Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ebb71da9-3808-4d00-a943-589240d78385/332e52c69acc3a07121dec0bd2bcb037858b2779.roa
File: 332e52c69acc3a07121dec0bd2bcb037858b2779.roa (raw, json)
Hash identifier: J88ieZtfGU6sWcuXDqOeRgXo40LooioewmVnaZl+sr4=
Subject key identifier: 04:81:4B:AB:81:35:97:C6:78:95:08:33:9D:92:4E:B3:8C:F7:3A:9A
Certificate issuer: /CN=5f073dc50d388f5e4b8416173329e5c9fb55bacc
Certificate serial: 18E04A
Authority key identifier: EF:AB:01:33:53:10:96:46:AD:AC:A4:AD:C5:98:DC:A7:44:43:45:C9
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5f073dc50d388f5e4b8416173329e5c9fb55bacc.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/ebb71da9-3808-4d00-a943-589240d78385/332e52c69acc3a07121dec0bd2bcb037858b2779.roa
Signing time: Wed 11 Oct 2023 18:21:26 +0000
ROA not before: Tue 10 Oct 2023 18:21:26 +0000
ROA not after: Sat 11 Oct 2025 18:21:26 +0000
asID: 27775
IP address blocks: 190.98.0.0/17 maxlen: 24
200.1.156.0/22 maxlen: 24
200.2.160.0/19 maxlen: 24
186.179.128.0/17 maxlen: 24
2803:a200::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 30 Jan 2024 21:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1630282 (0x18e04a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f073dc50d388f5e4b8416173329e5c9fb55bacc
Validity
Not Before: Oct 10 18:21:26 2023 GMT
Not After : Oct 11 18:21:26 2025 GMT
Subject: CN=332e52c69acc3a07121dec0bd2bcb037858b2779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:00:68:61:23:d8:53:78:9a:a6:bf:2b:44:40:
98:38:cb:a2:b7:55:c8:e8:c1:3b:a4:32:11:b7:37:
78:2b:28:3f:a9:2a:65:4e:4f:db:9f:e2:be:ad:f8:
2a:0c:cb:b4:7d:ba:72:55:63:c7:db:9e:f5:bb:7f:
13:7a:c8:da:2c:5c:01:d7:41:2f:4f:87:51:cf:a4:
3b:82:54:10:f3:76:6f:b1:c8:c1:65:7c:71:f1:c3:
ed:43:09:92:5d:5f:ae:50:b9:17:1a:ff:df:2b:3a:
ce:4a:bc:14:da:af:70:50:08:b5:3a:00:02:c6:3c:
a7:ec:80:97:6e:ad:0c:9e:2b:47:fb:95:7f:60:b5:
96:54:a0:1e:fe:b6:69:aa:bc:61:d1:cb:9d:71:a6:
03:10:54:e6:8d:a5:e0:11:06:f7:0f:f1:24:65:46:
4e:85:90:dd:42:55:01:80:6d:8d:b0:b0:2b:b6:b1:
0d:bb:46:29:80:74:85:47:1e:1e:35:77:22:53:05:
71:58:55:45:80:d4:e6:05:5f:55:94:27:4f:db:9a:
0b:5d:86:f7:1b:e9:71:06:1b:32:41:1d:c5:98:25:
dd:07:53:00:8b:66:65:43:6e:aa:31:ab:53:97:1a:
9c:71:1f:6c:b6:f7:3d:0d:8e:ce:16:1e:a6:af:f2:
1b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:81:4B:AB:81:35:97:C6:78:95:08:33:9D:92:4E:B3:8C:F7:3A:9A
X509v3 Authority Key Identifier:
keyid:EF:AB:01:33:53:10:96:46:AD:AC:A4:AD:C5:98:DC:A7:44:43:45:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5f073dc50d388f5e4b8416173329e5c9fb55bacc.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ebb71da9-3808-4d00-a943-589240d78385/332e52c69acc3a07121dec0bd2bcb037858b2779.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/ebb71da9-3808-4d00-a943-589240d78385/5f073dc50d388f5e4b8416173329e5c9fb55bacc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
