Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/23ba9363c4978e195ddba9a96fccba7a55545862.roa
File: 23ba9363c4978e195ddba9a96fccba7a55545862.roa (raw, json)
Hash identifier: cBhZ1+WLBanu/fdfyUgp1jMqwDaNfFXzDuWkAQS7rCk=
Subject key identifier: 8D:19:F8:44:44:77:2C:ED:76:AF:07:31:CC:FE:CE:FE:B7:1A:93:3F
Certificate issuer: /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial: 122B6C
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/23ba9363c4978e195ddba9a96fccba7a55545862.roa
Signing time: Wed 29 Nov 2023 15:36:31 +0000
ROA not before: Wed 29 Nov 2023 15:36:31 +0000
ROA not after: Sat 29 Nov 2025 15:36:31 +0000
asID: 264830
IP address blocks: 201.251.215.0/24 maxlen: 24
201.251.216.0/22 maxlen: 24
201.251.220.0/24 maxlen: 24
201.251.235.0/24 maxlen: 24
201.251.236.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1190764 (0x122b6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Validity
Not Before: Nov 29 15:36:31 2023 GMT
Not After : Nov 29 15:36:31 2025 GMT
Subject: CN=23ba9363c4978e195ddba9a96fccba7a55545862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:30:83:19:ed:e8:a3:f8:be:02:9c:d6:f9:31:
c8:4c:2f:fd:25:a1:31:09:a3:e0:29:85:83:de:30:
72:1f:fa:fa:af:69:b7:6c:2e:e9:b3:b7:26:34:2a:
9c:3c:39:ed:70:8c:67:73:9f:1c:47:4c:4c:18:59:
5a:99:04:7a:68:ee:ac:cd:1a:10:28:a8:17:63:df:
f2:71:fa:b7:ca:99:4d:02:45:dc:54:a5:40:c8:fd:
06:1d:30:c3:92:4a:49:dc:c2:f5:68:29:72:27:54:
04:18:66:86:19:26:d3:50:79:b8:f9:c6:4b:cd:e5:
0f:1d:cc:d4:05:74:30:01:b5:a5:ab:93:0a:32:2b:
dc:a4:ce:e4:aa:5b:33:33:e7:4d:29:89:0b:34:e1:
f3:92:54:95:e8:15:34:7b:6c:6b:23:38:00:61:12:
c3:0d:fc:02:dc:de:30:cd:10:dd:82:1b:01:b4:01:
47:f7:9a:eb:fe:a1:bf:39:81:a8:8b:12:e9:f9:db:
ec:4d:d0:52:ca:60:0c:25:c1:a3:98:64:e8:aa:67:
38:d6:be:67:59:f4:f7:80:db:d5:d6:5f:3e:94:17:
41:ec:cd:0b:82:0d:64:ab:85:ff:2f:3f:1b:d4:78:
02:8f:94:67:43:97:02:53:f5:f5:94:60:cd:76:f3:
87:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:19:F8:44:44:77:2C:ED:76:AF:07:31:CC:FE:CE:FE:B7:1A:93:3F
X509v3 Authority Key Identifier:
keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/23ba9363c4978e195ddba9a96fccba7a55545862.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
201.251.215.0-201.251.220.255
201.251.235.0-201.251.236.255
Signature Algorithm: sha256WithRSAEncryption
95:b6:e4:d4:a5:22:21:4a:59:27:ef:89:a0:67:6d:8a:a1:e6:
1a:94:b4:41:35:84:75:5a:14:4a:22:4e:f0:14:ad:c4:2b:e8:
37:53:39:ef:02:ee:0d:06:11:d0:9b:27:e2:be:b3:7a:88:3e:
b9:bc:ff:b0:18:bc:1a:7e:63:a2:32:03:00:f6:81:34:ca:e7:
00:41:5e:8d:46:66:0c:83:ce:9f:67:6b:eb:89:96:91:59:91:
52:da:0c:dd:da:7a:29:8a:88:25:53:64:6d:e2:12:30:a0:b3:
7d:77:2e:96:ad:ea:6b:69:e8:b3:68:6d:80:81:f0:e3:c3:e5:
55:ed:dc:5d:b9:a3:fe:09:42:99:87:a3:ca:cd:a0:a2:3c:55:
4d:bd:68:b4:f3:6a:74:d0:d8:0a:5e:d1:53:f7:2e:14:ff:9d:
06:48:5a:fc:45:ee:2c:63:c6:79:7e:17:23:54:40:2e:e0:6b:
50:e1:bf:83:d8:21:f2:58:5c:5d:c6:f8:cc:bd:06:81:15:2b:
68:93:e0:fa:8c:7d:9e:8b:7e:db:14:14:45:67:7d:48:37:01:
d1:fa:b9:d0:0e:a8:ec:eb:cf:a3:70:2c:87:c7:a5:68:f9:dc:
dc:5d:71:1c:f8:1e:db:9d:b4:91:59:9f:c0:9f:a1:dd:90:b4:
e8:27:21:cf
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIDEitsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTUzNjMxWhcNMjUxMTI5MTUzNjMxWjAzMTEwLwYDVQQDEygyM2JhOTM2M2M0OTc4
ZTE5NWRkYmE5YTk2ZmNjYmE3YTU1NTQ1ODYyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmDCDGe3oo/i+ApzW+THITC/9JaExCaPgKYWD3jByH/r6r2m3
bC7ps7cmNCqcPDntcIxnc58cR0xMGFlamQR6aO6szRoQKKgXY9/ycfq3yplNAkXc
VKVAyP0GHTDDkkpJ3ML1aClyJ1QEGGaGGSbTUHm4+cZLzeUPHczUBXQwAbWlq5MK
MivcpM7kqlszM+dNKYkLNOHzklSV6BU0e2xrIzgAYRLDDfwC3N4wzRDdghsBtAFH
95rr/qG/OYGoixLp+dvsTdBSymAMJcGjmGToqmc41r5nWfT3gNvV1l8+lBdB7M0L
gg1kq4X/Lz8b1HgCj5RnQ5cCU/X1lGDNdvOHsQIDAQABo4ICcTCCAm0wHQYDVR0O
BBYEFI0Z+EREdyztdq8HMcz+zv63GpM/MB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzIzYmE5MzYzYzQ5NzhlMTk1ZGRiYTlhOTZmY2NiYTdhNTU1NDU4NjIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQm
MCQwIgQCAAEwHDAMAwQAyfvXAwQAyfvcMAwDBADJ++sDBADJ++wwDQYJKoZIhvcN
AQELBQADggEBAJW25NSlIiFKWSfviaBnbYqh5hqUtEE1hHVaFEoiTvAUrcQr6DdT
Oe8C7g0GEdCbJ+K+s3qIPrm8/7AYvBp+Y6IyAwD2gTTK5wBBXo1GZgyDzp9na+uJ
lpFZkVLaDN3aeimKiCVTZG3iEjCgs313Lpat6mtp6LNobYCB8OPD5VXt3F25o/4J
QpmHo8rNoKI8VU29aLTzanTQ2Ape0VP3LhT/nQZIWvxF7ixjxnl+FyNUQC7ga1Dh
v4PYIfJYXF3G+My9BoEVK2iT4PqMfZ6LftsUFEVnfUg3AdH6udAOqOzrz6NwLIfH
pWj53NxdcRz4HtudtJFZn8Cfod2QtOgnIc8=
-----END CERTIFICATE-----
Generated at Mon Apr 15 17:25:33 2024 by rpki-client on console-ams.rpki-client.org