Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/91c81eff-a6cd-4319-b3c3-dca83e866d25/ba58e32cd796ba6794a694fa234c41602d42289f.roa
File: ba58e32cd796ba6794a694fa234c41602d42289f.roa (raw, json)
Hash identifier: /3O/gXm8Murg+XwX8Q4GfNunvbgYkcqyF0sN2lFCi0Y=
Subject key identifier: AD:57:86:C8:79:AC:E5:07:7A:68:3A:2B:34:71:33:0D:6C:C6:A6:D4
Certificate issuer: /CN=1c730cc4f1140e9c3a243768d1052ae2bf36d279
Certificate serial: 27474D
Authority key identifier: 3D:A3:67:37:DA:4A:CD:E5:E9:6B:4B:A9:47:08:77:64:8A:B3:25:19
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1c730cc4f1140e9c3a243768d1052ae2bf36d279.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/91c81eff-a6cd-4319-b3c3-dca83e866d25/ba58e32cd796ba6794a694fa234c41602d42289f.roa
Signing time: Mon 29 Jan 2024 14:43:47 +0000
ROA not before: Mon 29 Jan 2024 14:43:43 +0000
ROA not after: Thu 29 Jan 2026 14:43:43 +0000
asID: 6429
IP address blocks: 200.29.173.0/24 maxlen: 24
200.29.177.0/24 maxlen: 24
200.29.178.0/24 maxlen: 24
200.29.184.0/24 maxlen: 24
200.29.191.0/24 maxlen: 24
200.9.151.0/24 maxlen: 24
190.54.187.0/24 maxlen: 24
190.54.188.0/24 maxlen: 24
190.54.191.0/24 maxlen: 24
190.208.0.0/18 maxlen: 24
200.29.143.0/24 maxlen: 24
190.54.0.0/17 maxlen: 24
200.29.151.0/24 maxlen: 24
190.54.136.0/22 maxlen: 24
200.32.160.0/19 maxlen: 24
190.54.140.0/23 maxlen: 24
190.54.176.0/22 maxlen: 24
190.54.180.0/24 maxlen: 24
190.54.182.0/23 maxlen: 24
190.54.184.0/23 maxlen: 24
200.31.32.0/19 maxlen: 24
2800:3b0:1000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Jan 2024 04:37:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2574157 (0x27474d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c730cc4f1140e9c3a243768d1052ae2bf36d279
Validity
Not Before: Jan 29 14:43:43 2024 GMT
Not After : Jan 29 14:43:43 2026 GMT
Subject: CN=ba58e32cd796ba6794a694fa234c41602d42289f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cf:a3:ac:d2:81:1a:d7:70:3b:74:24:94:63:
48:c8:30:da:2f:f2:40:be:15:a8:f5:4e:6f:f3:56:
40:84:ce:17:3f:42:6a:e3:d1:5e:6c:fd:d0:05:81:
15:60:46:85:0c:52:cb:dd:87:06:3e:0b:91:a1:22:
16:95:36:e9:a1:f4:38:54:9a:0d:94:9a:37:95:76:
d6:0c:d2:19:34:44:e8:b1:1e:c4:f3:5e:f4:ef:e5:
2f:bb:92:d2:8b:34:3a:de:85:a6:61:2a:19:cb:c5:
55:7d:eb:55:0b:a5:ea:f6:75:d4:4a:63:51:f2:4b:
1c:ab:74:b7:1e:2f:3e:cc:2e:9f:29:db:fd:ed:be:
23:6b:64:de:47:48:49:22:74:95:50:fd:63:4a:83:
1d:51:eb:8a:79:a0:f0:20:b7:0d:cf:8d:6d:b5:5e:
15:fc:5e:5a:61:87:27:29:b4:3b:cf:80:71:5d:48:
31:08:9a:50:35:a4:d9:3d:d0:65:e7:f2:0f:7e:f2:
f0:f9:44:9a:1e:27:97:9c:e5:c9:12:4d:55:2b:11:
24:66:1b:09:f7:83:86:28:76:97:83:64:b5:fd:1a:
1f:40:fd:98:f2:b5:3a:5f:93:d2:c5:fc:d1:b6:30:
94:35:69:e9:11:ec:a4:b9:ad:f3:d8:07:fc:b0:dc:
b8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:57:86:C8:79:AC:E5:07:7A:68:3A:2B:34:71:33:0D:6C:C6:A6:D4
X509v3 Authority Key Identifier:
keyid:3D:A3:67:37:DA:4A:CD:E5:E9:6B:4B:A9:47:08:77:64:8A:B3:25:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1c730cc4f1140e9c3a243768d1052ae2bf36d279.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/91c81eff-a6cd-4319-b3c3-dca83e866d25/ba58e32cd796ba6794a694fa234c41602d42289f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/91c81eff-a6cd-4319-b3c3-dca83e866d25/1c730cc4f1140e9c3a243768d1052ae2bf36d279.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
