Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E836823D6693BDB4357836FFB06AAAF827FA7A4A5AACA8B5F1FF56C9645F6D72/0/323830313a3166353a3a2f34302d3438203d3e203634313533.roa
File: 323830313a3166353a3a2f34302d3438203d3e203634313533.roa (raw, json)
Hash identifier: c2vIpU2QA2C04Ylgw6oGo3PZWNuth7hpVelL+wGXe1g=
Subject key identifier: 4E:2F:F0:F6:2D:D5:05:47:6F:B4:4F:57:07:93:FD:48:D8:DA:2E:22
Certificate issuer: /CN=CDC77A42763441C41428797EE5B764FBCD7AF57E
Certificate serial: 3FBD379DD9E392F95C2DD9C8C19736904AEEC5BB
Authority key identifier: CD:C7:7A:42:76:34:41:C4:14:28:79:7E:E5:B7:64:FB:CD:7A:F5:7E
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CDC77A42763441C41428797EE5B764FBCD7AF57E.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/E836823D6693BDB4357836FFB06AAAF827FA7A4A5AACA8B5F1FF56C9645F6D72/0/323830313a3166353a3a2f34302d3438203d3e203634313533.roa
Signing time: Tue 25 Jun 2024 13:00:00 +0000
ROA not before: Tue 25 Jun 2024 12:55:00 +0000
ROA not after: Tue 24 Jun 2025 13:00:00 +0000
asID: 64153
IP address blocks: 2801:1f5::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jul 2024 07:00:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:bd:37:9d:d9:e3:92:f9:5c:2d:d9:c8:c1:97:36:90:4a:ee:c5:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CDC77A42763441C41428797EE5B764FBCD7AF57E
Validity
Not Before: Jun 25 12:55:00 2024 GMT
Not After : Jun 24 13:00:00 2025 GMT
Subject: CN=4E2FF0F62DD505476FB44F570793FD48D8DA2E22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:81:d3:ff:e3:96:d7:0a:77:b2:63:4e:de:41:
39:ed:16:7b:7a:1c:a7:87:1b:d3:50:cf:04:d1:5f:
57:86:ce:c8:bb:30:be:54:3b:a6:b9:4c:f1:25:96:
ba:ab:0b:a7:75:dc:45:a2:eb:31:82:f8:d1:72:05:
50:86:19:c9:d7:de:a6:33:16:23:d6:68:d4:59:02:
81:99:95:78:b5:48:a2:66:05:a7:2d:3d:5e:74:79:
0c:5c:81:31:44:0c:e4:94:b1:de:72:ca:79:d2:3e:
3b:3c:b8:56:97:3c:cc:91:b4:d4:4f:41:b7:48:df:
40:64:1e:ee:c6:d8:a0:7a:77:3d:09:2d:68:41:87:
58:ec:c0:75:cd:33:c5:91:d4:a1:bb:10:11:19:26:
4e:db:03:2f:e2:f9:02:34:55:7e:8f:83:34:1b:12:
50:95:a5:97:89:cf:a0:e0:17:3b:3c:4e:be:dd:7f:
e3:11:cf:09:8b:32:e2:60:f2:30:40:cc:38:ac:57:
85:33:ca:13:69:e0:cd:33:06:84:a5:1c:59:88:0e:
81:78:d4:44:1e:66:a7:95:d0:64:54:c7:e3:78:79:
98:ff:c3:ee:2f:2c:f2:70:36:d2:a0:ba:b2:c2:f5:
c4:ae:71:f6:84:94:32:50:bc:86:00:06:2e:95:fc:
ed:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:2F:F0:F6:2D:D5:05:47:6F:B4:4F:57:07:93:FD:48:D8:DA:2E:22
X509v3 Authority Key Identifier:
keyid:CD:C7:7A:42:76:34:41:C4:14:28:79:7E:E5:B7:64:FB:CD:7A:F5:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/E836823D6693BDB4357836FFB06AAAF827FA7A4A5AACA8B5F1FF56C9645F6D72/0/CDC77A42763441C41428797EE5B764FBCD7AF57E.crl
