Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9b3eca34-7e5b-46b0-b80b-5f745a510d62/95b74daf3ca4f0c393b72dee264ff0449e00d487.roa
File: 95b74daf3ca4f0c393b72dee264ff0449e00d487.roa (raw, json)
Hash identifier: N/NlTTmu2OwIjz8nbRpetW9TBLCYsEKhlzYe8nHPGX0=
Subject key identifier: 2C:D2:D9:79:DE:49:6B:42:08:28:06:CF:12:BD:FF:1F:51:13:89:12
Certificate issuer: /CN=d0615608a5f64a875e5be0a66c710b668ecb0886
Certificate serial: 12206A
Authority key identifier: C3:2B:D5:97:7D:9A:F1:4D:F2:53:CB:EB:AC:C7:D2:22:2A:41:67:97
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d0615608a5f64a875e5be0a66c710b668ecb0886.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/9b3eca34-7e5b-46b0-b80b-5f745a510d62/95b74daf3ca4f0c393b72dee264ff0449e00d487.roa
Signing time: Mon 10 Apr 2023 08:30:00 +0000
ROA not before: Sun 09 Apr 2023 08:30:00 +0000
ROA not after: Tue 08 Apr 2025 08:30:00 +0000
asID: 28398
IP address blocks: 164.163.188.0/22 maxlen: 22
164.163.188.0/24 maxlen: 24
164.163.189.0/24 maxlen: 24
164.163.190.0/24 maxlen: 24
164.163.191.0/24 maxlen: 24
2806:2ed::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1187946 (0x12206a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0615608a5f64a875e5be0a66c710b668ecb0886
Validity
Not Before: Apr 9 08:30:00 2023 GMT
Not After : Apr 8 08:30:00 2025 GMT
Subject: CN=95b74daf3ca4f0c393b72dee264ff0449e00d487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:18:96:7a:0d:2b:58:c3:fd:3c:b2:03:71:8e:
1e:f6:d1:e8:41:15:d0:34:cb:95:2c:be:fe:6b:b9:
f5:0d:18:bf:3b:51:e0:bb:e6:43:60:1a:3d:f0:52:
bf:cd:5f:ef:8e:2a:ec:6f:21:6e:02:22:fb:5c:0a:
b9:d0:1e:90:37:17:51:5c:7c:53:3d:0d:3d:34:e2:
19:9f:96:64:85:be:43:1d:d1:2a:50:23:7e:d4:8d:
fa:e5:0b:3c:ce:6c:56:3d:29:54:9a:ab:3c:8b:43:
13:45:d4:30:45:26:10:ba:af:6f:fb:71:b2:27:c5:
25:57:98:10:34:2f:07:f2:37:59:11:ca:4e:86:d2:
2a:6e:f6:45:2c:5f:18:87:a5:9f:77:72:34:a3:60:
02:cc:24:cd:5d:d6:5f:6a:fd:b8:38:db:f4:37:41:
42:e3:2b:ad:f8:ff:19:da:e6:f4:ec:b1:a3:dd:51:
b4:dd:39:20:7c:d5:dd:39:ea:9f:38:27:b3:e3:87:
16:22:5e:14:38:b6:f9:30:36:a5:70:00:b7:10:14:
71:f9:29:e2:fd:02:46:9b:bd:5b:33:61:14:26:79:
89:72:be:1c:d2:8d:24:7b:10:10:db:8c:6d:1d:e9:
41:55:9b:cf:03:1f:a2:4f:4f:bf:d6:fb:ec:57:db:
2b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D2:D9:79:DE:49:6B:42:08:28:06:CF:12:BD:FF:1F:51:13:89:12
X509v3 Authority Key Identifier:
keyid:C3:2B:D5:97:7D:9A:F1:4D:F2:53:CB:EB:AC:C7:D2:22:2A:41:67:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d0615608a5f64a875e5be0a66c710b668ecb0886.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9b3eca34-7e5b-46b0-b80b-5f745a510d62/95b74daf3ca4f0c393b72dee264ff0449e00d487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/9b3eca34-7e5b-46b0-b80b-5f745a510d62/d0615608a5f64a875e5be0a66c710b668ecb0886.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.163.188.0/22
