Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c944eff2-c01a-43ac-b23c-71ab3115d219/a66a64b27412c97000949fdf723f8177eef1291a.roa
File: a66a64b27412c97000949fdf723f8177eef1291a.roa (raw, json)
Hash identifier: O+8DVLjeptszBgOlfx/FF2rxJMIBMSZPxBZeHiQ81zA=
Subject key identifier: EA:8E:44:2B:78:E7:D9:F4:00:19:14:F7:F5:93:0A:33:76:0C:47:45
Certificate issuer: /CN=75efa7e220921478f459230041e65a4f7dc20ea6
Certificate serial: 254FCB
Authority key identifier: 6A:F0:47:DF:D7:F3:CF:31:79:98:C6:27:10:79:7E:21:32:E4:0B:11
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/75efa7e220921478f459230041e65a4f7dc20ea6.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/c944eff2-c01a-43ac-b23c-71ab3115d219/a66a64b27412c97000949fdf723f8177eef1291a.roa
Signing time: Tue 05 Dec 2023 16:25:37 +0000
ROA not before: Tue 05 Dec 2023 16:25:36 +0000
ROA not after: Fri 05 Dec 2025 16:25:36 +0000
asID: 10269
IP address blocks: 179.42.192.0/20 maxlen: 20
179.42.226.0/24 maxlen: 24
200.32.197.0/24 maxlen: 24
179.42.208.0/20 maxlen: 20
190.197.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2445259 (0x254fcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75efa7e220921478f459230041e65a4f7dc20ea6
Validity
Not Before: Dec 5 16:25:36 2023 GMT
Not After : Dec 5 16:25:36 2025 GMT
Subject: CN=a66a64b27412c97000949fdf723f8177eef1291a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:dc:bf:94:40:95:38:00:20:35:ef:1d:31:22:
e3:96:0e:c2:08:15:46:2b:d3:ae:a5:30:9a:c5:8b:
48:1b:b5:28:a1:6f:d0:d8:cc:63:72:f2:c5:db:b2:
f0:fc:1c:0d:5c:7c:2f:15:67:cf:cc:1f:31:2f:f2:
0c:97:c0:a3:db:b7:c1:73:9c:0e:08:76:65:8a:fd:
e0:5b:28:dd:b1:f7:cc:b5:af:72:25:9b:32:8b:df:
71:d3:29:07:54:29:3b:0c:94:ac:ce:53:6a:e5:88:
a5:e2:51:7b:4c:8e:ba:bd:b9:2c:a3:7e:2a:39:aa:
bb:44:33:a3:b1:ef:59:92:c2:42:bd:20:37:3b:92:
59:0b:56:3f:07:a4:05:49:19:72:47:04:3c:56:42:
87:f8:ee:fc:a0:80:ef:d2:6c:b7:43:63:a6:45:8e:
c1:30:c6:7c:a3:0e:52:ba:52:e2:36:36:f9:8b:97:
22:a1:93:58:2f:94:7c:50:91:44:71:a2:10:39:04:
60:14:97:57:b4:ff:0a:0f:7e:e9:1a:10:f0:2c:88:
f3:db:48:77:ec:d3:07:c8:1e:bc:51:71:b6:41:4a:
2d:b2:03:3b:51:ea:51:5e:d1:3c:86:75:14:5d:fa:
bf:3c:c2:f6:80:b8:fd:ff:db:0e:d2:5c:de:d9:30:
6f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:8E:44:2B:78:E7:D9:F4:00:19:14:F7:F5:93:0A:33:76:0C:47:45
X509v3 Authority Key Identifier:
keyid:6A:F0:47:DF:D7:F3:CF:31:79:98:C6:27:10:79:7E:21:32:E4:0B:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/75efa7e220921478f459230041e65a4f7dc20ea6.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c944eff2-c01a-43ac-b23c-71ab3115d219/a66a64b27412c97000949fdf723f8177eef1291a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/c944eff2-c01a-43ac-b23c-71ab3115d219/75efa7e220921478f459230041e65a4f7dc20ea6.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.42.192.0/19
