$ rpki-client -vvf rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/AS28258.roa File: AS28258.roa (raw, json) Hash identifier: i09LmHA7ACt80rgzHNZLDwRB+fNivgDFYYQEeTNB9gw= Subject key identifier: E1:1D:FC:71:AC:78:64:E8:57:7C:6E:5C:C6:DF:7F:FC:29:A6:38:F5 Certificate issuer: /CN=D4206C10F587084E3266C97EDA0F65643299E1B8 Certificate serial: 0E0EEDD9D898FCCA90B7248A4CFDFDA7EFE42C56 Authority key identifier: D4:20:6C:10:F5:87:08:4E:32:66:C9:7E:DA:0F:65:64:32:99:E1:B8 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D4206C10F587084E3266C97EDA0F65643299E1B8.cer Subject info access: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/AS28258.roa Signing time: Mon 25 Nov 2024 16:59:31 +0000 ROA not before: Mon 25 Nov 2024 16:54:31 +0000 ROA not after: Mon 24 Nov 2025 16:59:31 +0000 asID: 28258 IP address blocks: 138.117.72.0/22 maxlen: 24 143.255.252.0/23 maxlen: 23 168.227.196.0/22 maxlen: 24 170.246.208.0/22 maxlen: 24 177.104.64.0/19 maxlen: 24 177.126.224.0/20 maxlen: 24 186.235.96.0/20 maxlen: 24 187.16.176.0/20 maxlen: 24 187.73.72.0/23 maxlen: 23 187.85.80.0/20 maxlen: 24 190.108.96.0/19 maxlen: 24 2804:2484::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/D4206C10F587084E3266C97EDA0F65643299E1B8.crl rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/D4206C10F587084E3266C97EDA0F65643299E1B8.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D4206C10F587084E3266C97EDA0F65643299E1B8.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Sat 30 Nov 2024 09:24:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:0e:ed:d9:d8:98:fc:ca:90:b7:24:8a:4c:fd:fd:a7:ef:e4:2c:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4206C10F587084E3266C97EDA0F65643299E1B8 Validity Not Before: Nov 25 16:54:31 2024 GMT Not After : Nov 24 16:59:31 2025 GMT Subject: CN=E11DFC71AC7864E8577C6E5CC6DF7FFC29A638F5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:c9:4e:4d:d7:84:31:9b:de:99:e1:f6:ea:65: 45:8e:86:07:68:f3:46:18:9e:a7:7a:31:67:18:34: 22:e8:d3:8d:54:53:6e:62:1e:7a:0e:b1:3b:d7:e5: 2c:21:f5:1e:ac:a0:90:3c:c6:d1:ea:b2:23:75:14: 9f:3a:1a:0f:a6:30:63:0e:bf:6f:2d:75:f5:81:56: 82:31:a2:63:4a:86:8e:4e:05:0d:00:e3:c4:20:29: a7:a4:9b:59:5f:01:70:1a:d1:b7:0c:0e:09:35:78: b5:2b:59:8a:1b:4d:fd:31:92:13:60:b5:08:ee:84: 24:0a:99:58:5d:1d:1c:16:b1:32:c5:ac:29:22:1a: c7:82:80:83:0d:a7:6d:49:62:9a:eb:07:12:43:86: 16:65:ad:49:3b:cd:4b:2f:d2:39:e9:2b:06:0c:76: 84:ef:18:04:b6:b5:1b:3f:83:73:31:7e:9a:6a:07: db:e8:e3:b2:86:53:f1:2b:6b:1f:68:4c:2a:3b:fc: a3:2b:ce:c8:11:36:b8:c5:f1:fa:f6:40:85:d4:29: 0c:f7:97:3f:31:83:c2:d9:af:d1:04:c8:6b:02:34: fa:67:4c:49:9c:f3:85:f5:3f:39:49:d3:70:cf:c9: 12:34:f3:d5:40:cd:4e:0e:99:2c:ef:65:a9:41:1f: ad:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:1D:FC:71:AC:78:64:E8:57:7C:6E:5C:C6:DF:7F:FC:29:A6:38:F5 X509v3 Authority Key Identifier: keyid:D4:20:6C:10:F5:87:08:4E:32:66:C9:7E:DA:0F:65:64:32:99:E1:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/D4206C10F587084E3266C97EDA0F65643299E1B8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D4206C10F587084E3266C97EDA0F65643299E1B8.