IPv6:
2806:2ed::/32
Signature Algorithm: sha256WithRSAEncryption
7c:03:e3:4c:02:af:f2:a1:f1:01:1b:c0:46:18:5d:87:51:e9:
e8:57:fd:7f:65:cb:66:a1:8c:91:9a:8e:de:69:95:6f:6f:cf:
5f:b6:24:62:39:45:d9:0f:5c:76:55:43:08:89:e9:df:12:ac:
8e:7e:f1:5f:dd:6b:77:cd:82:95:cf:39:7d:54:98:8e:5c:3f:
7c:4a:45:f1:d5:4d:14:c3:46:61:40:44:59:2a:be:d9:8e:86:
a8:33:8d:99:97:d8:48:49:f3:eb:55:a9:2d:9e:16:a0:3a:a9:
a7:bd:df:54:82:95:4f:d5:52:5c:bd:2d:7c:3f:5f:69:bd:2b:
a7:15:81:1d:df:51:62:8f:82:e0:ac:f3:fa:53:68:52:2c:a4:
c5:d4:35:5d:e0:d5:50:a4:ca:d5:6b:c9:67:94:31:7f:61:28:
4c:89:1b:43:b8:b6:39:29:3e:50:3e:48:3a:bc:f3:d6:c3:51:
93:76:40:29:92:4d:19:a2:2a:3c:3f:82:a4:d4:a9:ef:6d:3a:
5f:d6:11:f0:8a:3f:e0:44:51:5a:1c:0a:68:b8:3a:00:c4:42:
2e:c7:d9:cf:22:bf:56:75:6b:f4:77:bd:85:96:f2:87:86:1b:
89:0d:5f:5e:b3:00:33:37:c4:e1:e7:86:7e:8e:9d:da:d0:59:
08:a9:31:3b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDEiBqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQw
NjE1NjA4YTVmNjRhODc1ZTViZTBhNjZjNzEwYjY2OGVjYjA4ODYwHhcNMjMwNDA5
MDgzMDAwWhcNMjUwNDA4MDgzMDAwWjAzMTEwLwYDVQQDEyg5NWI3NGRhZjNjYTRm
MGMzOTNiNzJkZWUyNjRmZjA0NDllMDBkNDg3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3hiWeg0rWMP9PLIDcY4e9tHoQRXQNMuVLL7+a7n1DRi/O1Hg
u+ZDYBo98FK/zV/vjirsbyFuAiL7XAq50B6QNxdRXHxTPQ09NOIZn5Zkhb5DHdEq
UCN+1I365Qs8zmxWPSlUmqs8i0MTRdQwRSYQuq9v+3GyJ8UlV5gQNC8H8jdZEcpO
htIqbvZFLF8Yh6Wfd3I0o2ACzCTNXdZfav24ONv0N0FC4yut+P8Z2ub07LGj3VG0
3TkgfNXdOeqfOCez44cWIl4UOLb5MDalcAC3EBRx+Sni/QJGm71bM2EUJnmJcr4c
0o0kexAQ24xtHelBVZvPAx+iT0+/1vvsV9sroQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFCzS2XneSWtCCCgGzxK9/x9RE4kSMB8GA1UdIwQYMBaAFMMr1Zd9mvFN8lPL
66zH0iIqQWeXMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDA2MTU2
MDhhNWY2NGE4NzVlNWJlMGE2NmM3MTBiNjY4ZWNiMDg4Ni5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWIzZWNhMzQtN2U1Yi00NmIwLWI4MGItNWY3NDVh
NTEwZDYyLzk1Yjc0ZGFmM2NhNGYwYzM5M2I3MmRlZTI2NGZmMDQ0OWUwMGQ0ODcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85YjNlY2EzNC03ZTViLTQ2YjAtYjgwYi01Zjc0
NWE1MTBkNjIvZDA2MTU2MDhhNWY2NGE4NzVlNWJlMGE2NmM3MTBiNjY4ZWNiMDg4
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAqSjvDANBAIAAjAHAwUAKAYC7TANBgkqhkiG9w0BAQsFAAOC
AQEAfAPjTAKv8qHxARvARhhdh1Hp6Ff9f2XLZqGMkZqO3mmVb2/PX7YkYjlF2Q9c
dlVDCInp3xKsjn7xX91rd82Clc85fVSYjlw/fEpF8dVNFMNGYUBEWSq+2Y6GqDON
mZfYSEnz61WpLZ4WoDqpp73fVIKVT9VSXL0tfD9fab0rpxWBHd9RYo+C4Kzz+lNo
UiykxdQ1XeDVUKTK1WvJZ5Qxf2EoTIkbQ7i2OSk+UD5IOrzz1sNRk3ZAKZJNGaIq
PD+CpNSp7206X9YR8Io/4ERRWhwKaLg6AMRCLsfZzyK/VnVr9He9hZbyh4YbiQ1f
XrMAMzfE4eeGfo6d2tBZCKkxOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:58 2024 by rpki-client on console-fra.rpki-client.org