Route Origin Authorization
$ rpki-client -vvf rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/2/AS263297.roa
File: AS263297.roa (raw, json)
Hash identifier: HwEQs705+9iGRAEUS69R0OEu0eqI48+wTpUADbQUZ2c=
Subject key identifier: 91:F2:2F:08:95:FA:9A:7A:EE:AA:EF:6F:9E:CA:3F:20:1E:1E:C7:FF
Certificate issuer: /CN=D7B86B5B6E0677EED89A37670E1D04CE759EFB26
Certificate serial: 2F55E3C250B11554059A68B0FDD1D745C4E5FF4F
Authority key identifier: D7:B8:6B:5B:6E:06:77:EE:D8:9A:37:67:0E:1D:04:CE:75:9E:FB:26
Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D7B86B5B6E0677EED89A37670E1D04CE759EFB26.cer
Subject info access: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/2/AS263297.roa
Signing time: Tue 23 Jul 2024 12:10:28 +0000
ROA not before: Tue 23 Jul 2024 12:05:28 +0000
ROA not after: Tue 22 Jul 2025 12:10:28 +0000
asID: 263297
IP address blocks: 45.230.116.0/22 maxlen: 24
131.255.124.0/22 maxlen: 24
143.202.168.0/22 maxlen: 24
167.249.92.0/22 maxlen: 24
168.0.124.0/22 maxlen: 24
170.82.196.0/22 maxlen: 24
191.6.136.0/22 maxlen: 24
2804:13d0::/32 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:55:e3:c2:50:b1:15:54:05:9a:68:b0:fd:d1:d7:45:c4:e5:ff:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D7B86B5B6E0677EED89A37670E1D04CE759EFB26
Validity
Not Before: Jul 23 12:05:28 2024 GMT
Not After : Jul 22 12:10:28 2025 GMT
Subject: CN=91F22F0895FA9A7AEEAAEF6F9ECA3F201E1EC7FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1c:72:6e:af:9e:7e:e3:bb:c4:17:18:3d:9d:
16:df:fc:75:b3:a5:e3:2b:2c:65:a6:01:55:14:4a:
f7:c2:89:37:44:1f:a3:b1:f2:f8:38:fc:e7:dc:42:
55:8d:54:fd:0e:bf:2f:4a:74:ac:02:6d:20:1c:90:
f2:72:bc:71:88:91:77:b2:00:f0:b4:5b:84:25:0b:
66:74:bb:b7:c1:2b:c2:09:c1:48:8f:90:01:05:4b:
6b:e0:15:2b:0e:06:b3:5f:34:68:02:53:28:3b:76:
db:84:81:7e:24:0a:2f:91:1b:96:d8:9d:0b:fd:ed:
67:fd:bf:07:fd:ce:02:7f:14:5c:e7:3f:0d:58:69:
70:4a:c6:ab:e6:fd:fa:0f:3e:6c:02:4b:fe:07:a0:
4e:4d:94:a5:1f:bb:08:5b:32:7e:10:69:48:c8:0c:
7c:54:89:56:25:38:05:49:69:0a:f7:38:d9:00:bc:
ec:8d:10:b7:61:97:88:2b:7d:60:e1:14:da:46:77:
b3:80:95:31:b6:5a:17:96:a5:f1:00:67:c5:d5:d5:
64:60:cb:d8:38:68:1a:61:82:e8:89:20:cb:f1:78:
83:0a:d1:9e:e2:86:30:7a:9b:bd:be:6e:86:7c:89:
b5:57:58:22:20:30:f7:96:71:7d:64:9b:5e:e2:06:
45:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F2:2F:08:95:FA:9A:7A:EE:AA:EF:6F:9E:CA:3F:20:1E:1E:C7:FF
X509v3 Authority Key Identifier:
keyid:D7:B8:6B:5B:6E:06:77:EE:D8:9A:37:67:0E:1D:04:CE:75:9E:FB:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/2/D7B86B5B6E0677EED89A37670E1D04CE759EFB26.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D7B86B5B6E0677EED89A37670E1D04CE759EFB26.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/2/AS263297.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.230.116.0/22
131.255.124.0/22
143.202.168.0/22
167.249.92.0/22