179.42.226.0/24
190.197.19.0/24
200.32.197.0/24
Signature Algorithm: sha256WithRSAEncryption
45:18:df:5c:7d:a7:3d:17:77:2d:05:94:3e:55:a8:46:ef:76:
04:0d:b3:26:3d:12:a3:bc:ad:a9:f9:ce:9c:2d:78:2a:5c:d3:
ca:ab:69:68:d9:48:0b:79:85:c9:ec:66:d4:1c:da:e4:ac:ff:
8e:d9:ab:ff:c2:73:cd:16:15:c1:99:49:51:93:33:b4:a6:34:
2c:42:3c:fb:13:25:75:4f:3a:fa:32:55:af:0d:ab:2b:e8:b6:
a9:b9:ba:d5:80:de:d8:5a:df:fd:28:2a:2b:04:70:56:58:ce:
b1:c3:19:4c:8e:3b:26:04:35:ba:f9:09:d9:dd:9f:33:57:f2:
a7:32:64:d1:be:31:bc:d2:73:4e:b5:9e:4f:a3:c6:14:df:0b:
82:73:57:fb:76:3a:da:c2:dd:5f:91:c7:8e:8f:b1:52:ad:7d:
64:cb:67:50:08:e4:d4:a8:74:a7:c1:8d:48:7f:fa:83:5f:4c:
00:d8:08:b2:aa:8d:7c:e1:4c:de:08:61:1c:5e:d7:d8:82:cf:
80:fb:ee:10:90:79:ee:d1:28:6d:e5:5f:3a:d8:06:be:ad:02:
25:49:74:b0:22:32:50:51:ba:fa:19:d3:58:20:1c:5d:3b:dc:
aa:f5:a7:c4:ef:5d:92:3d:06:f3:bf:b3:26:78:f7:09:97:82:
d9:2f:86:8b
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIDJU/LMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc1
ZWZhN2UyMjA5MjE0NzhmNDU5MjMwMDQxZTY1YTRmN2RjMjBlYTYwHhcNMjMxMjA1
MTYyNTM2WhcNMjUxMjA1MTYyNTM2WjAzMTEwLwYDVQQDEyhhNjZhNjRiMjc0MTJj
OTcwMDA5NDlmZGY3MjNmODE3N2VlZjEyOTFhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAh9y/lECVOAAgNe8dMSLjlg7CCBVGK9OupTCaxYtIG7UooW/Q
2MxjcvLF27Lw/BwNXHwvFWfPzB8xL/IMl8Cj27fBc5wOCHZliv3gWyjdsffMta9y
JZsyi99x0ykHVCk7DJSszlNq5Yil4lF7TI66vbkso34qOaq7RDOjse9ZksJCvSA3
O5JZC1Y/B6QFSRlyRwQ8VkKH+O78oIDv0my3Q2OmRY7BMMZ8ow5SulLiNjb5i5ci
oZNYL5R8UJFEcaIQOQRgFJdXtP8KD37pGhDwLIjz20h37NMHyB68UXG2QUotsgM7
UepRXtE8hnUUXfq/PML2gLj9/9sO0lze2TBv5wIDAQABo4ICbTCCAmkwHQYDVR0O
BBYEFOqORCt459n0ABkU9/WTCjN2DEdFMB8GA1UdIwQYMBaAFGrwR9/X888xeZjG
JxB5fiEy5AsRMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzVlZmE3
ZTIyMDkyMTQ3OGY0NTkyMzAwNDFlNjVhNGY3ZGMyMGVhNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzk0NGVmZjItYzAxYS00M2FjLWIyM2MtNzFhYjMx
MTVkMjE5L2E2NmE2NGIyNzQxMmM5NzAwMDk0OWZkZjcyM2Y4MTc3ZWVmMTI5MWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jOTQ0ZWZmMi1jMDFhLTQzYWMtYjIzYy03MWFi
MzExNWQyMTkvNzVlZmE3ZTIyMDkyMTQ3OGY0NTkyMzAwNDFlNjVhNGY3ZGMyMGVh
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQi
MCAwHgQCAAEwGAMEBbMqwAMEALMq4gMEAL7FEwMEAMggxTANBgkqhkiG9w0BAQsF
AAOCAQEARRjfXH2nPRd3LQWUPlWoRu92BA2zJj0So7ytqfnOnC14KlzTyqtpaNlI
C3mFyexm1Bza5Kz/jtmr/8JzzRYVwZlJUZMztKY0LEI8+xMldU86+jJVrw2rK+i2
qbm61YDe2Frf/SgqKwRwVljOscMZTI47JgQ1uvkJ2d2fM1fypzJk0b4xvNJzTrWe
T6PGFN8LgnNX+3Y62sLdX5HHjo+xUq19ZMtnUAjk1Kh0p8GNSH/6g19MANgIsqqN
fOFM3ghhHF7X2ILPgPvuEJB57tEobeVfOtgGvq0CJUl0sCIyUFG6+hnTWCAcXTvc
qvWnxO9dkj0G87+zJnj3CZeC2S+Giw==
-----END CERTIFICATE-----
Generated at Mon Apr 15 15:27:31 2024 by rpki-client on console-fra.rpki-client.org