Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/3139302e3130362e36342e302f32302d3234203d3e203238303232.roa
File: 3139302e3130362e36342e302f32302d3234203d3e203238303232.roa (raw, json)
Hash identifier: vGptCy49nSrDMp9wIbKIPZToIt9cCGURqHC8Jd5ZK/c=
Subject key identifier: B3:9D:70:4B:E1:7D:E9:08:16:47:80:8E:3A:76:D7:86:EF:25:B7:EB
Certificate issuer: /CN=2000BFC4CE0B56183990500772974F91AC5629B4
Certificate serial: 1CC4C40E99C9D5A2ADA3AF4E06544981BD41CC2E
Authority key identifier: 20:00:BF:C4:CE:0B:56:18:39:90:50:07:72:97:4F:91:AC:56:29:B4
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2000BFC4CE0B56183990500772974F91AC5629B4.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/3139302e3130362e36342e302f32302d3234203d3e203238303232.roa
Signing time: Tue 05 Mar 2024 18:02:25 +0000
ROA not before: Tue 05 Mar 2024 17:57:25 +0000
ROA not after: Tue 04 Mar 2025 18:02:25 +0000
asID: 28022
IP address blocks: 190.106.64.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:c4:c4:0e:99:c9:d5:a2:ad:a3:af:4e:06:54:49:81:bd:41:cc:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2000BFC4CE0B56183990500772974F91AC5629B4
Validity
Not Before: Mar 5 17:57:25 2024 GMT
Not After : Mar 4 18:02:25 2025 GMT
Subject: CN=B39D704BE17DE9081647808E3A76D786EF25B7EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:60:36:c8:24:7f:94:75:42:1d:72:f4:34:41:
71:02:6b:a0:dd:7a:d8:7e:8e:eb:95:ac:b4:65:14:
17:f2:db:e8:35:e6:04:e3:17:2e:e0:d4:a4:b3:4a:
cc:32:4d:98:39:11:5c:70:0b:cc:8b:3c:36:9f:35:
27:58:76:9d:ff:af:a7:10:29:9a:bf:ba:4a:54:61:
06:7f:e8:98:cf:db:40:14:d3:5c:d8:92:62:ce:88:
9d:50:e1:de:05:70:72:7c:f5:f6:a7:94:92:47:77:
83:cf:50:18:9c:79:31:7b:77:56:c8:f5:c3:9f:28:
26:4e:25:b1:91:3c:3d:3f:94:a1:e8:4d:fa:91:ce:
a6:b8:c5:06:4a:1b:18:ab:d4:4e:1a:03:dd:2e:fc:
34:15:00:b7:4c:52:27:ec:3f:82:6c:2f:d7:2f:0b:
ee:98:05:e5:62:d5:09:ce:fa:45:90:a2:1f:4c:3a:
61:1e:08:73:93:dc:2f:89:b4:27:36:a5:b9:e9:ac:
ba:a7:79:81:dc:06:ce:a6:f9:7a:83:72:75:a5:f4:
1e:25:75:53:20:22:77:6b:2c:20:55:0b:f7:48:15:
9c:d7:8a:e0:3d:6e:62:84:0e:01:79:3b:60:86:c8:
89:22:a2:84:d9:96:2b:77:11:ce:1e:92:2d:3b:60:
36:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:9D:70:4B:E1:7D:E9:08:16:47:80:8E:3A:76:D7:86:EF:25:B7:EB
X509v3 Authority Key Identifier:
keyid:20:00:BF:C4:CE:0B:56:18:39:90:50:07:72:97:4F:91:AC:56:29:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/2000BFC4CE0B56183990500772974F91AC5629B4.crl
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2000BFC4CE0B56183990500772974F91AC5629B4.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/3139302e3130362e36342e302f32302d3234203d3e203238303232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
190.106.64.0/20