168.0.124.0/22
170.82.196.0/22
191.6.136.0/22
IPv6:
2804:13d0::/32
Signature Algorithm: sha256WithRSAEncryption
a8:02:a2:c3:d2:14:f6:c6:04:9e:1d:4d:f2:1b:23:ac:4b:11:
cb:21:ec:e4:68:58:35:c0:a9:09:5c:11:22:32:2b:70:7e:0d:
9f:16:c0:56:dd:6a:bf:83:ff:00:0a:ef:2e:af:1f:1f:86:95:
a2:e0:b2:d9:c0:c2:d9:f5:bf:af:68:35:3b:9e:1a:3a:0b:a0:
41:49:ae:fa:5f:10:2d:04:85:9a:ce:6b:c7:b1:1b:27:1d:9c:
11:15:f4:47:cc:42:dd:55:6f:ad:d0:90:b5:d0:37:40:c5:b9:
16:78:fe:3d:71:56:ab:6c:7c:b9:02:ac:a1:b1:10:b8:8b:50:
77:dc:4c:a1:96:f4:e7:b4:3f:21:42:07:dc:60:26:af:fa:40:
85:48:95:0d:d0:b1:97:f7:e3:02:d5:eb:15:37:43:e2:87:a3:
88:79:12:f1:42:38:87:23:d2:2c:dd:73:32:04:d2:b9:fc:4f:
98:b7:a9:0c:1b:f0:48:1e:cf:c7:ad:18:f0:0d:08:eb:f8:8e:
22:77:74:af:14:4c:63:f0:49:5f:0f:6b:bc:24:ee:cd:e0:52:
c6:ea:8c:dd:c2:0a:91:97:ad:27:f7:37:a0:54:fe:9f:a2:87:
98:93:77:78:57:04:cd:0b:28:44:4c:fc:d2:01:39:f6:6e:c1:
3b:06:e3:95
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUL1XjwlCxFVQFmmiw/dHXRcTl/08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDdCODZCNUI2RTA2NzdFRUQ4OUEzNzY3MEUxRDA0Q0U3
NTlFRkIyNjAeFw0yNDA3MjMxMjA1MjhaFw0yNTA3MjIxMjEwMjhaMDMxMTAvBgNV
BAMTKDkxRjIyRjA4OTVGQTlBN0FFRUFBRUY2RjlFQ0EzRjIwMUUxRUM3RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClHHJur55+47vEFxg9nRbf/HWz
peMrLGWmAVUUSvfCiTdEH6Ox8vg4/OfcQlWNVP0Ovy9KdKwCbSAckPJyvHGIkXey
APC0W4QlC2Z0u7fBK8IJwUiPkAEFS2vgFSsOBrNfNGgCUyg7dtuEgX4kCi+RG5bY
nQv97Wf9vwf9zgJ/FFznPw1YaXBKxqvm/foPPmwCS/4HoE5NlKUfuwhbMn4QaUjI
DHxUiVYlOAVJaQr3ONkAvOyNELdhl4grfWDhFNpGd7OAlTG2WheWpfEAZ8XV1WRg
y9g4aBphguiJIMvxeIMK0Z7ihjB6m72+boZ8ibVXWCIgMPeWcX1km17iBkXFAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUkfIvCJX6mnruqu9vnso/IB4ex/8wHwYDVR0j
BBgwFoAU17hrW24Gd+7YmjdnDh0EznWe+yYwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM0twSjV1UDZxTGsyaUhXOWdXZXBURHhheDZqVnZ0dVFZaEZ1ZHc5cjhU
Y3kvMi9EN0I4NkI1QjZFMDY3N0VFRDg5QTM3NjcwRTFEMDRDRTc1OUVGQjI2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q3Qjg2QjVCNkUwNjc3RUVE
ODlBMzc2NzBFMUQwNENFNzU5RUZCMjYuY2VyMHoGCCsGAQUFBwELBG4wbDBqBggr
BgEFBQcwC4ZecnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby8zS3BK
NXVQNnFMazJpSFc5Z1dlcFREeGF4NmpWdnR1UVloRnVkdzlyOFRjeS8yL0FTMjYz
Mjk3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/
BEMwQTAwBAIAATAqAwQCLeZ0AwQCg/98AwQCj8qoAwQCp/lcAwQCqAB8AwQCqlLE
AwQCvwaIMA0EAgACMAcDBQAoBBPQMA0GCSqGSIb3DQEBCwUAA4IBAQCoAqLD0hT2
xgSeHU3yGyOsSxHLIezkaFg1wKkJXBEiMitwfg2fFsBW3Wq/g/8ACu8urx8fhpWi
4LLZwMLZ9b+vaDU7nho6C6BBSa76XxAtBIWazmvHsRsnHZwRFfRHzELdVW+t0JC1
0DdAxbkWeP49cVarbHy5AqyhsRC4i1B33EyhlvTntD8hQgfcYCav+kCFSJUN0LGX
9+MC1esVN0Pih6OIeRLxQjiHI9Is3XMyBNK5/E+Yt6kMG/BIHs/HrRjwDQjr+I4i
d3SvFExj8ElfD2u8JO7N4FLG6ozdwgqRl60n9zegVP6fooeYk3d4VwTNCyhETPzS
ATn2bsE7BuOV
-----END CERTIFICATE-----
Generated at Wed Nov 6 15:16:06 2024 by rpki-client on console-fra.rpki-client.org