Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/d0b3cbc0e7cf73aec02e933d3ba34e2af3dca2f7.roa
File: d0b3cbc0e7cf73aec02e933d3ba34e2af3dca2f7.roa (raw, json)
Hash identifier: GKnvPJiqeP0gImcBjFWDT+fvl4QYL9x8cotsmULOqlA=
Subject key identifier: 57:65:4B:AE:C3:DB:33:16:38:C9:46:5D:DA:62:88:40:75:45:2E:44
Certificate issuer: /CN=40bb0835e54e95f61d1b3f21a5df4b4b8f23450a
Certificate serial: 25F92B
Authority key identifier: DC:DA:82:3A:0B:BC:C7:66:50:2B:14:89:E0:A3:8C:CD:4F:BE:51:C4
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/40bb0835e54e95f61d1b3f21a5df4b4b8f23450a.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/d0b3cbc0e7cf73aec02e933d3ba34e2af3dca2f7.roa
Signing time: Sat 18 Nov 2023 22:57:32 +0000
ROA not before: Sat 18 Nov 2023 22:57:32 +0000
ROA not after: Tue 18 Nov 2025 22:57:32 +0000
asID: 269918
IP address blocks: 131.72.168.0/22 maxlen: 24
131.72.168.0/24 maxlen: 24
131.72.169.0/24 maxlen: 24
131.72.170.0/24 maxlen: 24
131.72.171.0/24 maxlen: 24
2803:dd80::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 31 Mar 2024 11:40:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2488619 (0x25f92b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40bb0835e54e95f61d1b3f21a5df4b4b8f23450a
Validity
Not Before: Nov 18 22:57:32 2023 GMT
Not After : Nov 18 22:57:32 2025 GMT
Subject: CN=d0b3cbc0e7cf73aec02e933d3ba34e2af3dca2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:86:2f:72:b0:57:c4:33:3c:c8:ef:6a:0a:c7:
f3:4a:1d:e7:f5:02:4a:15:6c:3b:b9:a8:72:0f:fe:
ac:99:4d:fd:28:81:54:29:e8:c8:d9:95:01:7d:9b:
e8:8b:9b:7c:89:5a:65:5b:8f:91:f1:82:1c:cb:6d:
be:b5:26:91:9f:b3:b6:d6:dd:cb:24:52:76:ae:4b:
53:2a:9e:f0:82:2b:1c:d7:73:e2:c0:ad:6c:c3:06:
2a:2e:dd:37:84:00:c0:fe:b3:0d:66:fd:78:78:2d:
d7:55:21:bb:25:eb:ed:9a:c2:2c:7b:97:f0:9e:40:
62:ef:ef:66:9e:22:e6:57:c3:1c:14:13:ef:46:b8:
57:25:20:6b:04:65:48:2f:c2:77:5a:d2:e1:3d:a2:
1e:e4:b6:35:1f:11:e7:d7:7f:33:af:ca:b7:b8:f0:
9d:89:a2:69:bf:6a:56:28:ad:94:c7:e8:f7:0d:e4:
4b:90:df:30:9e:3d:fa:0b:8d:23:86:34:5c:c8:a1:
bf:17:d0:6e:e5:35:16:d3:52:21:e5:d8:e4:79:0a:
a4:0e:9e:da:7c:8f:3b:b0:5d:63:d9:b4:c9:dd:79:
87:98:ae:12:d5:e2:4e:67:f9:1b:4e:4b:18:96:b8:
ae:2d:0f:91:e1:ee:e1:b8:4a:e2:89:c7:86:59:0d:
87:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:65:4B:AE:C3:DB:33:16:38:C9:46:5D:DA:62:88:40:75:45:2E:44
X509v3 Authority Key Identifier:
keyid:DC:DA:82:3A:0B:BC:C7:66:50:2B:14:89:E0:A3:8C:CD:4F:BE:51:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/40bb0835e54e95f61d1b3f21a5df4b4b8f23450a.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/d0b3cbc0e7cf73aec02e933d3ba34e2af3dca2f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/40bb0835e54e95f61d1b3f21a5df4b4b8f23450a.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.72.168.0/22
