Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/dd3e3fed-93ed-4e6b-98b0-cd4dcf6317d1/f67755fb999bb7b92e63b361eeaf7ad2d4287e49.roa
File: f67755fb999bb7b92e63b361eeaf7ad2d4287e49.roa (raw, json)
Hash identifier: TTIvzM3FO4BMsTE3Uexf3LuLeFvkSOYBKv0pBv4JYM4=
Subject key identifier: D1:1E:B9:AE:EB:B6:0E:73:53:B8:57:53:C7:51:5F:E1:F7:41:38:8E
Certificate issuer: /CN=d2a001ef37af8d12473454d1fe356899fdb03d21
Certificate serial: 0CE515
Authority key identifier: C6:63:B7:A2:62:10:3F:DA:A9:8C:41:B4:5F:2B:01:AC:24:12:3A:07
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d2a001ef37af8d12473454d1fe356899fdb03d21.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/dd3e3fed-93ed-4e6b-98b0-cd4dcf6317d1/f67755fb999bb7b92e63b361eeaf7ad2d4287e49.roa
Signing time: Thu 21 Mar 2024 16:35:59 +0000
ROA not before: Thu 21 Mar 2024 03:00:00 +0000
ROA not after: Wed 21 Mar 2029 03:00:00 +0000
asID: 19422
IP address blocks: 152.156.0.0/16 maxlen: 24
200.58.128.0/19 maxlen: 21
186.8.0.0/16 maxlen: 20
2800:840::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 22 Mar 2024 14:31:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 845077 (0xce515)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2a001ef37af8d12473454d1fe356899fdb03d21
Validity
Not Before: Mar 21 03:00:00 2024 GMT
Not After : Mar 21 03:00:00 2029 GMT
Subject: CN=f67755fb999bb7b92e63b361eeaf7ad2d4287e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:58:e0:6a:13:9f:67:3f:b6:af:85:ad:3c:b2:
66:1c:09:0a:b0:05:35:5e:cd:12:4a:0b:98:89:12:
fc:41:b7:e0:e0:52:c8:10:61:2d:0a:57:df:7c:b9:
34:ab:e7:48:f2:af:89:eb:fa:90:2f:c5:71:39:5b:
4c:9a:86:11:85:a5:25:a9:48:50:f3:8c:51:8b:09:
df:af:06:ae:f4:9a:4b:7b:43:08:63:63:cf:4c:5d:
2e:65:85:86:9d:1a:64:92:cc:ef:77:85:16:92:9d:
a3:0f:0b:7c:08:c6:3c:65:15:4e:ea:99:8c:52:76:
d2:31:64:df:81:6a:cd:ea:ab:83:33:21:04:f2:eb:
15:8b:e0:32:3d:ec:93:c8:cb:16:a1:41:6b:9f:f4:
48:06:20:77:71:5b:38:fb:2d:47:e2:38:10:ab:68:
51:ba:a3:cb:1b:b9:95:47:9e:11:fd:bc:32:2c:ef:
8b:64:e0:a3:4d:cf:62:27:41:a7:e0:53:dc:b2:4e:
d3:f2:ad:d2:a0:0e:d1:9c:e5:f4:8a:48:48:8f:0a:
78:fa:7f:c0:d3:1c:7a:01:ed:cc:d7:b9:fa:bb:dc:
6c:bb:74:c6:5b:88:d8:c4:24:30:3a:1c:03:02:02:
0f:cb:ee:bc:96:f5:56:a1:8d:89:b0:6f:b8:07:c1:
9c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:1E:B9:AE:EB:B6:0E:73:53:B8:57:53:C7:51:5F:E1:F7:41:38:8E
X509v3 Authority Key Identifier:
keyid:C6:63:B7:A2:62:10:3F:DA:A9:8C:41:B4:5F:2B:01:AC:24:12:3A:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d2a001ef37af8d12473454d1fe356899fdb03d21.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/dd3e3fed-93ed-4e6b-98b0-cd4dcf6317d1/f67755fb999bb7b92e63b361eeaf7ad2d4287e49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/dd3e3fed-93ed-4e6b-98b0-cd4dcf6317d1/d2a001ef37af8d12473454d1fe356899fdb03d21.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.156.0.0/16
