Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/5cd2f8243d818d3fe519511b3a9506e7d6386f83.roa
File: 5cd2f8243d818d3fe519511b3a9506e7d6386f83.roa (raw, json)
Hash identifier: o9Uw8/KM0dZTS4lMpdRjYpeCPr9nesG1SzvOJgmAEqU=
Subject key identifier: FF:F2:FB:61:50:F2:79:6B:12:DC:69:CF:9E:F6:F5:E4:E7:2D:7E:87
Certificate issuer: /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial: 18E6FC
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/5cd2f8243d818d3fe519511b3a9506e7d6386f83.roa
Signing time: Thu 09 Jun 2022 16:10:03 +0000
ROA not before: Thu 09 Jun 2022 03:00:00 +0000
ROA not after: Tue 24 Mar 2026 03:00:00 +0000
asID: 262589
IP address blocks: 179.1.144.0/20 maxlen: 24
190.90.200.0/24 maxlen: 24
190.90.201.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1631996 (0x18e6fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Validity
Not Before: Jun 9 03:00:00 2022 GMT
Not After : Mar 24 03:00:00 2026 GMT
Subject: CN=5cd2f8243d818d3fe519511b3a9506e7d6386f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:eb:4c:8a:d4:8c:d8:2c:94:27:4a:3f:1f:1a:
e8:58:64:65:22:f6:b3:b4:d4:76:1d:fb:74:e2:15:
e1:3b:39:29:0d:29:bd:df:bf:b6:a6:86:8e:1f:f3:
e8:45:ae:61:ce:52:2d:7f:36:49:5e:e2:53:13:18:
3d:d2:5d:87:5f:3a:30:5f:c5:b4:bb:a4:a9:4d:84:
8d:a0:06:ed:5c:39:82:98:6e:05:78:70:fe:de:43:
42:42:a5:11:e3:a6:42:5a:ff:6d:ff:21:49:2d:f8:
3a:22:92:04:c9:8b:b1:fc:39:79:3d:e9:bc:4c:5b:
e7:ae:b9:eb:a2:cb:df:2a:63:69:59:58:49:61:79:
73:19:a1:1b:87:47:93:2a:ab:5d:b5:cb:87:12:31:
16:94:2f:e6:84:a1:f9:d8:31:b5:a8:53:5b:ba:28:
b2:80:5c:f8:a4:e8:b0:ed:08:30:6b:e9:64:ea:63:
33:d8:5b:16:eb:8c:f8:64:78:39:5b:0b:10:26:bc:
57:6f:a7:57:d4:26:20:55:5c:b5:ee:8e:95:6a:cd:
78:f7:8b:5a:58:d3:07:6a:7c:3b:59:b4:26:e1:7a:
0f:a9:89:6c:ec:56:d0:2b:e4:bf:5b:47:38:f1:8e:
02:f9:67:cf:81:48:54:e7:b0:a4:6a:31:d0:62:2c:
37:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F2:FB:61:50:F2:79:6B:12:DC:69:CF:9E:F6:F5:E4:E7:2D:7E:87
X509v3 Authority Key Identifier:
keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/5cd2f8243d818d3fe519511b3a9506e7d6386f83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.1.144.0/20
190.90.200.0/23
Signature Algorithm: sha256WithRSAEncryption
35:a3:5b:d0:67:9c:f3:39:cf:da:60:36:43:e5:5c:c5:92:22:
a2:74:e3:af:2f:67:f2:37:62:1d:8e:8f:44:46:d0:a9:5b:de:
57:ce:24:58:44:51:c6:83:3b:2e:32:f4:6c:f0:46:2e:e2:f4:
cb:d1:9a:ed:82:69:f5:5a:38:e5:35:47:42:2c:52:bd:15:11:
4f:be:ac:68:d2:3f:4d:ad:84:88:82:ae:4c:56:92:7f:39:e0:
e0:d8:c6:07:d3:69:1c:98:2d:65:cc:cc:98:ec:0b:d5:b4:8d:
90:60:d0:ad:0f:59:e5:54:75:a9:0d:55:51:e1:f9:54:2a:aa:
48:57:95:9d:51:95:11:dd:b9:5b:4e:8b:6d:f5:c5:e7:d6:9c:
ed:74:75:8d:d0:bd:75:96:aa:f2:eb:aa:ed:14:25:ba:37:23:
e6:0f:47:b5:3d:9f:6b:e9:ac:09:02:85:71:6a:4d:fe:9d:7e:
58:d5:9f:39:60:fa:b0:96:dc:8d:e5:0f:2d:e1:78:8d:e2:5a:
28:4f:c0:8e:a5:73:2e:e4:fe:81:0c:29:c2:41:fe:b7:ae:5b:
d1:ff:5a:ba:c0:43:ca:82:25:11:69:63:21:1f:7b:8f:4e:04:
40:12:f9:62:2f:f5:9c:20:27:74:e2:85:ed:33:a1:4e:d1:70:
78:2c:68:0e
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDGOb8MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjIwNjA5
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg1Y2QyZjgyNDNkODE4
ZDNmZTUxOTUxMWIzYTk1MDZlN2Q2Mzg2ZjgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsetMitSM2CyUJ0o/HxroWGRlIvaztNR2Hft04hXhOzkpDSm9
37+2poaOH/PoRa5hzlItfzZJXuJTExg90l2HXzowX8W0u6SpTYSNoAbtXDmCmG4F
eHD+3kNCQqUR46ZCWv9t/yFJLfg6IpIEyYux/Dl5Pem8TFvnrrnrosvfKmNpWVhJ
YXlzGaEbh0eTKqtdtcuHEjEWlC/mhKH52DG1qFNbuiiygFz4pOiw7Qgwa+lk6mMz
2FsW64z4ZHg5WwsQJrxXb6dX1CYgVVy17o6Vas1494taWNMHanw7WbQm4XoPqYls
7FbQK+S/W0c48Y4C+WfPgUhU57CkajHQYiw3JQIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFP/y+2FQ8nlrEtxpz5729eTnLX6HMB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5LzVjZDJmODI0M2Q4MThkM2ZlNTE5NTExYjNhOTUwNmU3ZDYzODZmODMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEBLMBkAMEAb5ayDANBgkqhkiG9w0BAQsFAAOCAQEANaNb0Gec
8znP2mA2Q+VcxZIionTjry9n8jdiHY6PREbQqVveV84kWERRxoM7LjL0bPBGLuL0
y9Ga7YJp9Vo45TVHQixSvRURT76saNI/Ta2EiIKuTFaSfzng4NjGB9NpHJgtZczM
mOwL1bSNkGDQrQ9Z5VR1qQ1VUeH5VCqqSFeVnVGVEd25W06LbfXF59ac7XR1jdC9
dZaq8uuq7RQlujcj5g9HtT2fa+msCQKFcWpN/p1+WNWfOWD6sJbcjeUPLeF4jeJa
KE/AjqVzLuT+gQwpwkH+t65b0f9ausBDyoIlEWljIR97j04EQBL5Yi/1nCAndOKF
7TOhTtFweCxoDg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:50 2023 by rpki-client on console-ams.rpki-client.org