Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/28f72468-71a7-4407-a293-3c4d482a2082/4396f20044fd482064d249f96b47ac2784cfbab5.roa
File: 4396f20044fd482064d249f96b47ac2784cfbab5.roa (raw, json)
Hash identifier: NPBLSxcVps+lk4OMWTQyaVj7h9qAm7anmSLBza22CZA=
Subject key identifier: 84:74:C0:1C:CD:9E:CA:D9:74:76:33:58:C0:33:76:41:9B:AA:46:66
Certificate issuer: /CN=f1d0163a439efacc1ac476fcf9ca062330c6e918
Certificate serial: 157922
Authority key identifier: 29:E7:A3:95:52:0E:C9:87:60:8C:CF:1E:68:F0:1E:63:7C:B3:7A:1E
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f1d0163a439efacc1ac476fcf9ca062330c6e918.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/28f72468-71a7-4407-a293-3c4d482a2082/4396f20044fd482064d249f96b47ac2784cfbab5.roa
Signing time: Thu 24 Feb 2022 16:32:57 +0000
ROA not before: Wed 24 Mar 2021 03:00:00 +0000
ROA not after: Tue 24 Mar 2026 03:00:00 +0000
asID: 263805
IP address blocks: 138.185.136.0/24 maxlen: 24
138.185.137.0/24 maxlen: 24
138.185.138.0/24 maxlen: 24
138.185.139.0/24 maxlen: 24
2803:a240::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1407266 (0x157922)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0163a439efacc1ac476fcf9ca062330c6e918
Validity
Not Before: Mar 24 03:00:00 2021 GMT
Not After : Mar 24 03:00:00 2026 GMT
Subject: CN=4396f20044fd482064d249f96b47ac2784cfbab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d7:af:9b:12:aa:66:55:1a:30:83:62:f2:84:
0b:bb:d0:84:1e:59:22:4c:ae:32:48:80:57:43:99:
2e:7a:01:e7:1e:20:6c:09:39:94:70:48:b3:40:3a:
0c:04:c1:f9:0f:e4:89:12:6c:4f:5e:cb:e3:2a:5b:
ce:9c:db:9c:36:9e:13:95:05:3c:0d:e4:b2:00:2e:
42:34:c3:1a:08:c1:e7:1b:11:bc:df:4b:b8:16:a1:
9f:1e:16:0e:4b:ec:87:1e:62:db:31:e9:96:a7:93:
e4:bd:f6:a4:b6:b6:b7:14:93:6a:f3:61:54:a8:c7:
6e:fb:d2:d5:fc:ab:1b:ec:3f:f1:36:c0:84:58:c9:
3b:47:88:fb:e7:70:05:d5:e7:66:c4:00:26:1c:15:
44:7b:81:0b:63:2f:8a:a2:b2:2c:e0:81:19:46:35:
e6:eb:a2:0e:b6:dd:25:6b:5c:56:19:dd:71:c9:55:
7e:53:b4:c6:c8:8f:93:b4:47:4b:b1:f8:ec:db:b0:
e6:c6:d8:9b:14:77:fa:23:63:ba:d5:f7:97:02:b0:
9c:79:e9:d3:8e:c0:45:02:15:64:e8:65:b6:d2:c2:
c3:04:b0:36:fa:87:97:b7:15:a4:55:be:bc:0b:c0:
18:c8:34:06:8f:7c:13:c3:fe:92:51:87:42:4a:6a:
ab:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:74:C0:1C:CD:9E:CA:D9:74:76:33:58:C0:33:76:41:9B:AA:46:66
X509v3 Authority Key Identifier:
keyid:29:E7:A3:95:52:0E:C9:87:60:8C:CF:1E:68:F0:1E:63:7C:B3:7A:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f1d0163a439efacc1ac476fcf9ca062330c6e918.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/28f72468-71a7-4407-a293-3c4d482a2082/4396f20044fd482064d249f96b47ac2784cfbab5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/28f72468-71a7-4407-a293-3c4d482a2082/f1d0163a439efacc1ac476fcf9ca062330c6e918.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.185.136.0/22
