Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f5ad3132-065e-48da-bb1d-cb44d1facf8d/fa39d4ad6372dc8129b8102a23341f4662d59853.roa
File: fa39d4ad6372dc8129b8102a23341f4662d59853.roa (raw, json)
Hash identifier: y6cCW62+U1d4v+jtM6TM6CcXMKOR6xDRNbWAnR28IDY=
Subject key identifier: D2:00:F6:23:BF:A4:82:D8:8B:0C:D8:C6:D3:27:1E:F2:96:65:1F:F9
Certificate issuer: /CN=0cf82f2746d0f60feb6900d06d01749fb9fd33bd
Certificate serial: 120153
Authority key identifier: AC:4B:EF:3E:30:17:EC:38:0A:A7:15:00:B5:80:C3:3E:25:EF:76:B1
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0cf82f2746d0f60feb6900d06d01749fb9fd33bd.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/f5ad3132-065e-48da-bb1d-cb44d1facf8d/fa39d4ad6372dc8129b8102a23341f4662d59853.roa
Signing time: Thu 07 Mar 2024 08:30:00 +0000
ROA not before: Thu 07 Mar 2024 08:30:00 +0000
ROA not after: Sat 07 Mar 2026 08:30:00 +0000
asID: 265688
IP address blocks: 181.174.228.0/22 maxlen: 22
181.174.228.0/23 maxlen: 23
181.174.230.0/23 maxlen: 23
181.174.228.0/24 maxlen: 24
181.174.229.0/24 maxlen: 24
181.174.230.0/24 maxlen: 24
181.174.231.0/24 maxlen: 24
2803:cb10::/32 maxlen: 32
2803:cb10::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 05 Apr 2024 14:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1179987 (0x120153)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cf82f2746d0f60feb6900d06d01749fb9fd33bd
Validity
Not Before: Mar 7 08:30:00 2024 GMT
Not After : Mar 7 08:30:00 2026 GMT
Subject: CN=fa39d4ad6372dc8129b8102a23341f4662d59853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8f:c8:ac:ec:2c:67:70:49:ba:d5:d6:86:c4:
87:bd:03:9b:78:1b:86:b9:83:4c:52:03:a2:52:12:
9b:66:3a:b8:ca:69:4c:38:1f:70:e5:3c:08:50:37:
01:66:cd:7d:e0:09:a7:c4:dd:71:7a:d1:77:35:1e:
7c:51:2c:d6:9b:ac:c1:d1:12:53:ba:d3:72:69:98:
a1:a4:76:b4:af:b4:e9:eb:fb:76:04:03:57:e6:08:
5c:86:6d:2c:0f:53:cf:b4:c0:0a:9d:12:70:0b:d0:
77:1f:35:6e:55:6e:ca:87:a2:47:87:a0:91:8e:90:
23:9e:f7:8a:af:cf:e4:69:ba:ac:79:55:fe:c3:99:
95:60:07:e4:33:68:e0:58:e0:e4:a8:59:9b:3a:33:
69:6f:9e:fb:75:39:85:5c:bb:08:e4:4a:1c:95:bc:
b8:37:a7:a8:73:57:da:c2:80:f1:3b:e0:61:60:d9:
39:79:3e:55:8e:0f:1a:4e:fd:a5:2b:42:99:e4:06:
09:c3:cc:a4:73:58:ae:1d:53:cd:18:55:bf:92:23:
2e:ab:a5:20:ad:a1:ed:73:67:fa:8d:63:09:29:52:
0f:e5:ce:08:f4:6b:3b:e6:1c:05:ca:0d:5d:db:59:
15:f2:bc:11:98:5f:20:38:d3:45:4e:95:ea:1f:4d:
58:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:00:F6:23:BF:A4:82:D8:8B:0C:D8:C6:D3:27:1E:F2:96:65:1F:F9
X509v3 Authority Key Identifier:
keyid:AC:4B:EF:3E:30:17:EC:38:0A:A7:15:00:B5:80:C3:3E:25:EF:76:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0cf82f2746d0f60feb6900d06d01749fb9fd33bd.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f5ad3132-065e-48da-bb1d-cb44d1facf8d/fa39d4ad6372dc8129b8102a23341f4662d59853.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/f5ad3132-065e-48da-bb1d-cb44d1facf8d/0cf82f2746d0f60feb6900d06d01749fb9fd33bd.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.174.228.0/22
