Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/37014f58-a454-467f-9887-90d8b47e5ee0/2888cd72cc5d4f137d77f8fec693e22a30419fc9.roa
File: 2888cd72cc5d4f137d77f8fec693e22a30419fc9.roa (raw, json)
Hash identifier: rAVvIwmzWxgyltF/+j29I4+hsQHOp7jHYk2Zm+HdD78=
Subject key identifier: 0B:9C:EA:43:90:8E:66:63:E6:CB:DB:AD:0F:0B:A0:FE:B7:AE:8C:78
Certificate issuer: /CN=5af0c364da44e8d56630ca9491db8bba68bafdeb
Certificate serial: 0831FD
Authority key identifier: 3A:CD:EC:EC:0C:96:F1:25:C2:1A:2C:6B:E1:E0:D2:E7:78:1F:8A:A6
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5af0c364da44e8d56630ca9491db8bba68bafdeb.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/37014f58-a454-467f-9887-90d8b47e5ee0/2888cd72cc5d4f137d77f8fec693e22a30419fc9.roa
Signing time: Wed 24 Mar 2021 14:29:14 +0000
ROA not before: Wed 24 Mar 2021 14:29:14 +0000
ROA not after: Tue 24 Mar 2026 14:29:14 +0000
asID: 52369
IP address blocks: 179.42.176.0/20 maxlen: 24
190.110.112.0/21 maxlen: 24
190.184.224.0/20 maxlen: 24
2800:c50::/32 maxlen: 64
Validation: Failed, certificate revoked on Sun 31 Mar 2024 03:13:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 537085 (0x831fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5af0c364da44e8d56630ca9491db8bba68bafdeb
Validity
Not Before: Mar 24 14:29:14 2021 GMT
Not After : Mar 24 14:29:14 2026 GMT
Subject: CN=2888cd72cc5d4f137d77f8fec693e22a30419fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b3:a0:bf:d4:84:11:b0:82:47:61:8a:06:b5:
6b:19:23:c4:32:2b:4b:33:78:eb:e3:ee:0b:55:d5:
63:60:6a:04:97:0f:8a:63:f4:a7:82:0f:83:f0:96:
57:8d:3a:44:42:14:a5:ce:96:c1:a1:e9:27:c1:67:
33:21:6b:e0:61:71:b1:e7:e1:31:22:37:58:0d:8e:
8e:46:12:4e:46:5c:b2:0f:b0:24:31:0b:e8:b0:24:
f2:eb:09:12:11:ca:9a:de:23:22:97:e1:a1:bb:73:
07:b9:cd:db:19:c8:98:1d:9a:15:42:55:3a:5a:1f:
15:c2:e9:17:31:93:9f:88:81:b7:bc:34:94:94:e2:
a5:6e:fd:f7:9d:34:38:d1:a4:a5:46:6e:5f:0c:2c:
7d:95:39:0f:91:e2:77:b7:a8:71:d4:3c:c7:c8:92:
78:b2:62:eb:79:19:5b:62:4e:7a:94:22:59:01:66:
d8:55:36:9f:3e:e2:7f:3f:19:00:c0:f5:a5:0c:b9:
e1:ee:86:66:0b:b1:26:77:b7:46:75:e8:2d:40:85:
f5:88:e1:df:a9:ce:d3:4c:3e:d8:88:c8:e6:f6:1f:
11:45:ce:1e:09:ce:95:64:58:d4:b7:3e:57:c6:df:
2c:6c:d1:c5:74:12:81:51:f1:13:d8:f6:4b:82:35:
89:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:9C:EA:43:90:8E:66:63:E6:CB:DB:AD:0F:0B:A0:FE:B7:AE:8C:78
X509v3 Authority Key Identifier:
keyid:3A:CD:EC:EC:0C:96:F1:25:C2:1A:2C:6B:E1:E0:D2:E7:78:1F:8A:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5af0c364da44e8d56630ca9491db8bba68bafdeb.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/37014f58-a454-467f-9887-90d8b47e5ee0/2888cd72cc5d4f137d77f8fec693e22a30419fc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/37014f58-a454-467f-9887-90d8b47e5ee0/5af0c364da44e8d56630ca9491db8bba68bafdeb.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.42.176.0/20
