Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/50ca7657-eafb-4624-a180-b6f1dd442960/c20ebf6b33b238fc051c8f145d0e8220bf8f8c69.roa
File: c20ebf6b33b238fc051c8f145d0e8220bf8f8c69.roa (raw, json)
Hash identifier: D7vH9yDAD22c65sAftr4hygYz+/yDtAt0t57hp7hRD0=
Subject key identifier: A3:1D:A7:B8:27:31:E0:5D:22:C6:2B:58:CA:AC:E9:E4:4C:7C:59:5D
Certificate issuer: /CN=d50c5ae3ec63b7e74bff21cdf59603cefcd04c73
Certificate serial: 10F908
Authority key identifier: 49:64:6F:B8:20:CE:AA:3B:B2:04:1E:D8:B0:16:A7:A7:5B:63:9D:18
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d50c5ae3ec63b7e74bff21cdf59603cefcd04c73.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/50ca7657-eafb-4624-a180-b6f1dd442960/c20ebf6b33b238fc051c8f145d0e8220bf8f8c69.roa
Signing time: Fri 09 Sep 2022 15:34:22 +0000
ROA not before: Thu 08 Sep 2022 16:11:39 +0000
ROA not after: Sun 08 Sep 2024 16:11:39 +0000
asID: 52326
IP address blocks: 190.151.138.0/23 maxlen: 24
190.151.138.0/24 maxlen: 24
190.151.139.0/24 maxlen: 24
190.151.140.0/22 maxlen: 24
190.151.140.0/24 maxlen: 24
190.151.141.0/24 maxlen: 24
190.151.143.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1112328 (0x10f908)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50c5ae3ec63b7e74bff21cdf59603cefcd04c73
Validity
Not Before: Sep 8 16:11:39 2022 GMT
Not After : Sep 8 16:11:39 2024 GMT
Subject: CN=c20ebf6b33b238fc051c8f145d0e8220bf8f8c69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:33:c8:9a:bf:4f:68:fa:9d:47:66:a6:72:fd:
26:97:c2:8a:4c:dd:65:a0:3c:85:30:bb:52:96:89:
7e:74:e7:9b:e5:05:19:a7:75:c1:8e:80:65:3d:87:
a0:f6:c7:d7:bb:f4:bd:8e:aa:5a:d9:f2:57:bd:ac:
f1:a2:16:90:6e:13:1d:19:ad:ee:09:af:5d:a0:19:
d0:d7:6e:ed:b3:79:15:f7:59:5a:c6:6f:ef:53:0c:
bb:8c:35:9c:e1:b9:32:24:8c:4f:6e:49:0d:53:4e:
6a:88:ca:a0:fc:28:8c:6d:45:c7:b4:36:06:8d:5d:
62:d0:6e:2c:7c:1d:5a:21:92:18:18:3f:68:2e:50:
de:11:e7:55:89:2f:50:61:82:e0:7b:eb:b9:d4:d8:
ae:74:3d:6d:56:a9:59:6d:eb:e6:f7:c6:42:82:e8:
7c:b0:c6:ad:60:2f:cd:43:da:12:fc:8f:b6:a9:5d:
de:0b:6e:82:c7:8d:d3:e3:b5:da:af:5d:77:3f:63:
c2:7d:c6:a8:d5:de:71:0c:65:bf:3a:37:64:25:39:
b6:f4:93:1b:8b:98:51:fb:30:a7:bd:ea:64:bb:5a:
cd:80:58:4e:ef:30:b3:0a:1c:eb:50:42:b3:3b:33:
2a:9e:35:48:d1:e3:d1:de:6c:67:29:56:0f:c2:b9:
f2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:1D:A7:B8:27:31:E0:5D:22:C6:2B:58:CA:AC:E9:E4:4C:7C:59:5D
X509v3 Authority Key Identifier:
keyid:49:64:6F:B8:20:CE:AA:3B:B2:04:1E:D8:B0:16:A7:A7:5B:63:9D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d50c5ae3ec63b7e74bff21cdf59603cefcd04c73.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/50ca7657-eafb-4624-a180-b6f1dd442960/c20ebf6b33b238fc051c8f145d0e8220bf8f8c69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/50ca7657-eafb-4624-a180-b6f1dd442960/d50c5ae3ec63b7e74bff21cdf59603cefcd04c73.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
