Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/b32cf868bcc5d88acd650f18d7106c2897134523.roa
File: b32cf868bcc5d88acd650f18d7106c2897134523.roa (raw, json)
Hash identifier: 7qaexPT4KMP9GB/y/aDI6blEd9nC76q1Kc2aOydJxz8=
Subject key identifier: B3:64:11:74:B0:3C:27:98:15:33:B3:FA:AC:6B:C3:03:A3:58:4F:73
Certificate issuer: /CN=ce64e257eae04ee26d8eb339f148791b31cc0875
Certificate serial: 14FD24
Authority key identifier: 67:C6:3B:A4:47:A2:35:D2:28:1C:33:3E:9A:83:87:25:17:A4:B1:BE
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce64e257eae04ee26d8eb339f148791b31cc0875.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/b32cf868bcc5d88acd650f18d7106c2897134523.roa
Signing time: Wed 16 Feb 2022 19:37:28 +0000
ROA not before: Wed 24 Mar 2021 03:00:00 +0000
ROA not after: Tue 24 Mar 2026 03:00:00 +0000
asID: 23031
IP address blocks: 66.231.65.0/24 maxlen: 24
66.231.66.0/24 maxlen: 24
66.231.67.0/24 maxlen: 24
66.231.72.0/24 maxlen: 24
66.231.73.0/24 maxlen: 24
66.231.77.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1375524 (0x14fd24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce64e257eae04ee26d8eb339f148791b31cc0875
Validity
Not Before: Mar 24 03:00:00 2021 GMT
Not After : Mar 24 03:00:00 2026 GMT
Subject: CN=b32cf868bcc5d88acd650f18d7106c2897134523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a5:8d:19:a0:21:e4:83:c2:23:69:7a:e8:49:
1c:fd:37:f3:d9:cb:6f:d8:39:2a:d5:46:d2:6e:75:
06:00:c9:ed:77:2b:c2:1a:1c:69:0c:09:24:f3:b4:
00:25:cd:7a:77:f9:4a:45:cb:eb:cd:96:b4:1e:82:
4b:3d:0f:23:e6:d7:14:59:a1:2d:cb:e1:50:70:d4:
44:95:3b:87:f9:b9:cd:a5:0c:0a:d4:c9:58:37:58:
34:0f:70:ee:97:66:85:11:35:52:10:83:91:f3:9e:
36:95:ab:28:7b:d3:92:00:bb:b8:0c:87:61:12:26:
5c:4b:5a:e0:a5:80:85:5d:07:9b:1d:fd:9b:26:3b:
a6:5e:47:25:56:b9:ce:61:de:05:ac:e8:68:7e:25:
8c:51:e0:63:54:e1:f9:57:40:ac:fb:ee:2a:17:ab:
65:ff:f7:87:d9:2f:19:49:24:9d:23:fc:44:f4:d9:
5a:b8:d6:8c:f3:2e:47:21:ed:ad:ef:cf:96:0c:40:
1a:b2:96:39:d3:f0:12:08:5e:09:dd:05:4d:9b:80:
5f:49:d7:4b:3d:58:93:a5:ab:9f:8d:49:f1:92:95:
89:f4:97:9a:28:79:38:4e:5b:5e:c4:a3:53:51:3c:
86:ff:f1:60:44:b1:3f:b9:36:30:d2:10:cc:57:c9:
1b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:64:11:74:B0:3C:27:98:15:33:B3:FA:AC:6B:C3:03:A3:58:4F:73
X509v3 Authority Key Identifier:
keyid:67:C6:3B:A4:47:A2:35:D2:28:1C:33:3E:9A:83:87:25:17:A4:B1:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce64e257eae04ee26d8eb339f148791b31cc0875.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/b32cf868bcc5d88acd650f18d7106c2897134523.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/ce64e257eae04ee26d8eb339f148791b31cc0875.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.231.65.0-66.231.67.255
