Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/29ea5852881b03a002b2c0916b55c35c85a81cf1.roa
File: 29ea5852881b03a002b2c0916b55c35c85a81cf1.roa (raw, json)
Hash identifier: 8HFP1/ITsrDjpFdWzwL1MCjxmb1FGEBT3AzdfbjDKxQ=
Subject key identifier: 62:4C:FD:09:E5:DC:09:B9:23:C7:56:01:5A:AA:C6:D8:B8:B8:12:21
Certificate issuer: /CN=a7237d32fd35bbf0fdba7734a8368fd9626eca5a
Certificate serial: 27E449
Authority key identifier: BE:02:D2:36:F8:B0:06:BA:87:81:2A:20:2E:F5:B7:66:DC:8E:30:3F
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/29ea5852881b03a002b2c0916b55c35c85a81cf1.roa
Signing time: Mon 12 Feb 2024 15:10:03 +0000
ROA not before: Mon 12 Feb 2024 15:09:57 +0000
ROA not after: Mon 12 Feb 2029 15:09:57 +0000
asID: 262199
IP address blocks: 190.242.121.0/24 maxlen: 24
190.242.148.0/22 maxlen: 22
190.242.158.0/23 maxlen: 24
190.242.160.0/23 maxlen: 24
190.242.162.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2614345 (0x27e449)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7237d32fd35bbf0fdba7734a8368fd9626eca5a
Validity
Not Before: Feb 12 15:09:57 2024 GMT
Not After : Feb 12 15:09:57 2029 GMT
Subject: CN=29ea5852881b03a002b2c0916b55c35c85a81cf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:72:02:00:82:01:ac:cd:21:19:b5:1a:90:e3:
fd:19:22:36:7c:45:55:df:9d:d2:ab:2f:d4:5e:34:
42:f1:1a:f2:9c:01:75:e2:b0:45:43:f9:35:4a:43:
f9:bf:76:9d:f5:cb:10:f3:86:aa:de:ee:88:58:32:
df:e8:1e:d7:67:8b:fa:fe:76:fb:29:aa:e1:c1:69:
61:09:10:c4:fb:8e:ad:01:1c:e7:61:45:1a:56:0e:
1d:d4:79:d9:11:79:ad:60:3e:e0:a8:15:aa:88:34:
f1:d8:f8:35:38:23:0b:e2:9a:37:76:3b:48:c2:61:
e1:d8:17:41:c2:5d:3c:cd:01:a2:34:3a:44:73:22:
93:da:2d:ff:b7:aa:43:ab:fb:10:87:d9:1c:03:ee:
e7:d5:17:10:ca:14:3a:bd:9a:a9:d8:53:a0:6c:fa:
16:91:d2:e2:43:53:cf:7f:1d:84:25:11:a1:0f:8e:
98:dc:38:fe:8c:57:b8:4f:fc:84:da:ea:77:2e:6d:
c6:50:72:27:81:8e:a3:38:f5:ad:cc:85:50:8b:b9:
66:c3:5f:a0:bc:dc:25:3f:7b:d5:2e:0e:36:a5:3a:
b6:97:a4:6e:4b:99:b5:4c:a6:e1:9e:6b:3c:bd:b3:
83:a8:99:74:40:43:e7:20:d3:af:6c:4a:61:51:89:
0d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4C:FD:09:E5:DC:09:B9:23:C7:56:01:5A:AA:C6:D8:B8:B8:12:21
X509v3 Authority Key Identifier:
keyid:BE:02:D2:36:F8:B0:06:BA:87:81:2A:20:2E:F5:B7:66:DC:8E:30:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/29ea5852881b03a002b2c0916b55c35c85a81cf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
190.242.121.0/24
190.242.148.0/22
190.242.158.0-190.242.162.255
Signature Algorithm: sha256WithRSAEncryption
09:66:a1:19:99:21:fb:95:b1:10:39:47:86:71:bd:ce:d5:ff:
e1:13:b0:7e:d6:d8:89:a0:14:60:f9:a5:c9:f2:64:f4:da:01:
75:ee:f7:bd:2a:10:87:e4:3a:73:d1:67:14:21:87:b8:fa:cb:
6a:af:95:6d:33:3e:d0:15:e2:b6:b0:99:3e:7a:b2:b4:96:30:
ab:c7:e4:c0:3d:bd:b6:a1:65:d8:09:16:53:ad:f2:51:6b:b1:
d9:d6:b2:7c:f6:be:16:02:10:89:2d:e3:ae:06:37:27:d0:cd:
cc:a1:2e:98:a1:9f:7f:29:96:99:8c:80:ef:6c:99:76:1d:a9:
d0:8c:c6:cc:43:b9:da:5f:96:4c:30:5b:ac:56:1b:4b:79:fc:
80:35:ce:89:d0:ce:08:11:bc:b7:50:b9:2c:c2:46:6d:af:f2:
e2:5f:d0:b5:42:df:73:1f:c4:85:be:1e:a5:cb:16:87:04:cf:
5b:07:5e:e7:ee:c2:a3:3b:0e:2f:df:28:9c:c6:78:d6:93:2d:
13:c5:36:98:60:dd:22:db:36:24:26:21:14:6a:38:09:23:c5:
3d:48:14:49:2e:00:de:da:11:8b:b6:ab:57:94:67:26:a3:1c:
57:ea:c1:fd:32:53:f1:b5:0e:91:8c:f6:ea:b2:6c:51:24:ac:
b1:fa:f4:f2
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIDJ+RJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
MjM3ZDMyZmQzNWJiZjBmZGJhNzczNGE4MzY4ZmQ5NjI2ZWNhNWEwHhcNMjQwMjEy
MTUwOTU3WhcNMjkwMjEyMTUwOTU3WjAzMTEwLwYDVQQDEygyOWVhNTg1Mjg4MWIw
M2EwMDJiMmMwOTE2YjU1YzM1Yzg1YTgxY2YxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApnICAIIBrM0hGbUakOP9GSI2fEVV353Sqy/UXjRC8RrynAF1
4rBFQ/k1SkP5v3ad9csQ84aq3u6IWDLf6B7XZ4v6/nb7KarhwWlhCRDE+46tARzn
YUUaVg4d1HnZEXmtYD7gqBWqiDTx2Pg1OCML4po3djtIwmHh2BdBwl08zQGiNDpE
cyKT2i3/t6pDq/sQh9kcA+7n1RcQyhQ6vZqp2FOgbPoWkdLiQ1PPfx2EJRGhD46Y
3Dj+jFe4T/yE2up3Lm3GUHIngY6jOPWtzIVQi7lmw1+gvNwlP3vVLg42pTq2l6Ru
S5m1TKbhnms8vbODqJl0QEPnINOvbEphUYkNKQIDAQABo4ICbzCCAmswHQYDVR0O
BBYEFGJM/Qnl3Am5I8dWAVqqxti4uBIhMB8GA1UdIwQYMBaAFL4C0jb4sAa6h4Eq
IC71t2bcjjA/MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTcyMzdk
MzJmZDM1YmJmMGZkYmE3NzM0YTgzNjhmZDk2MjZlY2E1YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjdlZDkwMDgtYWUzNC00NGJlLTg4MmYtNTkzODEy
MDFiMWUxLzI5ZWE1ODUyODgxYjAzYTAwMmIyYzA5MTZiNTVjMzVjODVhODFjZjEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82N2VkOTAwOC1hZTM0LTQ0YmUtODgyZi01OTM4
MTIwMWIxZTEvYTcyMzdkMzJmZDM1YmJmMGZkYmE3NzM0YTgzNjhmZDk2MjZlY2E1
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQk
MCIwIAQCAAEwGgMEAL7yeQMEAr7ylDAMAwQBvvKeAwQAvvKiMA0GCSqGSIb3DQEB
CwUAA4IBAQAJZqEZmSH7lbEQOUeGcb3O1f/hE7B+1tiJoBRg+aXJ8mT02gF17ve9
KhCH5Dpz0WcUIYe4+stqr5VtMz7QFeK2sJk+erK0ljCrx+TAPb22oWXYCRZTrfJR
a7HZ1rJ89r4WAhCJLeOuBjcn0M3MoS6YoZ9/KZaZjIDvbJl2HanQjMbMQ7naX5ZM
MFusVhtLefyANc6J0M4IEby3ULkswkZtr/LiX9C1Qt9zH8SFvh6lyxaHBM9bB17n
7sKjOw4v3yicxnjWky0TxTaYYN0i2zYkJiEUajgJI8U9SBRJLgDe2hGLtqtXlGcm
oxxX6sH9MlPxtQ6RjPbqsmxRJKyx+vTy
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:49 2024 by rpki-client on console-fra.rpki-client.org