190.151.138.0-190.151.143.255
Signature Algorithm: sha256WithRSAEncryption
72:a4:1d:51:ef:a3:da:46:96:21:19:9b:69:85:67:c7:ce:0b:
a1:9c:a8:39:08:90:8b:d5:79:1f:2a:0f:7c:43:79:ff:f4:34:
c2:fa:8e:12:e7:98:31:41:32:74:37:7e:3d:1f:45:94:25:32:
78:93:ac:25:c5:04:af:65:5a:06:30:d5:c3:a6:6e:8c:d4:c7:
92:0d:b8:30:ad:38:8c:ba:fd:51:77:08:d2:1d:26:33:d9:fa:
58:9d:b7:6e:80:ed:12:3b:16:1e:f9:30:fa:4c:c1:e0:b4:08:
42:de:95:f9:f4:e4:40:a9:7d:71:e4:e7:81:19:9d:76:c5:ee:
cd:8b:f6:7c:2c:3b:9e:4a:ac:a8:3b:d6:37:11:71:44:88:e7:
e4:bb:13:c2:22:a0:d4:00:8a:9d:f8:29:eb:b9:e8:1c:c2:36:
85:b5:cf:05:de:1e:b5:e5:4e:2e:82:04:62:a6:79:bd:57:ca:
16:e4:01:ee:20:72:9e:ec:99:0b:0a:ed:3d:70:dd:bf:30:c2:
39:b6:46:72:b3:64:cc:e0:1e:11:b2:5b:3a:af:06:ed:eb:98:
12:a1:b1:10:65:99:46:22:67:de:12:b9:c6:69:44:5a:23:6e:
51:87:a4:35:4d:ed:11:41:25:e4:3a:3a:f0:e2:d2:43:37:ff:
f4:ce:84:59
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDEPkIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
MGM1YWUzZWM2M2I3ZTc0YmZmMjFjZGY1OTYwM2NlZmNkMDRjNzMwHhcNMjIwOTA4
MTYxMTM5WhcNMjQwOTA4MTYxMTM5WjAzMTEwLwYDVQQDEyhjMjBlYmY2YjMzYjIz
OGZjMDUxYzhmMTQ1ZDBlODIyMGJmOGY4YzY5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAizPImr9PaPqdR2amcv0ml8KKTN1loDyFMLtSlol+dOeb5QUZ
p3XBjoBlPYeg9sfXu/S9jqpa2fJXvazxohaQbhMdGa3uCa9doBnQ127ts3kV91la
xm/vUwy7jDWc4bkyJIxPbkkNU05qiMqg/CiMbUXHtDYGjV1i0G4sfB1aIZIYGD9o
LlDeEedViS9QYYLge+u51NiudD1tVqlZbevm98ZCguh8sMatYC/NQ9oS/I+2qV3e
C26Cx43T47Xar113P2PCfcao1d5xDGW/OjdkJTm29JMbi5hR+zCnvepku1rNgFhO
7zCzChzrUEKzOzMqnjVI0ePR3mxnKVYPwrny6QIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFKMdp7gnMeBdIsYrWMqs6eRMfFldMB8GA1UdIwQYMBaAFElkb7ggzqo7sgQe
2LAWp6dbY50YMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDUwYzVh
ZTNlYzYzYjdlNzRiZmYyMWNkZjU5NjAzY2VmY2QwNGM3My5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTBjYTc2NTctZWFmYi00NjI0LWExODAtYjZmMWRk
NDQyOTYwL2MyMGViZjZiMzNiMjM4ZmMwNTFjOGYxNDVkMGU4MjIwYmY4ZjhjNjku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MGNhNzY1Ny1lYWZiLTQ2MjQtYTE4MC1iNmYx
ZGQ0NDI5NjAvZDUwYzVhZTNlYzYzYjdlNzRiZmYyMWNkZjU5NjAzY2VmY2QwNGM3
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQBvpeKAwQEvpeAMA0GCSqGSIb3DQEBCwUAA4IBAQBypB1R
76PaRpYhGZtphWfHzguhnKg5CJCL1XkfKg98Q3n/9DTC+o4S55gxQTJ0N349H0WU
JTJ4k6wlxQSvZVoGMNXDpm6M1MeSDbgwrTiMuv1RdwjSHSYz2fpYnbdugO0SOxYe
+TD6TMHgtAhC3pX59ORAqX1x5OeBGZ12xe7Ni/Z8LDueSqyoO9Y3EXFEiOfkuxPC
IqDUAIqd+CnruegcwjaFtc8F3h615U4uggRipnm9V8oW5AHuIHKe7JkLCu09cN2/
MMI5tkZys2TM4B4Rsls6rwbt65gSobEQZZlGImfeErnGaURaI25Rh6Q1Te0RQSXk
Ojrw4tJDN//0zoRZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:18 2023 by rpki-client on console-fra.rpki-client.org