Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/50ca7657-eafb-4624-a180-b6f1dd442960/c428625076d0140a0a3479432fb5b5a435dfbbe7.roa
File: c428625076d0140a0a3479432fb5b5a435dfbbe7.roa (raw, json)
Hash identifier: BRp9xvqQNwnpe3eqFMF9i6aTt4Z2i1Gv86A5UnKJIcs=
Subject key identifier: 0C:05:20:3E:79:AD:A4:44:AD:88:F0:8D:CC:81:59:B3:4E:E4:3E:C7
Certificate issuer: /CN=d50c5ae3ec63b7e74bff21cdf59603cefcd04c73
Certificate serial: 111A95
Authority key identifier: 49:64:6F:B8:20:CE:AA:3B:B2:04:1E:D8:B0:16:A7:A7:5B:63:9D:18
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d50c5ae3ec63b7e74bff21cdf59603cefcd04c73.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/50ca7657-eafb-4624-a180-b6f1dd442960/c428625076d0140a0a3479432fb5b5a435dfbbe7.roa
Signing time: Thu 15 Sep 2022 15:24:36 +0000
ROA not before: Thu 08 Sep 2022 16:11:39 +0000
ROA not after: Sun 08 Sep 2024 16:11:39 +0000
asID: 52326
IP address blocks: 190.151.138.0/23 maxlen: 23
190.151.138.0/24 maxlen: 24
190.151.139.0/24 maxlen: 24
190.151.140.0/22 maxlen: 22
190.151.140.0/24 maxlen: 24
190.151.141.0/24 maxlen: 24
190.151.143.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1120917 (0x111a95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50c5ae3ec63b7e74bff21cdf59603cefcd04c73
Validity
Not Before: Sep 8 16:11:39 2022 GMT
Not After : Sep 8 16:11:39 2024 GMT
Subject: CN=c428625076d0140a0a3479432fb5b5a435dfbbe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d7:74:d7:69:58:b9:9b:67:97:bc:9f:85:fa:
b4:74:6e:14:dd:e6:35:46:bc:50:b0:b8:19:54:0a:
65:13:7f:0b:3f:f1:90:57:75:ed:e6:e1:fb:54:04:
63:08:b5:ad:9d:6a:4b:e5:a4:8c:d7:f8:c0:48:90:
41:c6:9c:c6:4d:2f:07:db:87:14:c4:42:5b:1d:f8:
09:ca:26:d3:86:d6:64:5d:56:5a:6f:a4:4a:5e:73:
08:7f:aa:6c:52:10:c7:e9:a0:85:7a:0e:a6:86:ab:
b7:42:f3:43:e0:89:3f:bb:04:43:00:20:47:f8:c6:
e8:f7:99:72:ff:83:43:89:34:12:66:ec:a0:42:bf:
9c:b4:55:10:0f:01:34:4a:be:65:08:ab:80:6e:1a:
ef:92:35:14:5b:e4:4c:62:7c:2a:4a:7f:95:6a:f7:
82:2f:55:a6:d0:01:36:9e:54:48:80:2c:7c:b2:ef:
8b:03:91:95:1d:a4:c8:9b:b0:06:16:56:13:da:06:
ef:c9:fd:5b:83:72:a9:a2:16:b3:eb:f6:5b:c1:95:
7d:40:e4:69:7d:0a:81:01:ce:92:7d:0f:47:63:2f:
6f:82:f7:47:cf:c6:80:2b:d8:5a:51:d4:67:61:74:
fe:55:b4:cc:ac:fd:43:09:8d:f7:0f:36:08:1a:40:
68:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:05:20:3E:79:AD:A4:44:AD:88:F0:8D:CC:81:59:B3:4E:E4:3E:C7
X509v3 Authority Key Identifier:
keyid:49:64:6F:B8:20:CE:AA:3B:B2:04:1E:D8:B0:16:A7:A7:5B:63:9D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d50c5ae3ec63b7e74bff21cdf59603cefcd04c73.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/50ca7657-eafb-4624-a180-b6f1dd442960/c428625076d0140a0a3479432fb5b5a435dfbbe7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/50ca7657-eafb-4624-a180-b6f1dd442960/d50c5ae3ec63b7e74bff21cdf59603cefcd04c73.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