66.231.72.0/23
66.231.77.0/24
Signature Algorithm: sha256WithRSAEncryption
32:d3:ed:b4:92:6d:d4:0a:1c:8b:d9:2b:e2:12:d4:4b:4e:e0:
8a:a7:8c:32:34:6e:9e:9b:f9:ed:bd:63:55:bf:18:c5:d4:17:
2f:e3:53:fd:9f:6e:a9:79:f7:c9:b9:4f:db:49:d2:3d:29:04:
36:db:45:5d:5a:bc:42:49:5c:d8:b7:4a:10:67:00:39:03:99:
49:cd:2f:6c:49:34:d8:fa:a6:ff:43:46:d6:3d:67:62:d6:34:
46:60:d9:5b:46:8c:d1:47:75:73:f2:ec:56:c5:67:7d:a2:6e:
e7:7b:b9:ef:c3:40:eb:f4:e2:3c:fa:3d:88:0a:65:84:88:aa:
e3:41:e3:b5:b5:af:e2:4c:ee:e8:2a:b0:41:c6:32:d3:35:8f:
2a:a6:06:9f:16:08:0c:af:13:74:fa:b8:75:80:bd:35:ab:bc:
7e:c1:69:51:b1:8c:e7:50:d7:96:24:44:d2:0d:78:a2:bf:10:
c4:72:24:ed:98:e5:da:f3:c1:05:58:e0:7c:ac:34:45:9d:ea:
02:08:ed:81:b3:e5:fd:ea:45:2b:40:37:36:c2:75:00:32:32:
10:58:85:4c:9e:b3:b8:f5:5b:08:4d:55:a6:34:fc:24:c3:5b:
d3:f9:1a:94:6b:68:7c:96:6a:a2:84:24:03:31:b7:a9:41:34:
bf:51:2f:ad
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIDFP0kMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
NjRlMjU3ZWFlMDRlZTI2ZDhlYjMzOWYxNDg3OTFiMzFjYzA4NzUwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhiMzJjZjg2OGJjYzVk
ODhhY2Q2NTBmMThkNzEwNmMyODk3MTM0NTIzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhKWNGaAh5IPCI2l66Ekc/Tfz2ctv2Dkq1UbSbnUGAMntdyvC
GhxpDAkk87QAJc16d/lKRcvrzZa0HoJLPQ8j5tcUWaEty+FQcNRElTuH+bnNpQwK
1MlYN1g0D3Dul2aFETVSEIOR8542lasoe9OSALu4DIdhEiZcS1rgpYCFXQebHf2b
JjumXkclVrnOYd4FrOhofiWMUeBjVOH5V0Cs++4qF6tl//eH2S8ZSSSdI/xE9Nla
uNaM8y5HIe2t78+WDEAaspY50/ASCF4J3QVNm4BfSddLPViTpaufjUnxkpWJ9Jea
KHk4TltexKNTUTyG//FgRLE/uTYw0hDMV8kbzwIDAQABo4ICbzCCAmswHQYDVR0O
BBYEFLNkEXSwPCeYFTOz+qxrwwOjWE9zMB8GA1UdIwQYMBaAFGfGO6RHojXSKBwz
PpqDhyUXpLG+MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2U2NGUy
NTdlYWUwNGVlMjZkOGViMzM5ZjE0ODc5MWIzMWNjMDg3NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjViNjM3YzYtY2RjZi00MjNkLThjMGMtY2Q2MTVh
Yjk4YTI0L2IzMmNmODY4YmNjNWQ4OGFjZDY1MGYxOGQ3MTA2YzI4OTcxMzQ1MjMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNWI2MzdjNi1jZGNmLTQyM2QtOGMwYy1jZDYx
NWFiOThhMjQvY2U2NGUyNTdlYWUwNGVlMjZkOGViMzM5ZjE0ODc5MWIzMWNjMDg3
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQk
MCIwIAQCAAEwGjAMAwQAQudBAwQCQudAAwQBQudIAwQAQudNMA0GCSqGSIb3DQEB
CwUAA4IBAQAy0+20km3UChyL2SviEtRLTuCKp4wyNG6em/ntvWNVvxjF1Bcv41P9
n26peffJuU/bSdI9KQQ220VdWrxCSVzYt0oQZwA5A5lJzS9sSTTY+qb/Q0bWPWdi
1jRGYNlbRozRR3Vz8uxWxWd9om7ne7nvw0Dr9OI8+j2ICmWEiKrjQeO1ta/iTO7o
KrBBxjLTNY8qpgafFggMrxN0+rh1gL01q7x+wWlRsYznUNeWJETSDXiivxDEciTt
mOXa88EFWOB8rDRFneoCCO2Bs+X96kUrQDc2wnUAMjIQWIVMnrO49VsITVWmNPwk
w1vT+RqUa2h8lmqihCQDMbepQTS/US+t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:05 2024 by rpki-client on console-ams.rpki-client.org