Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/95768f2d-c858-4ead-b85c-580ee3c53caf/3cd6253a0b62ba6450e6f909a1ec0245de5e8cc0.roa
File: 3cd6253a0b62ba6450e6f909a1ec0245de5e8cc0.roa (raw, json)
Hash identifier: Rc4EEtuMX7xu52cgiS1iBXk+o72p/zQ/+Ptl8R++GEg=
Subject key identifier: B8:DD:51:A7:21:E1:44:26:0D:54:11:AE:40:EE:FF:33:C0:10:58:6C
Certificate issuer: /CN=637d8fdc4535b0e4099c644d47106ef014aaaeea
Certificate serial: 0D379C
Authority key identifier: 48:34:2B:6E:D3:2F:1C:9A:0E:26:05:34:12:EA:A7:7F:83:5F:25:F6
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/637d8fdc4535b0e4099c644d47106ef014aaaeea.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/95768f2d-c858-4ead-b85c-580ee3c53caf/3cd6253a0b62ba6450e6f909a1ec0245de5e8cc0.roa
Signing time: Wed 24 Mar 2021 14:32:47 +0000
ROA not before: Wed 24 Mar 2021 14:32:47 +0000
ROA not after: Tue 24 Mar 2026 14:32:47 +0000
asID: 27792
IP address blocks: 181.189.192.0/19 maxlen: 24
190.6.96.0/20 maxlen: 24
190.6.112.0/21 maxlen: 24
200.2.120.0/21 maxlen: 24
2800:5a0::/32 maxlen: 35
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 866204 (0xd379c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=637d8fdc4535b0e4099c644d47106ef014aaaeea
Validity
Not Before: Mar 24 14:32:47 2021 GMT
Not After : Mar 24 14:32:47 2026 GMT
Subject: CN=3cd6253a0b62ba6450e6f909a1ec0245de5e8cc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a3:c4:b9:1f:45:98:84:36:b3:6d:6f:17:aa:
ea:ff:91:10:d8:90:46:1d:70:f1:f2:22:04:39:85:
e9:1c:a4:1b:5b:57:46:cb:88:d8:65:3a:99:99:58:
2d:38:3b:b8:7f:9c:17:f9:13:0c:46:1d:3b:45:64:
7a:0c:b0:91:e7:83:44:0c:25:c2:6f:77:03:9e:50:
d2:7a:41:24:88:e3:29:72:74:b0:f0:e3:86:d0:e7:
9c:be:d7:59:20:c8:46:0d:2b:2a:cc:75:af:ba:e4:
5d:bc:b7:2a:a6:cf:af:56:03:14:b7:83:3e:71:f4:
2b:8c:4e:d1:7e:28:7d:64:e8:f9:59:eb:4b:cd:d3:
12:f3:a5:14:8e:03:5a:74:01:1c:5a:c5:ed:98:c8:
92:77:83:0a:27:c8:83:dc:72:d0:a9:d8:42:91:1d:
c8:db:24:59:c2:be:75:88:9b:d7:2c:f6:7e:15:53:
a0:2e:8d:02:6f:c8:24:59:67:0b:ed:45:86:b4:87:
99:d0:4d:b6:18:49:87:3e:2e:93:a4:b8:a5:e7:28:
74:61:b2:36:ae:f9:0b:89:4e:52:e7:73:62:45:71:
25:29:93:0a:05:88:a9:0b:a5:5c:f6:dd:55:c8:d3:
49:3a:90:20:90:16:9b:d0:f4:45:de:75:d1:8b:79:
e6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:DD:51:A7:21:E1:44:26:0D:54:11:AE:40:EE:FF:33:C0:10:58:6C
X509v3 Authority Key Identifier:
keyid:48:34:2B:6E:D3:2F:1C:9A:0E:26:05:34:12:EA:A7:7F:83:5F:25:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/637d8fdc4535b0e4099c644d47106ef014aaaeea.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/95768f2d-c858-4ead-b85c-580ee3c53caf/3cd6253a0b62ba6450e6f909a1ec0245de5e8cc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/95768f2d-c858-4ead-b85c-580ee3c53caf/637d8fdc4535b0e4099c644d47106ef014aaaeea.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.189.192.0/19