Signature Algorithm: sha256WithRSAEncryption
69:1f:81:d1:56:a4:14:87:bd:5b:20:58:dc:ea:b7:d7:25:64:
c1:ef:84:94:2e:2e:39:2d:20:30:d9:e6:15:67:9f:63:b8:53:
53:52:cf:a4:e4:36:e5:90:b5:c2:ba:5e:c9:fb:86:19:9f:62:
3b:bc:fb:2e:e2:89:35:2c:86:d7:4b:f7:c4:7c:ce:1c:f3:49:
e3:27:3a:4e:07:60:3b:e3:09:18:b7:ac:cd:2e:7b:cf:45:88:
72:c5:87:ce:1f:cc:6e:75:fe:fe:7c:86:b2:2f:4d:51:8c:9c:
3a:67:d2:31:c7:8d:b8:78:18:bb:9e:47:b0:35:ea:65:1a:19:
0c:5e:f8:a6:48:6d:8b:d4:2f:3d:81:a4:0f:e8:77:f1:06:3b:
8f:62:07:85:19:4f:a3:9c:b4:38:33:ff:b0:19:77:67:ac:36:
b3:da:14:29:75:f9:46:01:0e:7a:fd:18:64:15:c4:02:54:c1:
13:44:26:d4:6f:03:11:81:f6:16:b2:18:be:cf:68:17:c1:01:
9c:02:09:29:24:1b:f7:de:42:43:60:69:2a:3e:80:55:b2:09:
2e:fc:0c:a6:fe:26:c5:63:f6:da:b2:dc:0e:72:9f:c3:00:72:
9e:0c:95:b7:9c:f3:c1:b5:94:e1:44:eb:fc:70:44:a5:ed:f6:
f8:0e:31:8a
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUHMTEDpnJ1aKto69OBlRJgb1BzC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjAwMEJGQzRDRTBCNTYxODM5OTA1MDA3NzI5NzRGOTFB
QzU2MjlCNDAeFw0yNDAzMDUxNzU3MjVaFw0yNTAzMDQxODAyMjVaMDMxMTAvBgNV
BAMTKEIzOUQ3MDRCRTE3REU5MDgxNjQ3ODA4RTNBNzZENzg2RUYyNUI3RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbYDbIJH+UdUIdcvQ0QXECa6Dd
eth+juuVrLRlFBfy2+g15gTjFy7g1KSzSswyTZg5EVxwC8yLPDafNSdYdp3/r6cQ
KZq/ukpUYQZ/6JjP20AU01zYkmLOiJ1Q4d4FcHJ89fanlJJHd4PPUBiceTF7d1bI
9cOfKCZOJbGRPD0/lKHoTfqRzqa4xQZKGxir1E4aA90u/DQVALdMUifsP4JsL9cv
C+6YBeVi1QnO+kWQoh9MOmEeCHOT3C+JtCc2pbnprLqneYHcBs6m+XqDcnWl9B4l
dVMgIndrLCBVC/dIFZzXiuA9bmKEDgF5O2CGyIkiooTZlit3Ec4eki07YDYxAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUs51wS+F96QgWR4COOnbXhu8lt+swHwYDVR0j
BBgwFoAUIAC/xM4LVhg5kFAHcpdPkaxWKbQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82NTFCMDZDNTlBMEIxNjJCRUUyNUQwNTkxMzMzQUVDMkVD
MTkyMUIyNjNFODlFRTc2MERDN0I3NUZBRkFCRjU1LzAvMjAwMEJGQzRDRTBCNTYx
ODM5OTA1MDA3NzI5NzRGOTFBQzU2MjlCNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMDAwQkZDNENFMEI1NjE4Mzk5
MDUwMDc3Mjk3NEY5MUFDNTYyOUI0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjUxQjA2QzU5QTBCMTYyQkVFMjVEMDU5MTMzM0FFQzJFQzE5MjFCMjYz
RTg5RUU3NjBEQzdCNzVGQUZBQkY1NS8wLzMxMzkzMDJlMzEzMDM2MmUzNjM0MmUz
MDJmMzIzMDJkMzIzNDIwM2QzZTIwMzIzODMwMzIzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBL5qQDAN
BgkqhkiG9w0BAQsFAAOCAQEAaR+B0VakFIe9WyBY3Oq31yVkwe+ElC4uOS0gMNnm
FWefY7hTU1LPpOQ25ZC1wrpeyfuGGZ9iO7z7LuKJNSyG10v3xHzOHPNJ4yc6Tgdg
O+MJGLeszS57z0WIcsWHzh/MbnX+/nyGsi9NUYycOmfSMceNuHgYu55HsDXqZRoZ
DF74pkhti9QvPYGkD+h38QY7j2IHhRlPo5y0ODP/sBl3Z6w2s9oUKXX5RgEOev0Y
ZBXEAlTBE0Qm1G8DEYH2FrIYvs9oF8EBnAIJKSQb995CQ2BpKj6AVbIJLvwMpv4m
xWP22rLcDnKfwwByngyVt5zzwbWU4UTr/HBEpe32+A4xig==
-----END CERTIFICATE-----
Generated at Thu Sep 12 19:19:18 2024 by rpki-client on console-fra.rpki-client.org