190.54.0.0/17
190.54.136.0-190.54.141.255
190.54.176.0-190.54.180.255
190.54.182.0-190.54.185.255
190.54.187.0-190.54.188.255
190.54.191.0/24
190.208.0.0/18
200.9.151.0/24
200.29.143.0/24
200.29.151.0/24
200.29.173.0/24
200.29.177.0-200.29.178.255
200.29.184.0/24
200.29.191.0/24
200.31.32.0/19
200.32.160.0/19
IPv6:
2800:3b0:1000::/40
Signature Algorithm: sha256WithRSAEncryption
ab:c9:f4:63:14:50:dc:9f:3c:eb:6c:36:88:8a:64:8a:d1:0c:
5e:ef:c3:20:e3:a2:76:93:af:33:b9:e7:1c:30:b6:78:8a:74:
07:01:a3:d8:5d:f7:c5:4a:c0:87:15:ec:2b:85:a9:91:29:f0:
c1:20:bf:9a:85:e8:64:e9:b8:db:18:dd:04:c2:99:87:a0:43:
e9:1f:d2:2a:21:59:c6:bb:92:17:7f:d0:f0:e1:bb:6d:2c:b6:
d0:9e:d8:09:f0:b8:86:f1:93:eb:f0:2e:b9:c9:ba:5e:12:be:
0c:e2:d1:c3:85:97:3a:b1:d2:a3:67:87:79:0d:23:6c:17:9f:
f2:61:18:ad:0a:c5:13:b0:2e:2f:28:4e:7c:65:4e:4d:4c:d6:
b6:81:8d:59:c6:3a:09:fc:3b:ee:b5:8c:44:c3:5a:f2:c2:d5:
38:93:85:58:b4:f0:79:73:27:4d:e4:d2:b2:b7:0a:00:18:fd:
a3:7a:f4:30:1c:b9:2f:91:5a:67:f4:82:7d:97:7d:39:be:44:
b9:b7:ee:92:82:a2:68:b9:99:9b:0c:b5:b0:75:2c:d9:a1:36:
3f:3d:dd:3c:53:45:f8:3e:64:37:f0:e3:29:31:a4:64:b9:cb:
2d:8f:49:af:7e:68:82:59:f7:a1:70:db:86:93:b0:df:05:6a:
d6:8b:4c:bb
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgIDJ0dNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFj
NzMwY2M0ZjExNDBlOWMzYTI0Mzc2OGQxMDUyYWUyYmYzNmQyNzkwHhcNMjQwMTI5
MTQ0MzQzWhcNMjYwMTI5MTQ0MzQzWjAzMTEwLwYDVQQDEyhiYTU4ZTMyY2Q3OTZi
YTY3OTRhNjk0ZmEyMzRjNDE2MDJkNDIyODlmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqc+jrNKBGtdwO3QklGNIyDDaL/JAvhWo9U5v81ZAhM4XP0Jq
49FebP3QBYEVYEaFDFLL3YcGPguRoSIWlTbpofQ4VJoNlJo3lXbWDNIZNETosR7E
81707+Uvu5LSizQ63oWmYSoZy8VVfetVC6Xq9nXUSmNR8kscq3S3Hi8+zC6fKdv9
7b4ja2TeR0hJInSVUP1jSoMdUeuKeaDwILcNz41ttV4V/F5aYYcnKbQ7z4BxXUgx
CJpQNaTZPdBl5/IPfvLw+USaHieXnOXJEk1VKxEkZhsJ94OGKHaXg2S1/RofQP2Y
8rU6X5PSxfzRtjCUNWnpEeykua3z2Af8sNy4sQIDAQABo4IC8jCCAu4wHQYDVR0O
BBYEFK1Xhsh5rOUHemg6KzRxMw1sxqbUMB8GA1UdIwQYMBaAFD2jZzfaSs3l6WtL
qUcId2SKsyUZMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMWM3MzBj
YzRmMTE0MGU5YzNhMjQzNzY4ZDEwNTJhZTJiZjM2ZDI3OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTFjODFlZmYtYTZjZC00MzE5LWIzYzMtZGNhODNl
ODY2ZDI1L2JhNThlMzJjZDc5NmJhNjc5NGE2OTRmYTIzNGM0MTYwMmQ0MjI4OWYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85MWM4MWVmZi1hNmNkLTQzMTktYjNjMy1kY2E4
M2U4NjZkMjUvMWM3MzBjYzRmMTE0MGU5YzNhMjQzNzY4ZDEwNTJhZTJiZjM2ZDI3
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBtQYIKwYBBQUHAQcBAf8E
gaUwgaIwgY8EAgABMIGIAwQHvjYAMAwDBAO+NogDBAG+NowwDAMEBL42sAMEAL42
tDAMAwQBvja2AwQBvja4MAwDBAC+NrsDBAC+NrwDBAC+Nr8DBAa+0AADBADICZcD
BADIHY8DBADIHZcDBADIHa0wDAMEAMgdsQMEAMgdsgMEAMgduAMEAMgdvwMEBcgf
IAMEBcggoDAOBAIAAjAIAwYAKAADsBAwDQYJKoZIhvcNAQELBQADggEBAKvJ9GMU
UNyfPOtsNoiKZIrRDF7vwyDjonaTrzO55xwwtniKdAcBo9hd98VKwIcV7CuFqZEp
8MEgv5qF6GTpuNsY3QTCmYegQ+kf0iohWca7khd/0PDhu20sttCe2AnwuIbxk+vw
LrnJul4Svgzi0cOFlzqx0qNnh3kNI2wXn/JhGK0KxROwLi8oTnxlTk1M1raBjVnG
Ogn8O+61jETDWvLC1TiThVi08HlzJ03k0rK3CgAY/aN69DAcuS+RWmf0gn2XfTm+
RLm37pKComi5mZsMtbB1LNmhNj893TxTRfg+ZDfw4ykxpGS5yy2PSa9+aIJZ96Fw
24aTsN8FataLTLs=
-----END CERTIFICATE-----
Generated at Tue Jan 30 08:44:03 2024 by rpki-client on console-ams.rpki-client.org