IPv6:
2803:a240::/32
Signature Algorithm: sha256WithRSAEncryption
6f:de:5f:bc:35:93:87:28:04:58:4d:46:44:88:62:3f:70:53:
b1:ad:67:a7:f5:b4:4a:8e:9e:f4:26:f7:98:c6:8b:19:43:4c:
8e:6c:6a:02:8e:08:2d:97:2e:1b:cc:c1:4c:dc:ed:2c:8a:75:
4a:b0:82:8d:33:85:52:00:d4:d0:b6:73:10:20:19:56:c9:16:
65:1a:7e:f2:6a:7e:cc:c3:6d:67:d7:b1:77:3d:08:df:72:46:
de:69:7b:8f:91:9f:e8:f1:20:17:fd:39:ab:ed:55:4e:67:fd:
1d:fa:2c:03:40:1c:b9:37:80:b4:7f:6c:c0:76:88:12:30:82:
fd:ad:37:7f:dd:2c:46:41:0e:a1:d0:0e:9d:6b:ea:36:d5:93:
cc:b2:c4:8a:9c:9c:00:75:4d:98:dc:2b:b9:a0:9e:e1:74:09:
cf:7c:20:f6:49:51:fc:cf:d3:75:ba:19:84:fa:2f:db:c8:00:
0d:fa:76:2c:05:3e:b4:87:00:ab:19:dc:ca:64:50:08:75:63:
75:89:3f:7e:4b:98:c9:5e:7a:d1:94:26:94:54:78:0c:61:b6:
cd:97:89:ea:cf:b5:ec:b5:6e:5f:0f:6d:7c:40:ba:39:34:13:
e3:7c:58:91:94:e3:25:e3:db:82:6c:c9:0b:48:a1:fd:75:84:
88:ca:93:e8
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDFXkiMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGYx
ZDAxNjNhNDM5ZWZhY2MxYWM0NzZmY2Y5Y2EwNjIzMzBjNmU5MTgwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg0Mzk2ZjIwMDQ0ZmQ0
ODIwNjRkMjQ5Zjk2YjQ3YWMyNzg0Y2ZiYWI1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAydevmxKqZlUaMINi8oQLu9CEHlkiTK4ySIBXQ5kuegHnHiBs
CTmUcEizQDoMBMH5D+SJEmxPXsvjKlvOnNucNp4TlQU8DeSyAC5CNMMaCMHnGxG8
30u4FqGfHhYOS+yHHmLbMemWp5Pkvfaktra3FJNq82FUqMdu+9LV/Ksb7D/xNsCE
WMk7R4j753AF1edmxAAmHBVEe4ELYy+KorIs4IEZRjXm66IOtt0la1xWGd1xyVV+
U7TGyI+TtEdLsfjs27DmxtibFHf6I2O61feXArCceenTjsBFAhVk6GW20sLDBLA2
+oeXtxWkVb68C8AYyDQGj3wTw/6SUYdCSmqrTwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFIR0wBzNnsrZdHYzWMAzdkGbqkZmMB8GA1UdIwQYMBaAFCnno5VSDsmHYIzP
HmjwHmN8s3oeMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjFkMDE2
M2E0MzllZmFjYzFhYzQ3NmZjZjljYTA2MjMzMGM2ZTkxOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjhmNzI0NjgtNzFhNy00NDA3LWEyOTMtM2M0ZDQ4
MmEyMDgyLzQzOTZmMjAwNDRmZDQ4MjA2NGQyNDlmOTZiNDdhYzI3ODRjZmJhYjUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yOGY3MjQ2OC03MWE3LTQ0MDctYTI5My0zYzRk
NDgyYTIwODIvZjFkMDE2M2E0MzllZmFjYzFhYzQ3NmZjZjljYTA2MjMzMGM2ZTkx
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAoq5iDANBAIAAjAHAwUAKAOiQDANBgkqhkiG9w0BAQsFAAOC
AQEAb95fvDWThygEWE1GRIhiP3BTsa1np/W0So6e9Cb3mMaLGUNMjmxqAo4ILZcu
G8zBTNztLIp1SrCCjTOFUgDU0LZzECAZVskWZRp+8mp+zMNtZ9exdz0I33JG3ml7
j5Gf6PEgF/05q+1VTmf9HfosA0AcuTeAtH9swHaIEjCC/a03f90sRkEOodAOnWvq
NtWTzLLEipycAHVNmNwruaCe4XQJz3wg9klR/M/TdboZhPov28gADfp2LAU+tIcA
qxncymRQCHVjdYk/fkuYyV560ZQmlFR4DGG2zZeJ6s+17LVuXw9tfEC6OTQT43xY
kZTjJePbgmzJC0ih/XWEiMqT6A==
-----END CERTIFICATE-----
Generated at Tue Aug 15 23:20:51 2023 by rpki-client on console-fra.rpki-client.org