190.110.112.0/21
190.184.224.0/20
IPv6:
2800:c50::/32
Signature Algorithm: sha256WithRSAEncryption
2e:08:31:60:68:5f:24:a1:a4:75:da:a2:13:68:6c:60:fc:56:
35:9f:41:eb:a5:1e:64:e5:94:93:ec:b4:ad:5a:14:26:5d:ed:
60:ed:41:ad:f3:fa:14:bf:44:e0:97:bd:82:f1:93:3b:02:4f:
42:f0:b8:af:10:7b:aa:4c:07:00:00:00:cc:d5:64:4c:ce:92:
39:f4:ea:d1:27:fc:12:1e:9a:f2:c2:8a:02:18:09:e1:6f:fc:
b4:48:00:7c:29:63:ab:aa:19:29:22:be:32:76:60:57:fc:52:
de:7e:6e:c9:8d:2e:34:13:a7:f3:00:15:fa:18:6b:a5:02:1d:
cc:65:66:b4:3e:70:0f:46:a8:c5:aa:fd:06:b5:65:22:ef:b9:
fc:99:9d:da:04:43:a2:e6:79:ae:83:0f:b0:64:9a:8f:7b:10:
8d:f0:9f:32:d5:32:52:38:16:d9:43:d3:71:f3:41:2d:14:1d:
28:ce:e7:1c:53:88:40:e9:83:3d:3f:85:de:a9:1f:13:76:27:
4f:90:03:73:3b:cd:63:c9:a9:cb:c5:b8:36:81:15:ca:38:04:
78:4f:f2:e9:e7:25:3d:06:42:4f:e7:7b:a5:47:02:a6:5a:58:
99:e6:3b:5b:8a:fd:01:d8:4d:57:ff:73:95:e5:a4:e1:42:c1:
21:b5:4c:c3
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIDCDH9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVh
ZjBjMzY0ZGE0NGU4ZDU2NjMwY2E5NDkxZGI4YmJhNjhiYWZkZWIwHhcNMjEwMzI0
MTQyOTE0WhcNMjYwMzI0MTQyOTE0WjAzMTEwLwYDVQQDEygyODg4Y2Q3MmNjNWQ0
ZjEzN2Q3N2Y4ZmVjNjkzZTIyYTMwNDE5ZmM5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAj7Ogv9SEEbCCR2GKBrVrGSPEMitLM3jr4+4LVdVjYGoElw+K
Y/Sngg+D8JZXjTpEQhSlzpbBoeknwWczIWvgYXGx5+ExIjdYDY6ORhJORlyyD7Ak
MQvosCTy6wkSEcqa3iMil+Ghu3MHuc3bGciYHZoVQlU6Wh8VwukXMZOfiIG3vDSU
lOKlbv33nTQ40aSlRm5fDCx9lTkPkeJ3t6hx1DzHyJJ4smLreRlbYk56lCJZAWbY
VTafPuJ/PxkAwPWlDLnh7oZmC7Emd7dGdegtQIX1iOHfqc7TTD7YiMjm9h8RRc4e
Cc6VZFjUtz5Xxt8sbNHFdBKBUfET2PZLgjWJPQIDAQABo4ICdjCCAnIwHQYDVR0O
BBYEFAuc6kOQjmZj5svbrQ8LoP63rox4MB8GA1UdIwQYMBaAFDrN7OwMlvElwhos
a+Hg0ud4H4qmMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNWFmMGMz
NjRkYTQ0ZThkNTY2MzBjYTk0OTFkYjhiYmE2OGJhZmRlYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzcwMTRmNTgtYTQ1NC00NjdmLTk4ODctOTBkOGI0
N2U1ZWUwLzI4ODhjZDcyY2M1ZDRmMTM3ZDc3ZjhmZWM2OTNlMjJhMzA0MTlmYzku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zNzAxNGY1OC1hNDU0LTQ2N2YtOTg4Ny05MGQ4
YjQ3ZTVlZTAvNWFmMGMzNjRkYTQ0ZThkNTY2MzBjYTk0OTFkYjhiYmE2OGJhZmRl
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQr
MCkwGAQCAAEwEgMEBLMqsAMEA75ucAMEBL644DANBAIAAjAHAwUAKAAMUDANBgkq
hkiG9w0BAQsFAAOCAQEALggxYGhfJKGkddqiE2hsYPxWNZ9B66UeZOWUk+y0rVoU
Jl3tYO1BrfP6FL9E4Je9gvGTOwJPQvC4rxB7qkwHAAAAzNVkTM6SOfTq0Sf8Eh6a
8sKKAhgJ4W/8tEgAfCljq6oZKSK+MnZgV/xS3n5uyY0uNBOn8wAV+hhrpQIdzGVm
tD5wD0aoxar9BrVlIu+5/Jmd2gRDouZ5roMPsGSaj3sQjfCfMtUyUjgW2UPTcfNB
LRQdKM7nHFOIQOmDPT+F3qkfE3YnT5ADczvNY8mpy8W4NoEVyjgEeE/y6eclPQZC
T+d7pUcCplpYmeY7W4r9AdhNV/9zleWk4ULBIbVMww==
-----END CERTIFICATE-----
Generated at Sun Mar 31 04:21:54 2024 by rpki-client on console-ams.rpki-client.org