Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/25054c0f-198a-47c6-b112-152e3460238c/15c9e98da77cebc4c5be35c863a236c8198f5065.roa
File: 15c9e98da77cebc4c5be35c863a236c8198f5065.roa (raw, json)
Hash identifier: 4Bw6PR1O68KE0tsCYohD/ajjZtCW9ClPx8dgZpY2ScM=
Subject key identifier: D4:06:63:1F:2A:D8:4D:A0:A4:2D:18:F2:82:66:F1:E1:FE:89:49:DD
Certificate issuer: /CN=7d666fc96c87b713c1f1fc6b289e51fae298a9ff
Certificate serial: 147BB3
Authority key identifier: 34:46:15:53:3D:37:E7:7E:E5:71:C9:D2:95:48:61:E8:2C:FE:CF:26
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7d666fc96c87b713c1f1fc6b289e51fae298a9ff.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/25054c0f-198a-47c6-b112-152e3460238c/15c9e98da77cebc4c5be35c863a236c8198f5065.roa
Signing time: Fri 24 Dec 2021 20:39:54 +0000
ROA not before: Wed 24 Mar 2021 03:00:00 +0000
ROA not after: Tue 24 Mar 2026 03:00:00 +0000
asID: 52228
IP address blocks: 152.231.128.0/17 maxlen: 24
179.50.128.0/17 maxlen: 24
186.15.0.0/18 maxlen: 24
186.15.64.0/18 maxlen: 24
186.15.128.0/19 maxlen: 24
186.15.160.0/20 maxlen: 24
186.15.176.0/21 maxlen: 24
186.15.192.0/18 maxlen: 24
186.64.128.0/17 maxlen: 24
186.159.128.0/18 maxlen: 24
186.159.192.0/20 maxlen: 24
186.159.208.0/21 maxlen: 24
186.159.216.0/23 maxlen: 24
186.159.220.0/22 maxlen: 24
186.159.224.0/19 maxlen: 24
2803:6000::/32 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1342387 (0x147bb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d666fc96c87b713c1f1fc6b289e51fae298a9ff
Validity
Not Before: Mar 24 03:00:00 2021 GMT
Not After : Mar 24 03:00:00 2026 GMT
Subject: CN=15c9e98da77cebc4c5be35c863a236c8198f5065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fd:5c:50:0b:be:ed:b4:97:6e:ec:4f:31:43:
23:f8:8c:9f:a5:84:9b:ba:97:26:6b:29:5c:10:e4:
cf:f1:f2:3b:2d:f5:99:b2:cc:17:11:7d:fe:31:19:
ef:3c:b1:5a:d6:dd:33:8a:51:db:6d:e6:f8:6e:1e:
9f:70:3c:3b:8e:fa:ca:b1:8c:ac:bb:5d:b2:a7:29:
18:b3:d8:c9:a6:92:e6:ea:22:b0:5b:4b:46:37:77:
77:81:bd:ce:01:83:bf:28:ec:2d:4d:4d:83:c4:4f:
a1:d7:d4:64:19:39:a3:be:3e:5e:0b:bf:47:a3:f1:
2b:53:98:de:f1:fd:69:1d:f7:ef:bb:ba:70:87:39:
4d:75:b9:64:b9:b3:1b:07:08:32:3d:b4:c5:cf:90:
be:ea:1d:2b:38:6c:56:9a:74:aa:3f:6b:59:b1:ff:
69:51:51:b4:66:42:41:a9:79:20:c1:4b:e2:d2:a8:
c6:e3:51:0a:ec:d0:65:e1:63:ee:ef:b9:ed:d7:d3:
83:ae:76:2f:a8:ba:ee:05:94:ec:c3:27:22:c0:df:
d3:ec:af:99:38:7b:1c:9b:39:a0:2d:c5:f0:05:66:
5f:8a:f8:aa:aa:16:da:9d:ad:89:da:37:19:59:c5:
7d:5c:dd:59:9e:29:e5:59:70:d8:cf:cb:9d:5e:6d:
79:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:06:63:1F:2A:D8:4D:A0:A4:2D:18:F2:82:66:F1:E1:FE:89:49:DD
X509v3 Authority Key Identifier:
keyid:34:46:15:53:3D:37:E7:7E:E5:71:C9:D2:95:48:61:E8:2C:FE:CF:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7d666fc96c87b713c1f1fc6b289e51fae298a9ff.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/25054c0f-198a-47c6-b112-152e3460238c/15c9e98da77cebc4c5be35c863a236c8198f5065.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/25054c0f-198a-47c6-b112-152e3460238c/7d666fc96c87b713c1f1fc6b289e51fae298a9ff.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.231.128.0/17
