Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f4bc5d7e-ea3a-4ab3-a8a5-5903eb4f1726/07f8cd9b2da5a7345feb5aeda7c49d680020e1e3.roa
File: 07f8cd9b2da5a7345feb5aeda7c49d680020e1e3.roa (raw, json)
Hash identifier: se0vY1HizA6UUVdwArw+tJe72C1E5LgSZJZhrTLs9qg=
Subject key identifier: AE:E1:27:F1:15:DA:C8:AC:47:6A:69:79:6D:6D:35:E9:59:BF:91:28
Certificate issuer: /CN=aa536e2112fb6fbd4fd90b644c6fd66acba797ea
Certificate serial: 21A750
Authority key identifier: 34:98:A2:3B:7F:57:B4:51:CF:75:1E:21:7C:78:5E:0F:BE:35:87:87
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/aa536e2112fb6fbd4fd90b644c6fd66acba797ea.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/f4bc5d7e-ea3a-4ab3-a8a5-5903eb4f1726/07f8cd9b2da5a7345feb5aeda7c49d680020e1e3.roa
Signing time: Sat 10 Jun 2023 01:50:07 +0000
ROA not before: Fri 09 Jun 2023 01:50:07 +0000
ROA not after: Tue 10 Jun 2025 01:50:07 +0000
asID: 271906
IP address blocks: 200.85.128.0/21 maxlen: 24
200.85.128.0/24 maxlen: 24
200.85.129.0/24 maxlen: 24
200.85.130.0/24 maxlen: 24
200.85.131.0/24 maxlen: 24
200.85.132.0/24 maxlen: 24
200.85.133.0/24 maxlen: 24
200.85.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2205520 (0x21a750)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa536e2112fb6fbd4fd90b644c6fd66acba797ea
Validity
Not Before: Jun 9 01:50:07 2023 GMT
Not After : Jun 10 01:50:07 2025 GMT
Subject: CN=07f8cd9b2da5a7345feb5aeda7c49d680020e1e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c2:f6:db:22:7d:f1:24:55:e1:38:e3:09:78:
16:aa:88:33:55:44:f9:fd:91:35:f8:20:44:a4:65:
30:23:23:20:12:21:5f:86:bc:ee:92:1a:8f:98:94:
c4:f0:38:4e:f0:d9:51:b7:5c:bb:d9:0a:26:89:ea:
fb:ad:22:20:50:e7:b5:aa:6b:39:c6:e1:81:ad:1c:
d9:de:31:bb:41:08:d2:d1:0f:ac:6c:9b:fa:3a:e5:
00:78:57:6a:c7:7b:db:44:ee:98:da:e4:79:63:7c:
9f:0e:d9:a7:00:d0:b8:12:45:ae:1c:f7:eb:77:c1:
9b:3d:66:f2:42:99:99:48:38:4a:33:ec:ec:09:4e:
73:f3:49:e9:91:34:5e:38:bc:ba:f2:41:e2:91:41:
b2:24:32:ea:78:e6:75:2a:37:42:0c:d1:37:4f:b8:
cd:e9:4e:2c:7d:62:d6:d2:9f:50:39:9e:70:f8:2e:
89:58:be:36:69:99:41:7e:d1:77:c0:20:3a:72:47:
99:07:28:7b:bb:14:27:2e:10:24:f6:b5:e2:f2:9f:
0a:d7:96:20:08:19:b4:e3:97:e8:3d:58:ba:4a:d8:
42:63:99:b6:a5:88:d1:9d:1f:72:84:2e:58:5f:f8:
eb:04:80:37:dc:b6:e0:3d:9d:97:86:d8:35:e1:28:
30:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:E1:27:F1:15:DA:C8:AC:47:6A:69:79:6D:6D:35:E9:59:BF:91:28
X509v3 Authority Key Identifier:
keyid:34:98:A2:3B:7F:57:B4:51:CF:75:1E:21:7C:78:5E:0F:BE:35:87:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/aa536e2112fb6fbd4fd90b644c6fd66acba797ea.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f4bc5d7e-ea3a-4ab3-a8a5-5903eb4f1726/07f8cd9b2da5a7345feb5aeda7c49d680020e1e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/f4bc5d7e-ea3a-4ab3-a8a5-5903eb4f1726/aa536e2112fb6fbd4fd90b644c6fd66acba797ea.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.85.128.0/21
