Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/504e2aa2287deeeb8fdc0db0e3d943f6340f5a3c.roa
File: 504e2aa2287deeeb8fdc0db0e3d943f6340f5a3c.roa (raw, json)
Hash identifier: rRhMZuW8Ux841z7a19eDO2KOCtcwxsby4VyBzgxZS6w=
Subject key identifier: F2:97:73:E0:DA:4C:70:CF:86:01:2A:94:26:80:A0:B6:72:E7:85:0E
Certificate issuer: /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial: 0D379C
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/504e2aa2287deeeb8fdc0db0e3d943f6340f5a3c.roa
Signing time: Wed 24 Mar 2021 14:35:23 +0000
ROA not before: Wed 24 Mar 2021 14:35:22 +0000
ROA not after: Tue 24 Mar 2026 14:35:22 +0000
asID: 18678
IP address blocks: 179.1.0.0/16 maxlen: 24
190.90.0.0/16 maxlen: 24
2800:310::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 866204 (0xd379c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Validity
Not Before: Mar 24 14:35:22 2021 GMT
Not After : Mar 24 14:35:22 2026 GMT
Subject: CN=504e2aa2287deeeb8fdc0db0e3d943f6340f5a3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:54:c8:b4:70:1d:47:b4:e8:50:18:74:0b:22:
59:8e:85:8e:df:d8:54:1b:42:84:3f:4a:a6:d2:03:
0f:9c:92:94:58:bf:2f:46:7a:e1:92:44:98:57:72:
12:50:5a:9e:ad:f5:1b:f9:97:36:f4:dc:34:f3:c5:
0d:18:22:5c:ae:bf:96:d7:20:27:f8:05:18:1e:2e:
a7:16:f0:90:9e:87:50:cf:42:55:0f:b5:6c:c2:88:
ed:00:55:ab:a6:55:af:c9:53:b1:e8:a9:b1:4d:f9:
b3:88:21:36:4c:b5:1a:a5:39:03:a5:1f:a5:ab:aa:
93:26:d5:dc:e6:d6:61:60:71:54:49:8e:66:25:c3:
2d:15:21:b4:97:7d:9b:73:86:9c:ee:82:88:70:06:
aa:6e:21:df:93:f6:fd:78:a8:13:30:16:50:84:dc:
c8:31:fd:26:44:cb:2b:a1:93:5e:38:1c:1a:35:ac:
ea:89:4e:11:28:cc:f6:3b:8a:5b:10:6b:6c:40:f7:
46:03:ad:0c:19:fc:89:50:66:d8:fd:cf:88:3e:c3:
fd:67:38:90:a2:0f:00:d6:50:f7:08:85:58:b7:84:
42:09:58:ff:d1:0c:ed:43:e5:52:9e:5e:8a:12:3e:
05:8b:6e:ac:d3:4b:99:07:7b:06:a0:d7:27:40:58:
c1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:97:73:E0:DA:4C:70:CF:86:01:2A:94:26:80:A0:B6:72:E7:85:0E
X509v3 Authority Key Identifier:
keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/504e2aa2287deeeb8fdc0db0e3d943f6340f5a3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.1.0.0/16
190.90.0.0/16
IPv6:
2800:310::/32
Signature Algorithm: sha256WithRSAEncryption
90:fb:94:13:d7:7f:3d:5f:40:26:15:60:8e:20:98:57:12:5c:
bf:3c:d0:99:d2:be:41:d1:31:3d:be:c8:9c:56:03:0c:0a:ca:
21:e6:49:af:1d:f0:0f:95:65:3e:0e:38:e7:c1:1e:8b:a6:05:
16:11:31:39:c6:bc:99:75:ad:8f:3c:35:79:6e:fa:4f:8d:bf:
78:f6:06:82:ce:05:d3:a2:7a:89:ce:e1:f3:8d:70:c0:6b:f6:
cf:d6:b4:c6:46:4e:41:4e:a8:26:69:f0:10:25:3d:64:b4:0d:
29:bc:aa:da:5c:7b:cb:01:f9:b8:5b:2d:fb:18:b9:e2:65:9f:
4e:a5:3a:8f:53:80:79:d5:86:fd:74:89:f4:be:c5:8c:92:5e:
bc:af:b2:7d:70:4a:db:fa:0d:e6:86:52:bf:68:61:ba:01:c4:
a0:25:9b:2a:f4:aa:55:3e:1a:dd:26:93:c1:90:a9:c7:fc:1e:
07:cc:c8:de:15:2a:79:74:20:8d:45:47:61:5d:bb:86:13:2a:
3e:b2:77:4c:0e:70:bd:48:29:b4:4f:93:1a:0d:22:7d:75:a9:
77:45:5f:3e:f6:d9:3f:52:b7:fa:c4:59:c8:57:47:db:c6:9d:
b3:c8:85:b5:18:17:39:2a:9d:f6:50:8d:e4:7b:f9:23:df:78:
b6:a7:56:6f
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgIDDTecMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjEwMzI0
MTQzNTIyWhcNMjYwMzI0MTQzNTIyWjAzMTEwLwYDVQQDEyg1MDRlMmFhMjI4N2Rl
ZWViOGZkYzBkYjBlM2Q5NDNmNjM0MGY1YTNjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA11TItHAdR7ToUBh0CyJZjoWO39hUG0KEP0qm0gMPnJKUWL8v
RnrhkkSYV3ISUFqerfUb+Zc29Nw088UNGCJcrr+W1yAn+AUYHi6nFvCQnodQz0JV
D7VswojtAFWrplWvyVOx6KmxTfmziCE2TLUapTkDpR+lq6qTJtXc5tZhYHFUSY5m
JcMtFSG0l32bc4ac7oKIcAaqbiHfk/b9eKgTMBZQhNzIMf0mRMsroZNeOBwaNazq
iU4RKMz2O4pbEGtsQPdGA60MGfyJUGbY/c+IPsP9ZziQog8A1lD3CIVYt4RCCVj/
0QztQ+VSnl6KEj4Fi26s00uZB3sGoNcnQFjBSwIDAQABo4ICbjCCAmowHQYDVR0O
BBYEFPKXc+DaTHDPhgEqlCaAoLZy54UOMB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5LzUwNGUyYWEyMjg3ZGVlZWI4ZmRjMGRiMGUzZDk0M2Y2MzQwZjVhM2Mu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAyBggrBgEFBQcBBwEB/wQj
MCEwEAQCAAEwCgMDALMBAwMAvlowDQQCAAIwBwMFACgAAxAwDQYJKoZIhvcNAQEL
BQADggEBAJD7lBPXfz1fQCYVYI4gmFcSXL880JnSvkHRMT2+yJxWAwwKyiHmSa8d
8A+VZT4OOOfBHoumBRYRMTnGvJl1rY88NXlu+k+Nv3j2BoLOBdOieonO4fONcMBr
9s/WtMZGTkFOqCZp8BAlPWS0DSm8qtpce8sB+bhbLfsYueJln06lOo9TgHnVhv10
ifS+xYySXryvsn1wStv6DeaGUr9oYboBxKAlmyr0qlU+Gt0mk8GQqcf8HgfMyN4V
Knl0II1FR2Fdu4YTKj6yd0wOcL1IKbRPkxoNIn11qXdFXz722T9St/rEWchXR9vG
nbPIhbUYFzkqnfZQjeR7+SPfeLanVm8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:35 2023 by rpki-client on console-fra.rpki-client.org