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CDC77A42763441C41428797EE5B764FBCD7AF57E.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E836823D6693BDB4357836FFB06AAAF827FA7A4A5AACA8B5F1FF56C9645F6D72/0/323830313a3166353a3a2f34302d3438203d3e203634313533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2801:1f5::/40
Signature Algorithm: sha256WithRSAEncryption
06:a8:40:a8:c1:4e:05:04:bf:ea:09:6a:06:f4File: rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/e605f279-55f4-48ec-ba13-4845c0973a63/6eb08eda-b23a-3953-8077-3280ae29b254.roa
Hash identifier: bpb1GlXCQBY4BNnkdfhiaubjaPWY8mWx4/jb0YS8bPE=
Subject key identifier: 2D:2A:6D:E3:50:81:77:0D:7A:3E:9E:4C:C6:88:2A:E9:55:2B:59:11
Certificate issuer: /CN=e605f279-55f4-48ec-ba13-4845c0973a63
Certificate serial: 010D0C9F43285845D503ABACC0F1981183D31E80
Authority key identifier: 0F:DD:01:7D:DC:6B:33:2E:B9:15:A3:77:E0:93:2A:C4:D2:68:D7:FE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/e605f279-55f4-48ec-ba13-4845c0973a63.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/e605f279-55f4-48ec-ba13-4845c0973a63/6eb08eda-b23a-3953-8077-3280ae29b254.roa
Signing time: Sat 11 May 2024 01:00:27 +0000
ROA not before: Sat 11 May 2024 01:00:27 +0000
ROA not after: Fri 09 Aug 2024 01:00:27 +0000
asID: 54113
IP address blocks: 140.248.200.0/24 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:45:d5:03:ab:ac:c0:f1:98:11:83:d3:1e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e605f279-55f4-48ec-ba13-4845c0973a63
Validity
Not Before: May 11 01:00:27 2024 GMT
Not After : Aug 9 01:00:27 2024 GMT
Subject: CN=d75962a9-86b9-4a7e-ba59-a80306ab4713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:72:4a:7c:3d:5e:c8:f1:d7:e2:e3:51:0d:c0:
0b:98:80:4b:78:48:a6:d1:a1:66:7f:22:38:8e:a4:
a9:94:24:57:d0:f1:19:d6:0c:f6:0d:5d:30:4b:79:
c7:30:55:3f:9b:13:2c:5c:ac:a8:2d:65:18:48:30:
2f:1b:37:f4:0d:71:c1:f7:54:72:60:ca:f4:9d:62:
2c:0b:cb:64:c3:8f:56:ab:75:36:91:88:38:64:7f:
e3:8a:53:05:2d:ec:e3:94:68:5f:4f:05:9e:80:30:
73:26:94:51:93:df:5e:5f:63:44:42:2c:a9:e1:a7:
04:36:d8:1f:f3:42:a3:91:74:6a:40:dd:ba:7e:82:
b3:54:b3:8f:7c:9d:e0:87:f6:cc:4d:83:cc:9c:52:
6d:d8:38:43:88:8d:3a:e3:7f:f5:24:35:17:79:91:
ea:a4:b5:8a:a8:1a:ad:66:9c:24:09:65:97:d5:e4:
84:20:12:3f:1f:08:11:e7:1e:e8:94:77:b9:f1:b7:
4e:1c:08:5b:5d:47:2b:76:a5:b4:cd:da:dc:66:2a:
c1:07:8d:ac:e7:96:56:25:be:b4:4f:3a:cc:03:c9:
36:ca:ef:ca:ad:d9:e2:d9:0f:a9:24:29:3f:26:5d:
ab:85:73:80:3c:b2:19:42:aa:02:d6:db:10:39:a1:
44:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:2A:6D:E3:50:81:77:0D:7A:3E:9E:4C:C6:88:2A:E9:55:2B:59:11
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/e605f279-55f4-48ec-ba13-4845c0973a63/6eb08eda-b23a-3953-8077-3280ae29b254.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/e605f279-55f4-48ec-ba13-4845c0973a63/e605f279-55f4-48ec-ba13-4845c0973a63.crl
X509v3 Authority Key Identifier:
keyid:0F:DD:01:7D:DC:6B:33:2E:B9:15:A3:77:E0:93:2A:C4:D2:68:D7:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/e605f279-55f4-48ec-ba13-4845c0973a63.cer