IPv6:
2803:dd80::/32
Signature Algorithm: sha256WithRSAEncryption
01:bd:82:7b:37:a0:28:18:92:03:48:5d:05:4b:67:33:9b:e2:
09:64:8e:19:82:65:14:5a:d1:e8:46:9e:dd:0b:b0:a0:b5:42:
a5:4d:9f:ac:0d:84:62:55:ca:c6:79:d8:cb:95:00:a3:7a:91:
27:79:08:84:56:6f:64:d0:08:a4:4f:87:10:9a:4f:5b:db:76:
c9:e6:5d:90:f9:e9:e2:b2:e0:e2:0d:00:65:88:16:13:e0:b4:
cc:ef:4e:46:b9:31:94:1a:49:a5:27:6a:4f:f3:e4:81:56:f3:
b9:80:eb:d7:dc:10:85:b7:04:b2:0d:c9:11:b5:ed:ee:0f:40:
c7:72:fa:27:ef:77:d1:5d:22:77:43:91:7e:f9:0d:69:9b:8d:
e1:50:ff:b1:04:1f:76:7d:0f:e0:b2:4f:7d:42:6c:1f:a5:8b:
b5:f4:cb:cf:ab:ef:8a:db:1b:07:97:46:59:70:3d:6f:80:bb:
5d:be:5a:b2:1d:0f:41:3b:b7:f0:d5:74:3d:2f:04:9d:54:80:
58:70:5f:5e:88:99:27:79:34:76:67:a7:48:c2:c2:25:99:b6:
ea:13:f0:4a:ab:92:88:07:2b:d1:97:db:40:f9:2b:b1:0c:d0:
89:bf:29:41:2f:1c:5d:3c:42:eb:4d:38:75:08:85:06:85:e0:
a2:d9:d4:5e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDJfkrMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQw
YmIwODM1ZTU0ZTk1ZjYxZDFiM2YyMWE1ZGY0YjRiOGYyMzQ1MGEwHhcNMjMxMTE4
MjI1NzMyWhcNMjUxMTE4MjI1NzMyWjAzMTEwLwYDVQQDEyhkMGIzY2JjMGU3Y2Y3
M2FlYzAyZTkzM2QzYmEzNGUyYWYzZGNhMmY3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApYYvcrBXxDM8yO9qCsfzSh3n9QJKFWw7uahyD/6smU39KIFU
KejI2ZUBfZvoi5t8iVplW4+R8YIcy22+tSaRn7O21t3LJFJ2rktTKp7wgisc13Pi
wK1swwYqLt03hADA/rMNZv14eC3XVSG7JevtmsIse5fwnkBi7+9mniLmV8McFBPv
RrhXJSBrBGVIL8J3WtLhPaIe5LY1HxHn138zr8q3uPCdiaJpv2pWKK2Ux+j3DeRL
kN8wnj36C40jhjRcyKG/F9Bu5TUW01Ih5djkeQqkDp7afI87sF1j2bTJ3XmHmK4S
1eJOZ/kbTksYlriuLQ+R4e7huEriiceGWQ2HowIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFFdlS67D2zMWOMlGXdpiiEB1RS5EMB8GA1UdIwQYMBaAFNzagjoLvMdmUCsU
ieCjjM1PvlHEMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDBiYjA4
MzVlNTRlOTVmNjFkMWIzZjIxYTVkZjRiNGI4ZjIzNDUwYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTAxMzQ1NjUtOWYzYy00OWIxLWFhZjYtZGZmMmVh
MzE0NmZlL2QwYjNjYmMwZTdjZjczYWVjMDJlOTMzZDNiYTM0ZTJhZjNkY2EyZjcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMDEzNDU2NS05ZjNjLTQ5YjEtYWFmNi1kZmYy
ZWEzMTQ2ZmUvNDBiYjA4MzVlNTRlOTVmNjFkMWIzZjIxYTVkZjRiNGI4ZjIzNDUw
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAoNIqDANBAIAAjAHAwUAKAPdgDANBgkqhkiG9w0BAQsFAAOC
AQEAAb2CezegKBiSA0hdBUtnM5viCWSOGYJlFFrR6Eae3QuwoLVCpU2frA2EYlXK
xnnYy5UAo3qRJ3kIhFZvZNAIpE+HEJpPW9t2yeZdkPnp4rLg4g0AZYgWE+C0zO9O
RrkxlBpJpSdqT/PkgVbzuYDr19wQhbcEsg3JEbXt7g9Ax3L6J+930V0id0ORfvkN
aZuN4VD/sQQfdn0P4LJPfUJsH6WLtfTLz6vvitsbB5dGWXA9b4C7Xb5ash0PQTu3
8NV0PS8EnVSAWHBfXoiZJ3k0dmenSMLCJZm26hPwSquSiAcr0ZfbQPkrsQzQib8p
QS8cXTxC6004dQiFBoXgotnUXg==
-----END CERTIFICATE-----
Generated at Sun Mar 31 16:36:42 2024 by rpki-client on console-ams.rpki-client.org