186.8.0.0/16
200.58.128.0/19
IPv6:
2800:840::/32
Signature Algorithm: sha256WithRSAEncryption
47:0e:3a:d6:6c:ba:0e:d8:1d:96:ef:45:7f:06:a1:21:6e:ca:
0d:d2:40:6e:af:67:7e:fb:37:97:8c:b4:b6:3b:69:7c:a8:a5:
a9:d7:ee:60:05:17:41:ac:cb:90:d4:78:8c:1f:f4:cc:46:15:
51:49:58:81:58:fd:80:5b:23:2d:0e:35:50:d1:61:14:f1:64:
1a:df:e3:a3:f0:59:8f:5b:3f:a5:99:32:17:f1:46:3d:73:0a:
e2:48:64:b1:47:ba:72:ca:36:84:d1:d7:0b:55:74:f3:22:6a:
c6:63:df:3f:c9:13:ad:c3:e9:c5:4f:7b:8e:aa:0b:21:29:e8:
a0:05:c7:f8:2f:aa:b4:a5:47:3c:ed:cf:69:e0:32:c6:b1:4f:
ef:87:c1:30:04:e9:db:a4:c5:a5:47:a5:81:9a:00:a0:0d:3e:
48:68:1f:65:bc:47:f0:c5:61:94:5c:a6:59:63:4a:0e:4e:d2:
05:56:fb:81:bf:bb:a5:d6:97:c8:f9:24:ec:38:ed:e1:15:6e:
fb:30:36:a2:3f:10:cf:80:1d:19:c7:72:2f:ff:38:ff:31:fe:
fe:99:6a:2b:59:f6:e9:20:3a:96:95:39:b2:34:c3:c3:91:bd:
a5:cb:5e:2a:61:5c:c0:2a:47:db:92:04:89:4f:ba:9a:7e:ae:
8e:9d:a0:88
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgIDDOUVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQy
YTAwMWVmMzdhZjhkMTI0NzM0NTRkMWZlMzU2ODk5ZmRiMDNkMjEwHhcNMjQwMzIx
MDMwMDAwWhcNMjkwMzIxMDMwMDAwWjAzMTEwLwYDVQQDEyhmNjc3NTVmYjk5OWJi
N2I5MmU2M2IzNjFlZWFmN2FkMmQ0Mjg3ZTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnFjgahOfZz+2r4WtPLJmHAkKsAU1Xs0SSguYiRL8Qbfg4FLI
EGEtClfffLk0q+dI8q+J6/qQL8VxOVtMmoYRhaUlqUhQ84xRiwnfrwau9JpLe0MI
Y2PPTF0uZYWGnRpkkszvd4UWkp2jDwt8CMY8ZRVO6pmMUnbSMWTfgWrN6quDMyEE
8usVi+AyPeyTyMsWoUFrn/RIBiB3cVs4+y1H4jgQq2hRuqPLG7mVR54R/bwyLO+L
ZOCjTc9iJ0Gn4FPcsk7T8q3SoA7RnOX0ikhIjwp4+n/A0xx6Ae3M17n6u9xsu3TG
W4jYxCQwOhwDAgIPy+68lvVWoY2JsG+4B8GchQIDAQABo4ICdDCCAnAwHQYDVR0O
BBYEFNEeua7rtg5zU7hXU8dRX+H3QTiOMB8GA1UdIwQYMBaAFMZjt6JiED/aqYxB
tF8rAawkEjoHMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDJhMDAx
ZWYzN2FmOGQxMjQ3MzQ1NGQxZmUzNTY4OTlmZGIwM2QyMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZGQzZTNmZWQtOTNlZC00ZTZiLTk4YjAtY2Q0ZGNm
NjMxN2QxL2Y2Nzc1NWZiOTk5YmI3YjkyZTYzYjM2MWVlYWY3YWQyZDQyODdlNDku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kZDNlM2ZlZC05M2VkLTRlNmItOThiMC1jZDRk
Y2Y2MzE3ZDEvZDJhMDAxZWYzN2FmOGQxMjQ3MzQ1NGQxZmUzNTY4OTlmZGIwM2Qy
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA4BggrBgEFBQcBBwEB/wQp
MCcwFgQCAAEwEAMDAJicAwMAuggDBAXIOoAwDQQCAAIwBwMFACgACEAwDQYJKoZI
hvcNAQELBQADggEBAEcOOtZsug7YHZbvRX8GoSFuyg3SQG6vZ377N5eMtLY7aXyo
panX7mAFF0Gsy5DUeIwf9MxGFVFJWIFY/YBbIy0ONVDRYRTxZBrf46PwWY9bP6WZ
MhfxRj1zCuJIZLFHunLKNoTR1wtVdPMiasZj3z/JE63D6cVPe46qCyEp6KAFx/gv
qrSlRzztz2ngMsaxT++HwTAE6dukxaVHpYGaAKANPkhoH2W8R/DFYZRcplljSg5O
0gVW+4G/u6XWl8j5JOw47eEVbvswNqI/EM+AHRnHci//OP8x/v6ZaitZ9ukgOpaV
ObI0w8ORvaXLXiphXMAqR9uSBIlPupp+ro6doIg=
-----END CERTIFICATE-----
Generated at Fri Mar 22 18:41:49 2024 by rpki-client on console-fra.rpki-client.org