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/AS28258.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.117.72.0/22 143.255.252.0/23 168.227.196.0/22 170.246.208.0/22 177.104.64.0/19 177.126.224.0/20 186.235.96.0/20 187.16.176.0/20 187.73.72.0/23 187.85.80.0/20 190.108.96.0/19 IPv6: 2804:2484::/32 Signature Algorithm: sha256WithRSAEncryption 6b:d9:94:e0:63:d3:0e:bb:17:64:7a:f2:d9:62:17:3d:53:f3: 14:dc:c2:37:35:9d:3a:85:07:72:e5:db:4e:10:a6:43:78:18: 1e:97:f4:c9:78:9a:39:69:ef:5c:a3:ee:66:1b:f3:6b:14:42: be:4a:de:b3:1a:34:11:0b:fa:3d:e8:4f:31:a1:31:dd:aa:70: e9:90:6b:92:8a:0a:45:e7:a0:d2:74:e1:d9:35:47:d4:54:42: b4:02:66:00:7f:4c:5f:09:06:b1:ea:f8:fe:76:50:04:9d:1b: fa:27:f2:a0:48:28:85:e6:b0:cf:02:0f:5a:55:c8:50:81:27: 11:28:c3:d2:f3:06:00:f7:16:61:06:e2:b3:c6:4b:9c:1b:e2: b6:7a:98:8d:5a:6b:2a:4f:ea:71:2a:20:93:33:ca:2a:c1:fb: 7c:eb:05:58:77:26:88:7b:16:80:e9:be:97:91:f7:bd:ff:74: 2c:ce:c2:64:be:4e:6b:ea:36:14:93:4e:81:eb:f2:3a:04:d7: 7c:2f:68:d8:a6:04:38:8e:cb:ea:42:4b:12:54:6f:af:55:28: fd:53:44:c4:c6:d9:8a:67:96:cd:85:d1:03:92:60:aa:ee:dd: 83:da:51:81:d3:e8:c6:d0:3f:9d:6d:14:e8:24:3d:89:4a:22: e4:fd:1c:43 -----BEGIN CERTIFICATE----- MIIFXDCCBESgAwIBAgIUDg7t2diY/MqQtySKTP39p+/kLFYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDQyMDZDMTBGNTg3MDg0RTMyNjZDOTdFREEwRjY1NjQz Mjk5RTFCODAeFw0yNDExMjUxNjU0MzFaFw0yNTExMjQxNjU5MzFaMDMxMTAvBgNV BAMTKEUxMURGQzcxQUM3ODY0RTg1NzdDNkU1Q0M2REY3RkZDMjlBNjM4RjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtyU5N14Qxm96Z4fbqZUWOhgdo 80YYnqd6MWcYNCLo041UU25iHnoOsTvX5Swh9R6soJA8xtHqsiN1FJ86Gg+mMGMO v28tdfWBVoIxomNKho5OBQ0A48QgKaekm1lfAXAa0bcMDgk1eLUrWYobTf0xkhNg tQjuhCQKmVhdHRwWsTLFrCkiGseCgIMNp21JYprrBxJDhhZlrUk7zUsv0jnpKwYM doTvGAS2tRs/g3MxfppqB9vo47KGU/Erax9oTCo7/KMrzsgRNrjF8fr2QIXUKQz3 lz8xg8LZr9EEyGsCNPpnTEmc84X1PzlJ03DPyRI089VAzU4OmSzvZalBH62/AgMB AAGjggJmMIICYjAdBgNVHQ4EFgQU4R38cax4ZOhXfG5cxt9//CmmOPUwHwYDVR0j BBgwFoAU1CBsEPWHCE4yZsl+2g9lZDKZ4bgwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vM0twSjV1UDZxTGsyaUhXOWdXZXBURHhheDZqVnZ0dVFZaEZ1ZHc5cjhU Y3kvMy9ENDIwNkMxMEY1ODcwODRFMzI2NkM5N0VEQTBGNjU2NDMyOTlFMUI4LmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q0MjA2QzEwRjU4NzA4NEUz MjY2Qzk3RURBMEY2NTY0MzI5OUUxQjguY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby8zS3BK NXVQNnFMazJpSFc5Z1dlcFREeGF4NmpWdnR1UVloRnVkdzlyOFRjeS8zL0FTMjgy NTgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwagYIKwYBBQUHAQcBAf8E WzBZMEgEAgABMEIDBAKKdUgDBAGP//wDBAKo48QDBAKq9tADBAWxaEADBASxfuAD BAS662ADBAS7ELADBAG7SUgDBAS7VVADBAW+bGAwDQQCAAIwBwMFACgEJIQwDQYJ KoZIhvcNAQELBQADggEBAGvZlOBj0w67F2R68tliFz1T8xTcwjc1nTqFB3Ll204Q pkN4GB6X9Ml4mjlp71yj7mYb82sUQr5K3rMaNBEL+j3oTzGhMd2qcOmQa5KKCkXn oNJ04dk1R9RUQrQCZgB/TF8JBrHq+P52UASdG/on8qBIKIXmsM8CD1pVyFCBJxEo w9LzBgD3FmEG4rPGS5wb4rZ6mI1aaypP6nEqIJMzyirB+3zrBVh3Joh7FoDpvpeR 973/dCzOwmS+TmvqNhSTToHr8joE13wvaNimBDiOy+pCSxJUb69VKP1TRMTG2Ypn ls2F0QOSYKru3YPaUYHT6MbQP51tFOgkPYlKIuT9HEM= -----END CERTIFICATE-----Generated at Fri Nov 29 10:38:35 2024 by rpki-client on console-fra.rpki-client.org