190.151.138.0-190.151.143.255
Signature Algorithm: sha256WithRSAEncryption
28:42:ea:87:0d:76:56:26:cd:9a:59:f9:0f:40:7c:1d:e8:c9:
4d:a0:16:9e:63:b1:f0:2b:ab:ee:8e:d8:12:93:d3:6d:dc:54:
07:4c:34:5e:f6:4b:73:4b:b9:32:e3:bf:cb:ba:36:34:1d:eb:
41:5b:6b:9e:a1:20:b0:c0:5c:31:05:63:4e:3b:aa:53:98:e5:
23:0f:52:62:e3:da:fc:03:34:fb:05:b4:89:6a:81:b9:ce:f2:
5f:4f:36:e3:1b:ec:63:02:27:74:f0:97:63:c7:a3:a2:8e:7d:
61:82:d4:53:95:2e:fc:28:3e:8d:ea:a4:fb:fe:f7:c5:42:0c:
00:de:f8:0e:97:e0:1c:38:b4:5b:14:9e:02:0f:db:10:17:b6:
62:df:bb:70:50:46:dc:72:de:1a:c3:65:97:a1:07:3d:46:70:
5e:bb:01:a8:25:e2:a0:6f:65:6f:96:f6:36:39:c4:b4:19:8a:
63:c9:49:12:cf:ef:68:c7:52:40:11:42:3c:20:5f:99:c7:5e:
55:67:e9:00:c8:ab:87:5b:83:c0:f8:d1:5a:ca:b6:68:7d:28:
5b:b7:ea:30:1d:8b:b7:6b:9d:2b:73:60:f1:5d:1d:03:aa:fb:
1c:ba:39:de:1e:f9:b8:1c:41:d0:45:9a:ec:f7:9a:72:99:47:
cc:17:6e:a6
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDERqVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
MGM1YWUzZWM2M2I3ZTc0YmZmMjFjZGY1OTYwM2NlZmNkMDRjNzMwHhcNMjIwOTA4
MTYxMTM5WhcNMjQwOTA4MTYxMTM5WjAzMTEwLwYDVQQDEyhjNDI4NjI1MDc2ZDAx
NDBhMGEzNDc5NDMyZmI1YjVhNDM1ZGZiYmU3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAo9d012lYuZtnl7yfhfq0dG4U3eY1RrxQsLgZVAplE38LP/GQ
V3Xt5uH7VARjCLWtnWpL5aSM1/jASJBBxpzGTS8H24cUxEJbHfgJyibThtZkXVZa
b6RKXnMIf6psUhDH6aCFeg6mhqu3QvND4Ik/uwRDACBH+Mbo95ly/4NDiTQSZuyg
Qr+ctFUQDwE0Sr5lCKuAbhrvkjUUW+RMYnwqSn+VaveCL1Wm0AE2nlRIgCx8su+L
A5GVHaTIm7AGFlYT2gbvyf1bg3Kpohaz6/ZbwZV9QORpfQqBAc6SfQ9HYy9vgvdH
z8aAK9haUdRnYXT+VbTMrP1DCY33DzYIGkBo4wIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFAwFID55raRErYjwjcyBWbNO5D7HMB8GA1UdIwQYMBaAFElkb7ggzqo7sgQe
2LAWp6dbY50YMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDUwYzVh
ZTNlYzYzYjdlNzRiZmYyMWNkZjU5NjAzY2VmY2QwNGM3My5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTBjYTc2NTctZWFmYi00NjI0LWExODAtYjZmMWRk
NDQyOTYwL2M0Mjg2MjUwNzZkMDE0MGEwYTM0Nzk0MzJmYjViNWE0MzVkZmJiZTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MGNhNzY1Ny1lYWZiLTQ2MjQtYTE4MC1iNmYx
ZGQ0NDI5NjAvZDUwYzVhZTNlYzYzYjdlNzRiZmYyMWNkZjU5NjAzY2VmY2QwNGM3
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQBvpeKAwQEvpeAMA0GCSqGSIb3DQEBCwUAA4IBAQAoQuqH
DXZWJs2aWfkPQHwd6MlNoBaeY7HwK6vujtgSk9Nt3FQHTDRe9ktzS7ky47/LujY0
HetBW2ueoSCwwFwxBWNOO6pTmOUjD1Ji49r8AzT7BbSJaoG5zvJfTzbjG+xjAid0
8Jdjx6Oijn1hgtRTlS78KD6N6qT7/vfFQgwA3vgOl+AcOLRbFJ4CD9sQF7Zi37tw
UEbcct4aw2WXoQc9RnBeuwGoJeKgb2VvlvY2OcS0GYpjyUkSz+9ox1JAEUI8IF+Z
x15VZ+kAyKuHW4PA+NFayrZofShbt+owHYu3a50rc2DxXR0DqvscujneHvm4HEHQ
RZrs95pymUfMF26m
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:34 2023 by rpki-client on console-ams.rpki-client.org