Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aacf58c3-f7f6-4438-9bc7-495121332594/13906d699cc6a88c2dd0e96a17f8c50746eabfc4.roa
File: 13906d699cc6a88c2dd0e96a17f8c50746eabfc4.roa (raw, json)
Hash identifier: 8IphKWbiyV7D0WniX6adMQlrhogTsKL5eVj6xh8ClfM=
Subject key identifier: 26:CD:07:B8:33:98:9A:32:33:28:A1:0C:C4:9A:1A:14:0F:54:D0:CF
Certificate issuer: /CN=bf38729659b3ab84a635f8b5534cde56fe622a7b
Certificate serial: 23EC25
Authority key identifier: A5:5D:CF:19:72:8B:E3:B8:A2:A9:1C:6A:38:EB:B5:3E:86:16:0C:0E
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bf38729659b3ab84a635f8b5534cde56fe622a7b.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/aacf58c3-f7f6-4438-9bc7-495121332594/13906d699cc6a88c2dd0e96a17f8c50746eabfc4.roa
Signing time: Mon 02 Oct 2023 13:51:23 +0000
ROA not before: Sun 01 Oct 2023 13:51:23 +0000
ROA not after: Thu 02 Oct 2025 14:51:23 +0000
asID: 14232
IP address blocks: 201.219.64.0/19 maxlen: 24
179.51.80.0/20 maxlen: 22
201.219.96.0/20 maxlen: 24
138.219.4.0/22 maxlen: 22
170.78.200.0/22 maxlen: 22
2800:2b0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 12 Apr 2024 13:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2354213 (0x23ec25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf38729659b3ab84a635f8b5534cde56fe622a7b
Validity
Not Before: Oct 1 13:51:23 2023 GMT
Not After : Oct 2 14:51:23 2025 GMT
Subject: CN=13906d699cc6a88c2dd0e96a17f8c50746eabfc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:03:a8:81:c5:7d:7f:1b:35:d0:a0:7f:ab:f1:
1c:1b:ca:cd:bf:7c:1f:9a:dc:72:61:2b:1e:81:08:
a8:b3:f8:88:9d:db:16:4f:b4:4a:ea:14:46:d4:2f:
ab:e8:66:1d:21:06:04:28:22:6e:7f:4f:8e:2e:3a:
bf:ea:e5:b3:33:75:88:bb:73:c2:28:6e:17:b3:04:
af:41:0c:3c:9f:85:55:69:3b:5d:03:9c:0a:82:d6:
a6:26:24:e2:46:f4:b2:3e:00:75:27:ae:fe:52:5f:
6b:2a:56:71:3b:87:a5:99:62:4b:24:9c:88:f0:5c:
a0:72:5e:82:12:d1:1e:18:b9:c4:6b:ee:20:39:2c:
b4:a9:75:00:11:c6:9a:b2:a0:f5:e6:f8:91:24:42:
40:2b:3d:3a:b6:59:3b:7a:e9:aa:59:f5:5a:3c:41:
f5:8b:15:df:0a:a8:99:a5:15:a3:66:85:09:04:33:
ea:77:95:d5:09:96:56:cd:85:fd:6b:9f:d0:18:cc:
38:67:42:87:eb:d0:c8:b9:e5:2e:3f:f9:50:08:28:
7a:ce:f9:40:cb:c3:eb:f6:28:76:18:b8:5a:8a:92:
4a:46:17:de:fa:15:02:57:24:08:8a:5e:f7:be:82:
44:cc:be:40:da:24:f0:4f:89:91:ef:08:67:43:11:
3c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:CD:07:B8:33:98:9A:32:33:28:A1:0C:C4:9A:1A:14:0F:54:D0:CF
X509v3 Authority Key Identifier:
keyid:A5:5D:CF:19:72:8B:E3:B8:A2:A9:1C:6A:38:EB:B5:3E:86:16:0C:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bf38729659b3ab84a635f8b5534cde56fe622a7b.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aacf58c3-f7f6-4438-9bc7-495121332594/13906d699cc6a88c2dd0e96a17f8c50746eabfc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/aacf58c3-f7f6-4438-9bc7-495121332594/bf38729659b3ab84a635f8b5534cde56fe622a7b.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.219.4.0/22