Signature Algorithm: sha256WithRSAEncryption
01:3c:e7:45:fb:b0:ac:a9:b2:f0:e0:9d:07:82:29:24:2f:fd:
ff:53:45:06:73:61:10:f3:c6:59:54:84:45:d9:8b:d2:db:fa:
29:f4:18:e3:fe:b7:e2:6f:44:38:b0:fe:a1:4e:35:18:01:e6:
d5:2a:7e:ae:10:d4:42:e8:21:3e:f6:7e:e7:be:24:27:c4:26:
8e:50:d8:74:23:35:f6:1b:bd:4b:04:5c:aa:48:84:cd:42:a7:
39:c8:a6:4a:72:72:ce:50:39:ca:2f:8c:20:75:1c:58:c0:c5:
a1:0c:f6:8e:d8:33:dd:99:d4:4b:f7:75:72:c7:52:aa:77:f7:
88:87:fc:e2:85:d0:38:02:12:03:50:4d:dc:86:59:44:58:31:
54:d6:7e:8d:e4:77:8b:2f:96:eb:b5:0f:72:0c:67:12:1f:6f:
4c:71:bd:35:69:dd:06:2c:68:e9:87:b6:a2:55:67:c1:0b:e7:
1c:c9:02:55:30:58:1e:8a:12:af:79:08:55:e8:23:39:5d:09:
c1:68:ef:4d:09:70:4b:5b:c4:28:d4:96:f2:42:2f:aa:f3:a4:
5f:15:0f:3f:2c:27:93:b7:f9:fb:f9:17:bc:7b:d7:f0:bc:d7:
86:62:58:9d:4f:8b:57:1f:f7:82:8c:dc:20:46:ea:fa:de:dd:
2e:7e:ca:c7
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDIadQMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFh
NTM2ZTIxMTJmYjZmYmQ0ZmQ5MGI2NDRjNmZkNjZhY2JhNzk3ZWEwHhcNMjMwNjA5
MDE1MDA3WhcNMjUwNjEwMDE1MDA3WjAzMTEwLwYDVQQDEygwN2Y4Y2Q5YjJkYTVh
NzM0NWZlYjVhZWRhN2M0OWQ2ODAwMjBlMWUzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmML22yJ98SRV4TjjCXgWqogzVUT5/ZE1+CBEpGUwIyMgEiFf
hrzukhqPmJTE8DhO8NlRt1y72Qomier7rSIgUOe1qms5xuGBrRzZ3jG7QQjS0Q+s
bJv6OuUAeFdqx3vbRO6Y2uR5Y3yfDtmnANC4EkWuHPfrd8GbPWbyQpmZSDhKM+zs
CU5z80npkTReOLy68kHikUGyJDLqeOZ1KjdCDNE3T7jN6U4sfWLW0p9QOZ5w+C6J
WL42aZlBftF3wCA6ckeZByh7uxQnLhAk9rXi8p8K15YgCBm045foPVi6SthCY5m2
pYjRnR9yhC5YX/jrBIA33LbgPZ2Xhtg14Sgw5QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFK7hJ/EV2sisR2ppeW1tNelZv5EoMB8GA1UdIwQYMBaAFDSYojt/V7RRz3Ue
IXx4Xg++NYeHMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYWE1MzZl
MjExMmZiNmZiZDRmZDkwYjY0NGM2ZmQ2NmFjYmE3OTdlYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjRiYzVkN2UtZWEzYS00YWIzLWE4YTUtNTkwM2Vi
NGYxNzI2LzA3ZjhjZDliMmRhNWE3MzQ1ZmViNWFlZGE3YzQ5ZDY4MDAyMGUxZTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mNGJjNWQ3ZS1lYTNhLTRhYjMtYThhNS01OTAz
ZWI0ZjE3MjYvYWE1MzZlMjExMmZiNmZiZDRmZDkwYjY0NGM2ZmQ2NmFjYmE3OTdl
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA8hVgDANBgkqhkiG9w0BAQsFAAOCAQEAATznRfuwrKmy8OCd
B4IpJC/9/1NFBnNhEPPGWVSERdmL0tv6KfQY4/634m9EOLD+oU41GAHm1Sp+rhDU
QughPvZ+574kJ8QmjlDYdCM19hu9SwRcqkiEzUKnOcimSnJyzlA5yi+MIHUcWMDF
oQz2jtgz3ZnUS/d1csdSqnf3iIf84oXQOAISA1BN3IZZRFgxVNZ+jeR3iy+W67UP
cgxnEh9vTHG9NWndBixo6Ye2olVnwQvnHMkCVTBYHooSr3kIVegjOV0JwWjvTQlw
S1vEKNSW8kIvqvOkXxUPPywnk7f5+/kXvHvX8LzXhmJYnU+LVx/3gozcIEbq+t7d
Ln7Kxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:14 2024 by rpki-client on console-fra.rpki-client.org