sbgp-ipAddrBlock: critical
IPv4:
140.248.200.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
a2:89:7f:be:cd:a8:ce:45:bc:75:79:90:ec:9e:d4:5d:5f:a1:
99:3e:fb:1e:f4:91:0a:7a:21:4d:de:91:a2:60:c8:1e:b6:dd:
8c:b9:4b:2b:f9:5c:21:c0:79:25:02:ca:dd:70:bf:59:f6:bc:
a0:86:e0:70:06:19:79:8b:57:f0:93:7d:b2:62:91:18:42:bb:
b7:16:a5:61:18:c1:d1:28:d5:57:a1:d4:5c:57:8f:a8:25:91:
da:06:ff:3b:bb:d2:bb:cd:83:59:f3:b8:fe:1b:3d:fd:ac:84:
5e:77:79:0b:f4:3d:40:08:c0:58:84:b5:22:d4:4b:23:a6:9e:
2a:22:7d:68:19:19:0a:fa:53:c6:25:c1:e3:25:56:fb:75:0a:
79:70:7a:a6:e2:25:86:de:64:13:d7:51:a0:07:e6:c4:1b:18:
4e:0a:5c:09:27:7d:96:06:33:39:51:7b:ca:0b:19:6a:aa:93:
3c:a9:a9:11:39:b0:a6:c6:c9:80:bd:63:60:f3:6d:9a:d2:86:
1a:bc:d6:5d:9d:cb:4a:aa:75:97:15:77:74:82:d8:36:5f:ba:
80:45:34:37:8f:92:84:8e:58:24:b8:73:fe:3d:96:c4:02:d1:
a7:96:b0:3b:0e:16:87:66:5c:ae:c2:6c:99:0e:40:11:6d:8c:
b6:8c:bc:d1
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEXVA6uswPGYEYPTHoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZTYwNWYyNzktNTVmNC00OGVjLWJhMTMtNDg0NWMwOTcz
YTYzMB4XDTI0MDUxMTAxMDAyN1oXDTI0MDgwOTAxMDAyN1owLzEtMCsGA1UEAxMk
ZDc1OTYyYTktODZiOS00YTdlLWJhNTktYTgwMzA2YWI0NzEzMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHJKfD1eyPHX4uNRDcALmIBLeEim0aFmfyI4
jqSplCRX0PEZ1gz2DV0wS3nHMFU/mxMsXKyoLWUYSDAvGzf0DXHB91RyYMr0nWIs
C8tkw49Wq3U2kYg4ZH/jilMFLezjlGhfTwWegDBzJpRRk99eX2NEQiyp4acENtgf
80KjkXRqQN26foKzVLOPfJ3gh/bMTYPMnFJt2DhDiI0643/1JDUXeZHqpLWKqBqt
ZpwkCWWX1eSEIBI/HwgR5x7olHe58bdOHAhbXUcrdqW0zdrcZirBB42s55ZWJb60
TzrMA8k2yu/Krdni2Q+pJCk/Jl2rhXOAPLIZQqoC1tsQOaFEsQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFC0qbeNQgXcNej6eTMaIKulVK1kRMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzg3MWRhNDBmLTc5M2EtNGE0NS1hMGE5LTk3ODE0ODMyMWEwNy9lNjA1
ZjI3OS01NWY0LTQ4ZWMtYmExMy00ODQ1YzA5NzNhNjMvNmViMDhlZGEtYjIzYS0z
OTUzLTgwNzctMzI4MGFlMjliMjU0LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy84NzFkYTQwZi03
OTNhLTRhNDUtYTBhOS05NzgxNDgzMjFhMDcvZTYwNWYyNzktNTVmNC00OGVjLWJh
MTMtNDg0NWMwOTczYTYzL2U2MDVmMjc5LTU1ZjQtNDhlYy1iYTEzLTQ4NDVjMDk3
M2E2My5jcmwwHwYDVR0jBBgwFoAUD90BfdxrMy65FaN34JMqxNJo1/4wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2EtNGE0
NS1hMGE5LTk3ODE0ODMyMWEwNy9lNjA1ZjI3OS01NWY0LTQ4ZWMtYmExMy00ODQ1
YzA5NzNhNjMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjPjIMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAKKJf77NqM5FvHV5kOye1F1foZk++x70kQp6IU3ekaJgyB623Yy5Syv5
XCHAeSUCyt1wv1n2vKCG4HAGGXmLV/CTfbJikRhCu7cWpWEYwdEo1Veh1FxXj6gl
kdoG/zu70rvNg1nzuP4bPf2shF53eQv0PUAIwFiEtSLUSyOmnioifWgZGQr6U8Yl
weMlVvt1CnlweqbiJYbeZBPXUaAH5sQbGE4KXAknfZYGMzlRe8oLGWqqkzypqRE5
sKbGyYC9Y2DzbZrShhq81l2dy0qqdZcVd3SC2DZfuoBFNDePkoSOWCS4c/49lsQC
0aeWsDsOFodmXK7CbJkOQBFtjLaMvNE=
-----END CERTIFICATE-----
Generated at Thu Jul 11 03:29:30 2024 by rpki-client on console.sobornost.net