Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/d2783283add281320efbc7567609a108cc7b2613.roa
File: d2783283add281320efbc7567609a108cc7b2613.roa (raw, json)
Hash identifier: uXpA22fAfBsTej8nWGsKzM1qzBOJklZwJW8Ca5WxlIo=
Subject key identifier: 28:C6:35:79:B6:32:F8:EB:94:F1:07:1A:69:C9:65:C6:61:E4:AB:65
Certificate issuer: /CN=40bb0835e54e95f61d1b3f21a5df4b4b8f23450a
Certificate serial: 24E565
Authority key identifier: DC:DA:82:3A:0B:BC:C7:66:50:2B:14:89:E0:A3:8C:CD:4F:BE:51:C4
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/40bb0835e54e95f61d1b3f21a5df4b4b8f23450a.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/d2783283add281320efbc7567609a108cc7b2613.roa
Signing time: Wed 11 Oct 2023 16:28:49 +0000
ROA not before: Tue 10 Oct 2023 16:28:48 +0000
ROA not after: Wed 11 Oct 2028 16:28:48 +0000
asID: 269918
IP address blocks: 131.72.168.0/22 maxlen: 24
131.72.168.0/24 maxlen: 24
131.72.169.0/24 maxlen: 24
131.72.170.0/24 maxlen: 24
131.72.171.0/24 maxlen: 24
2803:dd80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2418021 (0x24e565)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40bb0835e54e95f61d1b3f21a5df4b4b8f23450a
Validity
Not Before: Oct 10 16:28:48 2023 GMT
Not After : Oct 11 16:28:48 2028 GMT
Subject: CN=d2783283add281320efbc7567609a108cc7b2613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b3:dc:43:da:80:b8:36:41:b0:1c:43:1d:b3:
1c:e6:33:2c:c5:a2:77:d8:70:f5:6c:06:80:dc:46:
82:88:73:2b:cb:1a:09:3e:b0:ba:72:54:fb:e4:05:
7e:35:d8:63:1a:48:30:29:18:d8:49:10:c9:b2:a5:
43:a1:2e:e6:46:9b:53:03:07:cd:da:8b:49:1c:6e:
71:21:d6:b4:1b:13:1b:71:5a:03:f0:c8:09:d7:66:
12:7c:f8:7c:8f:7a:65:d6:3d:3d:f9:5e:ce:95:94:
ef:d8:ba:1b:7e:b2:4d:b8:22:2b:de:2e:c5:d9:e9:
ce:e8:53:7a:39:61:10:a6:54:b8:c7:8f:84:a0:f1:
79:57:79:1e:75:74:26:52:8c:3e:05:a9:f7:9d:2d:
d0:e0:cd:e5:ed:84:95:fc:a9:7e:4d:7d:5a:0b:7d:
78:f8:45:f4:27:23:b9:14:47:ee:4e:27:b6:ee:40:
93:b8:b8:2b:95:48:9f:20:52:be:34:d3:5d:fa:f1:
2e:46:13:47:f8:cb:70:11:fa:ef:32:95:62:f3:5b:
7c:cd:93:63:83:f5:fa:20:bb:e6:28:36:30:80:5f:
53:17:4d:a4:da:0a:d4:24:85:53:63:0f:b9:77:70:
1e:5b:3f:24:8a:e8:4c:94:e4:e4:ff:9e:b6:36:6d:
0e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C6:35:79:B6:32:F8:EB:94:F1:07:1A:69:C9:65:C6:61:E4:AB:65
X509v3 Authority Key Identifier:
keyid:DC:DA:82:3A:0B:BC:C7:66:50:2B:14:89:E0:A3:8C:CD:4F:BE:51:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/40bb0835e54e95f61d1b3f21a5df4b4b8f23450a.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/d2783283add281320efbc7567609a108cc7b2613.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/40bb0835e54e95f61d1b3f21a5df4b4b8f23450a.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.72.168.0/22