170.78.200.0/22
179.51.80.0/20
201.219.64.0-201.219.111.255
IPv6:
2800:2b0::/32
Signature Algorithm: sha256WithRSAEncryption
00:a4:28:89:a1:92:18:81:be:6a:41:da:d1:df:74:9d:52:bb:
38:b0:16:33:78:65:d0:eb:d9:ac:30:d1:ab:27:0d:52:4a:53:
8a:5b:66:cd:a6:02:2c:a9:cd:28:90:7d:56:fc:dd:52:ec:41:
10:15:f0:d7:47:68:a1:e9:17:57:7d:d8:0c:dd:36:aa:70:57:
4e:f8:f1:a1:82:66:8b:b3:f6:37:bb:88:fd:d6:35:85:ff:83:
8c:50:57:ec:7e:c8:06:91:ef:b5:83:a9:e2:dd:65:70:9c:06:
9d:6c:ed:10:30:89:a5:7d:a8:d1:a6:b4:09:cc:f4:6e:22:95:
10:44:55:38:63:3d:19:da:0f:07:06:a2:77:cd:53:8d:c8:78:
46:97:80:05:76:46:8d:28:e3:08:7d:ed:b8:09:ad:e7:85:ee:
bc:14:e4:68:9f:ae:a4:92:89:91:5e:54:8e:34:47:25:e7:5e:
b4:bc:db:d1:85:60:4a:39:36:71:d0:5c:36:3d:3e:77:06:a0:
80:44:c3:a6:4e:bb:0a:5d:61:f6:9d:14:46:f8:fd:be:87:e0:
cc:70:f0:08:d9:78:93:0e:38:c2:92:4a:1e:f0:fd:ce:aa:01:
d1:b1:53:a9:e8:2e:4f:40:c0:ee:08:b5:de:51:2c:93:73:b7:
c5:04:2d:6c
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIDI+wlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
Mzg3Mjk2NTliM2FiODRhNjM1ZjhiNTUzNGNkZTU2ZmU2MjJhN2IwHhcNMjMxMDAx
MTM1MTIzWhcNMjUxMDAyMTQ1MTIzWjAzMTEwLwYDVQQDEygxMzkwNmQ2OTljYzZh
ODhjMmRkMGU5NmExN2Y4YzUwNzQ2ZWFiZmM0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApgOogcV9fxs10KB/q/EcG8rNv3wfmtxyYSsegQios/iIndsW
T7RK6hRG1C+r6GYdIQYEKCJuf0+OLjq/6uWzM3WIu3PCKG4XswSvQQw8n4VVaTtd
A5wKgtamJiTiRvSyPgB1J67+Ul9rKlZxO4elmWJLJJyI8Fygcl6CEtEeGLnEa+4g
OSy0qXUAEcaasqD15viRJEJAKz06tlk7eumqWfVaPEH1ixXfCqiZpRWjZoUJBDPq
d5XVCZZWzYX9a5/QGMw4Z0KH69DIueUuP/lQCCh6zvlAy8Pr9ih2GLhaipJKRhfe
+hUCVyQIil73voJEzL5A2iTwT4mR7whnQxE8VQIDAQABo4IChDCCAoAwHQYDVR0O
BBYEFCbNB7gzmJoyMyihDMSaGhQPVNDPMB8GA1UdIwQYMBaAFKVdzxlyi+O4oqkc
ajjrtT6GFgwOMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmYzODcy
OTY1OWIzYWI4NGE2MzVmOGI1NTM0Y2RlNTZmZTYyMmE3Yi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWFjZjU4YzMtZjdmNi00NDM4LTliYzctNDk1MTIx
MzMyNTk0LzEzOTA2ZDY5OWNjNmE4OGMyZGQwZTk2YTE3ZjhjNTA3NDZlYWJmYzQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYWNmNThjMy1mN2Y2LTQ0MzgtOWJjNy00OTUx
MjEzMzI1OTQvYmYzODcyOTY1OWIzYWI4NGE2MzVmOGI1NTM0Y2RlNTZmZTYyMmE3
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBIBggrBgEFBQcBBwEB/wQ5
MDcwJgQCAAEwIAMEAorbBAMEAqpOyAMEBLMzUDAMAwQGydtAAwQEydtgMA0EAgAC
MAcDBQAoAAKwMA0GCSqGSIb3DQEBCwUAA4IBAQAApCiJoZIYgb5qQdrR33SdUrs4
sBYzeGXQ69msMNGrJw1SSlOKW2bNpgIsqc0okH1W/N1S7EEQFfDXR2ih6RdXfdgM
3TaqcFdO+PGhgmaLs/Y3u4j91jWF/4OMUFfsfsgGke+1g6ni3WVwnAadbO0QMIml
fajRprQJzPRuIpUQRFU4Yz0Z2g8HBqJ3zVONyHhGl4AFdkaNKOMIfe24Ca3nhe68
FORon66kkomRXlSONEcl5160vNvRhWBKOTZx0Fw2PT53BqCARMOmTrsKXWH2nRRG
+P2+h+DMcPAI2XiTDjjCkkoe8P3OqgHRsVOp6C5PQMDuCLXeUSyTc7fFBC1s
-----END CERTIFICATE-----
Generated at Fri Apr 12 17:38:43 2024 by rpki-client on console-ams.rpki-client.org