IPv6:
2803:cb10::/32
Signature Algorithm: sha256WithRSAEncryption
04:cb:c2:63:89:88:ca:87:4c:29:34:54:df:11:67:3a:cf:e5:
62:d3:22:2b:1b:92:f7:e4:55:5b:7d:7a:0d:67:ad:84:cd:50:
82:72:5f:b8:11:a0:84:4e:ab:69:66:c7:52:03:5e:f3:c6:4d:
b4:71:41:4e:90:a7:b9:71:92:52:ba:65:1c:89:17:84:e7:b8:
bd:69:43:b8:72:cf:9a:d5:b8:b0:14:8f:e3:7f:a4:ab:1d:66:
cc:ed:8c:d6:b7:ae:c2:ab:e4:d2:1c:a9:76:62:b4:ac:0b:5c:
84:26:2a:05:94:3a:93:23:24:a1:c7:46:94:28:a6:97:8e:62:
92:fa:9d:53:28:f1:77:f0:21:ac:e7:e4:79:42:9c:04:99:97:
fe:fd:3f:bf:96:20:eb:06:0b:7a:30:3c:1a:fd:7b:55:9a:cd:
65:05:2c:bf:c6:e0:8a:87:9f:29:cb:76:f7:df:1a:02:3c:00:
a4:b5:a4:b5:80:e7:66:1d:56:e2:db:bd:95:99:a8:50:c1:52:
6f:0b:85:be:54:62:75:ec:8c:10:8d:b7:8b:68:9f:52:bf:98:
11:6c:0a:95:cd:8c:4b:86:de:27:51:19:ac:ba:5e:b8:af:6b:
23:7b:e5:df:65:74:62:17:05:07:95:7a:cb:3d:21:ed:7e:7d:
b2:ec:db:eb
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDEgFTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBj
ZjgyZjI3NDZkMGY2MGZlYjY5MDBkMDZkMDE3NDlmYjlmZDMzYmQwHhcNMjQwMzA3
MDgzMDAwWhcNMjYwMzA3MDgzMDAwWjAzMTEwLwYDVQQDEyhmYTM5ZDRhZDYzNzJk
YzgxMjliODEwMmEyMzM0MWY0NjYyZDU5ODUzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAl4/IrOwsZ3BJutXWhsSHvQObeBuGuYNMUgOiUhKbZjq4ymlM
OB9w5TwIUDcBZs194AmnxN1xetF3NR58USzWm6zB0RJTutNyaZihpHa0r7Tp6/t2
BANX5ghchm0sD1PPtMAKnRJwC9B3HzVuVW7Kh6JHh6CRjpAjnveKr8/kabqseVX+
w5mVYAfkM2jgWODkqFmbOjNpb577dTmFXLsI5Eoclby4N6eoc1fawoDxO+BhYNk5
eT5Vjg8aTv2lK0KZ5AYJw8ykc1iuHVPNGFW/kiMuq6UgraHtc2f6jWMJKVIP5c4I
9Gs75hwFyg1d21kV8rwRmF8gONNFTpXqH01YZQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFNIA9iO/pILYiwzYxtMnHvKWZR/5MB8GA1UdIwQYMBaAFKxL7z4wF+w4CqcV
ALWAwz4l73axMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMGNmODJm
Mjc0NmQwZjYwZmViNjkwMGQwNmQwMTc0OWZiOWZkMzNiZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjVhZDMxMzItMDY1ZS00OGRhLWJiMWQtY2I0NGQx
ZmFjZjhkL2ZhMzlkNGFkNjM3MmRjODEyOWI4MTAyYTIzMzQxZjQ2NjJkNTk4NTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mNWFkMzEzMi0wNjVlLTQ4ZGEtYmIxZC1jYjQ0
ZDFmYWNmOGQvMGNmODJmMjc0NmQwZjYwZmViNjkwMGQwNmQwMTc0OWZiOWZkMzNi
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEArWu5DANBAIAAjAHAwUAKAPLEDANBgkqhkiG9w0BAQsFAAOC
AQEABMvCY4mIyodMKTRU3xFnOs/lYtMiKxuS9+RVW316DWethM1QgnJfuBGghE6r
aWbHUgNe88ZNtHFBTpCnuXGSUrplHIkXhOe4vWlDuHLPmtW4sBSP43+kqx1mzO2M
1reuwqvk0hypdmK0rAtchCYqBZQ6kyMkocdGlCiml45ikvqdUyjxd/AhrOfkeUKc
BJmX/v0/v5Yg6wYLejA8Gv17VZrNZQUsv8bgioefKct2998aAjwApLWktYDnZh1W
4tu9lZmoUMFSbwuFvlRideyMEI23i2ifUr+YEWwKlc2MS4beJ1EZrLpeuK9rI3vl
32V0YhcFB5V6yz0h7X59suzb6w==
-----END CERTIFICATE-----
Generated at Fri Apr 5 18:53:24 2024 by rpki-client on console-ams.rpki-client.org