThlYzMtODA2NWNj
ZTEwZTllLzU1NGEyZmRlODJiZmRiYjc3MmE3NzVhYTE3NTkzMjUwNWE1NzAyMjIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xYTY0NmE1YS1lMDNiLTQ4ZWMtOGVjMy04MDY1
Y2NlMTBlOWUvN2FhYjNhMWIxZDMwYjE0YjZkOWEzZmUzOWNlZmU4NjdkNjBmZjM1
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQu
MCwwKgQCAAEwJAMEAMgegAMEAMgehAMEAMgepQMEAMgeqgMEAMgesQMEAMgetjAN
BgkqhkiG9w0BAQsFAAOCAQEAAaVYIEy0VZrDwgMiVaxVEx21UzeRRliRFM0mQCl1
i6LPsA/BGj+/qZG2qk0U/fhldXaxdSVJ5Nm9p6HDIKmWm2eKvs+tn+f/Cb43nsaV
EKEnuMD0BuN5E/Nz419joI4/FVrX/BO91A2KI8mpZNKa3PiadofxG4Yu2m55LKXd
9PXbBhAKmKBiRLDkN0TnEIbYsGmkr1L2qZ+Agkfp8FBHCfRLZhHE/268bg4bmKRs
tNOQYFi9mtWf3Um0XKrX0gCU4LWgWJ6FKftZXrYiTTgpMdN48zgwOXws/b++1gbZ
ScKpXUo+mgVWmD4W7qmn+B8uIATH8lysWzRG/c5SIEsAoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:22 2024 by rpki-client on console-fra.rpki-client.org