190.6.96.0-190.6.119.255
200.2.120.0/21
IPv6:
2800:5a0::/32
Signature Algorithm: sha256WithRSAEncryption
66:ce:82:7f:8d:2b:16:ae:b0:0a:ef:e0:4c:b8:17:60:bb:1c:
68:a0:fe:79:d5:73:84:3e:48:82:31:7a:a9:60:bd:d9:2b:74:
67:e4:ba:2b:e1:4c:67:d5:8c:32:dc:7c:2d:29:ec:d4:e0:d2:
b8:90:55:ae:8e:ac:14:f2:ab:7f:34:b9:31:3a:10:bc:33:05:
96:3f:0a:d4:0d:c5:1f:69:35:08:31:1c:44:5e:15:13:90:71:
89:cb:09:4f:05:7c:11:f0:0e:a0:c3:13:68:af:ea:ef:ae:d2:
e0:b7:d5:f3:c3:7d:f9:15:69:33:1e:ed:2a:3d:77:57:ff:06:
58:5c:8d:6c:b9:6c:b8:ba:bc:a4:72:2d:c4:27:1e:d6:00:5d:
43:05:ab:79:a5:6e:35:f5:ea:a8:99:19:e0:83:11:26:b6:49:
e4:fa:62:0c:63:0d:a0:ce:d2:83:73:7e:46:75:fa:d6:80:fa:
e0:c1:2d:ba:85:c0:92:2d:f7:ed:f2:c3:ff:7d:f2:22:b4:0b:
92:f6:ea:a8:c2:29:9f:1e:87:a4:25:92:5e:1e:86:4f:30:d9:
ef:6c:3e:cc:73:d9:4d:31:fd:11:a0:ab:90:b5:56:58:41:a4:
25:16:eb:0c:74:b4:3b:3b:ea:44:34:bf:e7:5c:7d:c3:f2:53:
c2:f0:ba:40
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgIDDTecMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYz
N2Q4ZmRjNDUzNWIwZTQwOTljNjQ0ZDQ3MTA2ZWYwMTRhYWFlZWEwHhcNMjEwMzI0
MTQzMjQ3WhcNMjYwMzI0MTQzMjQ3WjAzMTEwLwYDVQQDEygzY2Q2MjUzYTBiNjJi
YTY0NTBlNmY5MDlhMWVjMDI0NWRlNWU4Y2MwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkKPEuR9FmIQ2s21vF6rq/5EQ2JBGHXDx8iIEOYXpHKQbW1dG
y4jYZTqZmVgtODu4f5wX+RMMRh07RWR6DLCR54NEDCXCb3cDnlDSekEkiOMpcnSw
8OOG0OecvtdZIMhGDSsqzHWvuuRdvLcqps+vVgMUt4M+cfQrjE7Rfih9ZOj5WetL
zdMS86UUjgNadAEcWsXtmMiSd4MKJ8iD3HLQqdhCkR3I2yRZwr51iJvXLPZ+FVOg
Lo0Cb8gkWWcL7UWGtIeZ0E22GEmHPi6TpLil5yh0YbI2rvkLiU5S53NiRXElKZMK
BYipC6Vc9t1VyNNJOpAgkBab0PRF3nXRi3nmQwIDAQABo4ICfjCCAnowHQYDVR0O
BBYEFLjdUach4UQmDVQRrkDu/zPAEFhsMB8GA1UdIwQYMBaAFEg0K27TLxyaDiYF
NBLqp3+DXyX2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjM3ZDhm
ZGM0NTM1YjBlNDA5OWM2NDRkNDcxMDZlZjAxNGFhYWVlYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTU3NjhmMmQtYzg1OC00ZWFkLWI4NWMtNTgwZWUz
YzUzY2FmLzNjZDYyNTNhMGI2MmJhNjQ1MGU2ZjkwOWExZWMwMjQ1ZGU1ZThjYzAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NTc2OGYyZC1jODU4LTRlYWQtYjg1Yy01ODBl
ZTNjNTNjYWYvNjM3ZDhmZGM0NTM1YjBlNDA5OWM2NDRkNDcxMDZlZjAxNGFhYWVl
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBCBggrBgEFBQcBBwEB/wQz
MDEwIAQCAAEwGgMEBbW9wDAMAwQFvgZgAwQDvgZwAwQDyAJ4MA0EAgACMAcDBQAo
AAWgMA0GCSqGSIb3DQEBCwUAA4IBAQBmzoJ/jSsWrrAK7+BMuBdguxxooP551XOE
PkiCMXqpYL3ZK3Rn5Lor4Uxn1Ywy3HwtKezU4NK4kFWujqwU8qt/NLkxOhC8MwWW
PwrUDcUfaTUIMRxEXhUTkHGJywlPBXwR8A6gwxNor+rvrtLgt9Xzw335FWkzHu0q
PXdX/wZYXI1suWy4urykci3EJx7WAF1DBat5pW419eqomRnggxEmtknk+mIMYw2g
ztKDc35GdfrWgPrgwS26hcCSLfft8sP/ffIitAuS9uqowimfHoekJZJeHoZPMNnv
bD7Mc9lNMf0RoKuQtVZYQaQlFusMdLQ7O+pENL/nXH3D8lPC8LpA
-----END CERTIFICATE-----
Generated at Tue Oct 24 16:27:38 2023 by rpki-client on console-ams.rpki-client.org