IPv6:
2803:dd80::/32
Signature Algorithm: sha256WithRSAEncryption
5f:ce:53:4e:2f:16:c1:7f:f7:61:0f:38:d3:09:27:4e:cf:29:
34:6c:4c:29:30:64:12:79:52:95:9d:c0:f3:2b:50:f4:de:97:
36:8f:25:bf:ec:d1:f0:66:54:58:03:cd:84:db:05:2b:e2:e1:
34:67:83:35:90:77:82:cc:6d:0f:b8:2c:4a:47:95:4b:fa:26:
46:a0:1e:91:4c:82:4c:14:92:41:61:27:3a:01:b1:05:17:8f:
d5:3f:dd:6f:62:79:b1:7c:49:91:f3:14:08:b0:84:be:b3:b6:
20:da:b8:3d:5a:94:50:6b:5c:64:78:d6:40:1d:9b:14:ba:1e:
61:98:9e:8d:3b:ad:12:a2:27:8e:0e:ed:63:f4:39:4d:9c:f4:
7e:19:ea:57:31:4a:f6:64:b7:b2:26:59:3e:3a:ad:b1:2b:41:
51:8f:4b:98:27:ff:25:67:36:ad:f2:25:56:37:ff:d8:1b:52:
de:72:4c:2a:95:0c:1f:62:0d:ed:fb:c9:fb:87:bf:8f:05:ca:
c4:9d:65:13:ad:82:fb:4d:b6:09:41:27:ef:5e:1d:0b:80:c0:
ab:bf:83:83:60:7c:d5:05:8f:df:4d:b0:a9:88:39:37:94:14:
c3:a4:95:16:2f:cb:c6:b1:b5:06:29:77:11:94:d3:fd:c2:1b:
8a:aa:73:62
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDJOVlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQw
YmIwODM1ZTU0ZTk1ZjYxZDFiM2YyMWE1ZGY0YjRiOGYyMzQ1MGEwHhcNMjMxMDEw
MTYyODQ4WhcNMjgxMDExMTYyODQ4WjAzMTEwLwYDVQQDEyhkMjc4MzI4M2FkZDI4
MTMyMGVmYmM3NTY3NjA5YTEwOGNjN2IyNjEzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0LPcQ9qAuDZBsBxDHbMc5jMsxaJ32HD1bAaA3EaCiHMryxoJ
PrC6clT75AV+NdhjGkgwKRjYSRDJsqVDoS7mRptTAwfN2otJHG5xIda0GxMbcVoD
8MgJ12YSfPh8j3pl1j09+V7OlZTv2LobfrJNuCIr3i7F2enO6FN6OWEQplS4x4+E
oPF5V3kedXQmUow+Ban3nS3Q4M3l7YSV/Kl+TX1aC314+EX0JyO5FEfuTie27kCT
uLgrlUifIFK+NNNd+vEuRhNH+MtwEfrvMpVi81t8zZNjg/X6ILvmKDYwgF9TF02k
2grUJIVTYw+5d3AeWz8kiuhMlOTk/562Nm0OFwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFCjGNXm2MvjrlPEHGmnJZcZh5KtlMB8GA1UdIwQYMBaAFNzagjoLvMdmUCsU
ieCjjM1PvlHEMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDBiYjA4
MzVlNTRlOTVmNjFkMWIzZjIxYTVkZjRiNGI4ZjIzNDUwYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTAxMzQ1NjUtOWYzYy00OWIxLWFhZjYtZGZmMmVh
MzE0NmZlL2QyNzgzMjgzYWRkMjgxMzIwZWZiYzc1Njc2MDlhMTA4Y2M3YjI2MTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMDEzNDU2NS05ZjNjLTQ5YjEtYWFmNi1kZmYy
ZWEzMTQ2ZmUvNDBiYjA4MzVlNTRlOTVmNjFkMWIzZjIxYTVkZjRiNGI4ZjIzNDUw
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAoNIqDANBAIAAjAHAwUAKAPdgDANBgkqhkiG9w0BAQsFAAOC
AQEAX85TTi8WwX/3YQ840wknTs8pNGxMKTBkEnlSlZ3A8ytQ9N6XNo8lv+zR8GZU
WAPNhNsFK+LhNGeDNZB3gsxtD7gsSkeVS/omRqAekUyCTBSSQWEnOgGxBReP1T/d
b2J5sXxJkfMUCLCEvrO2INq4PVqUUGtcZHjWQB2bFLoeYZiejTutEqInjg7tY/Q5
TZz0fhnqVzFK9mS3siZZPjqtsStBUY9LmCf/JWc2rfIlVjf/2BtS3nJMKpUMH2IN
7fvJ+4e/jwXKxJ1lE62C+022CUEn714dC4DAq7+Dg2B81QWP302wqYg5N5QUw6SV
Fi/LxrG1Bil3EZTT/cIbiqpzYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-ams.rpki-client.org