186.179.128.0/17
190.98.0.0/17
200.1.156.0/22
200.2.160.0/19
IPv6:
2803:a200::/32
Signature Algorithm: sha256WithRSAEncryption
62:4d:c9:8c:a1:ea:a3:5f:6c:06:54:53:88:28:83:8b:76:3f:
07:05:bd:93:eb:62:a4:9c:97:60:95:37:ea:2b:3f:d1:77:b9:
5a:c9:7c:64:53:09:ac:5f:bf:d1:9a:fa:5c:43:f1:3e:c4:a0:
53:b2:66:04:dc:54:93:b9:96:f1:62:bc:4c:6e:43:66:a7:2e:
4d:c6:de:5d:d4:c9:1b:20:b4:8b:fb:59:6b:25:b8:37:97:da:
d7:4c:8f:d4:5a:46:bd:c1:97:8f:0f:46:df:39:52:ba:bb:da:
27:95:88:8f:f8:07:14:e6:a7:e7:27:1d:a3:98:c7:c2:85:b9:
50:7a:d3:71:2e:b3:76:5e:6e:49:5e:1c:32:99:33:ee:8e:8b:
5d:31:cb:75:22:37:3f:7d:1c:5c:4b:92:a3:fe:32:08:c5:48:
be:50:2e:2c:c7:c1:78:47:f1:51:83:93:17:f5:ba:6d:b7:dc:
1d:d0:91:b9:11:ff:41:32:f2:bc:f2:50:cf:2b:a2:c9:b1:64:
73:f9:ce:b1:2d:32:49:f5:be:79:e2:f5:cd:b7:2a:31:62:aa:
dd:a4:6e:33:e8:22:6b:13:9e:3e:95:d2:fa:ab:3e:bf:a1:b1:
b4:22:21:35:ac:e8:1e:25:83:0f:43:d1:5d:b6:33:86:37:cd:
0d:74:4e:b1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIDGOBKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVm
MDczZGM1MGQzODhmNWU0Yjg0MTYxNzMzMjllNWM5ZmI1NWJhY2MwHhcNMjMxMDEw
MTgyMTI2WhcNMjUxMDExMTgyMTI2WjAzMTEwLwYDVQQDEygzMzJlNTJjNjlhY2Mz
YTA3MTIxZGVjMGJkMmJjYjAzNzg1OGIyNzc5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwABoYSPYU3iapr8rRECYOMuit1XI6ME7pDIRtzd4Kyg/qSpl
Tk/bn+K+rfgqDMu0fbpyVWPH2571u38TesjaLFwB10EvT4dRz6Q7glQQ83ZvscjB
ZXxx8cPtQwmSXV+uULkXGv/fKzrOSrwU2q9wUAi1OgACxjyn7ICXbq0MnitH+5V/
YLWWVKAe/rZpqrxh0cudcaYDEFTmjaXgEQb3D/EkZUZOhZDdQlUBgG2NsLArtrEN
u0YpgHSFRx4eNXciUwVxWFVFgNTmBV9VlCdP25oLXYb3G+lxBhsyQR3FmCXdB1MA
i2ZlQ26qMatTlxqccR9stvc9DY7OFh6mr/IbYQIDAQABo4ICfDCCAngwHQYDVR0O
BBYEFASBS6uBNZfGeJUIM52STrOM9zqaMB8GA1UdIwQYMBaAFO+rATNTEJZGrayk
rcWY3KdEQ0XJMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNWYwNzNk
YzUwZDM4OGY1ZTRiODQxNjE3MzMyOWU1YzlmYjU1YmFjYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZWJiNzFkYTktMzgwOC00ZDAwLWE5NDMtNTg5MjQw
ZDc4Mzg1LzMzMmU1MmM2OWFjYzNhMDcxMjFkZWMwYmQyYmNiMDM3ODU4YjI3Nzku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lYmI3MWRhOS0zODA4LTRkMDAtYTk0My01ODky
NDBkNzgzODUvNWYwNzNkYzUwZDM4OGY1ZTRiODQxNjE3MzMyOWU1YzlmYjU1YmFj
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEB7qzgAMEB75iAAMEAsgBnAMEBcgCoDANBAIAAjAHAwUAKAOi
ADANBgkqhkiG9w0BAQsFAAOCAQEAYk3JjKHqo19sBlRTiCiDi3Y/BwW9k+tipJyX
YJU36is/0Xe5Wsl8ZFMJrF+/0Zr6XEPxPsSgU7JmBNxUk7mW8WK8TG5DZqcuTcbe
XdTJGyC0i/tZayW4N5fa10yP1FpGvcGXjw9G3zlSurvaJ5WIj/gHFOan5ycdo5jH
woW5UHrTcS6zdl5uSV4cMpkz7o6LXTHLdSI3P30cXEuSo/4yCMVIvlAuLMfBeEfx
UYOTF/W6bbfcHdCRuRH/QTLyvPJQzyuiybFkc/nOsS0ySfW+eeL1zbcqMWKq3aRu
M+giaxOePpXS+qs+v6GxtCIhNazoHiWDD0PRXbYzhjfNDXROsQ==
-----END CERTIFICATE-----
Generated at Tue Jan 30 23:00:23 2024 by rpki-client on console-ams.rpki-client.org