179.50.128.0/17
186.15.0.0-186.15.183.255
186.15.192.0/18
186.64.128.0/17
186.159.128.0-186.159.217.255
186.159.220.0-186.159.255.255
IPv6:
2803:6000::/32
Signature Algorithm: sha256WithRSAEncryption
39:85:31:2e:52:ef:96:d8:e9:4b:7f:35:5e:d4:a4:9c:13:89:
b0:a0:16:53:f5:c9:8b:06:77:3a:37:be:89:1f:44:f8:0e:37:
28:71:2a:8b:45:f6:84:17:f0:c2:44:2e:e7:cc:7e:69:51:35:
31:99:d3:1d:0e:f9:3b:9f:f3:68:7e:2b:f9:8a:08:7a:8d:7c:
9f:6a:b0:24:67:92:78:4e:99:0c:28:b0:68:d9:b5:ce:df:11:
ac:c1:5c:2e:22:07:12:46:02:c9:73:ba:ae:52:10:2a:96:6d:
76:b3:ef:c4:ec:b3:3d:43:8a:66:bd:12:42:97:9b:d1:89:50:
58:27:cd:21:d2:7d:de:a7:4d:cb:a3:e7:76:fa:54:d2:4f:0f:
33:8c:41:e1:44:23:56:6e:cf:3f:ec:e1:20:a1:d9:c0:4d:ac:
0f:ac:64:58:b9:10:af:a0:54:0c:f6:41:0d:97:16:c8:72:c8:
48:53:2a:ca:e5:ae:a1:d4:b7:1a:df:12:38:fb:d9:6d:26:43:
ca:4c:61:aa:86:80:6c:fe:55:de:58:01:21:dc:92:20:28:12:
c5:82:28:49:84:d3:dc:6c:7a:af:f2:d9:dd:b0:53:bb:99:09:
67:10:7d:8e:8a:f0:51:05:c2:6a:db:30:eb:a8:02:dc:f5:99:
5d:68:69:6a
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDFHuzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdk
NjY2ZmM5NmM4N2I3MTNjMWYxZmM2YjI4OWU1MWZhZTI5OGE5ZmYwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygxNWM5ZTk4ZGE3N2Nl
YmM0YzViZTM1Yzg2M2EyMzZjODE5OGY1MDY1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAo/1cUAu+7bSXbuxPMUMj+IyfpYSbupcmaylcEOTP8fI7LfWZ
sswXEX3+MRnvPLFa1t0zilHbbeb4bh6fcDw7jvrKsYysu12ypykYs9jJppLm6iKw
W0tGN3d3gb3OAYO/KOwtTU2DxE+h19RkGTmjvj5eC79Ho/ErU5je8f1pHffvu7pw
hzlNdblkubMbBwgyPbTFz5C+6h0rOGxWmnSqP2tZsf9pUVG0ZkJBqXkgwUvi0qjG
41EK7NBl4WPu77nt19ODrnYvqLruBZTswyciwN/T7K+ZOHscmzmgLcXwBWZfiviq
qhbana2J2jcZWcV9XN1ZninlWXDYz8udXm15RwIDAQABo4ICpDCCAqAwHQYDVR0O
BBYEFNQGYx8q2E2gpC0Y8oJm8eH+iUndMB8GA1UdIwQYMBaAFDRGFVM9N+d+5XHJ
0pVIYegs/s8mMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvN2Q2NjZm
Yzk2Yzg3YjcxM2MxZjFmYzZiMjg5ZTUxZmFlMjk4YTlmZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjUwNTRjMGYtMTk4YS00N2M2LWIxMTItMTUyZTM0
NjAyMzhjLzE1YzllOThkYTc3Y2ViYzRjNWJlMzVjODYzYTIzNmM4MTk4ZjUwNjUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNTA1NGMwZi0xOThhLTQ3YzYtYjExMi0xNTJl
MzQ2MDIzOGMvN2Q2NjZmYzk2Yzg3YjcxM2MxZjFmYzZiMjg5ZTUxZmFlMjk4YTlm
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBggrBgEFBQcBBwEB/wRZ
MFcwRgQCAAEwQAMEB5jngAMEB7MygDALAwMAug8DBAO6D7ADBAa6D8ADBAe6QIAw
DAMEB7qfgAMEAbqf2DALAwQCup/cAwMFuoAwDQQCAAIwBwMFACgDYAAwDQYJKoZI
hvcNAQELBQADggEBADmFMS5S75bY6Ut/NV7UpJwTibCgFlP1yYsGdzo3vokfRPgO
NyhxKotF9oQX8MJELufMfmlRNTGZ0x0O+Tuf82h+K/mKCHqNfJ9qsCRnknhOmQwo
sGjZtc7fEazBXC4iBxJGAslzuq5SECqWbXaz78Tssz1Dima9EkKXm9GJUFgnzSHS
fd6nTcuj53b6VNJPDzOMQeFEI1Zuzz/s4SCh2cBNrA+sZFi5EK+gVAz2QQ2XFshy
yEhTKsrlrqHUtxrfEjj72W0mQ8pMYaqGgGz+Vd5YASHckiAoEsWCKEmE09xseq/y
2d2wU7uZCWcQfY6K8FEFwmrbMOuoAtz1mV1oaWo=
-----END CERTIFICATE-----
Generated at Wed Oct 11 21:03:45 2023 by rpki-client on console-ams.rpki-client.org