Route Origin Authorization
$ rpki-client -vvf rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/3133382e35392e32302e302f32322d3234203d3e203238323031.roa
File: 3133382e35392e32302e302f32322d3234203d3e203238323031.roa (raw, json)
Hash identifier: grQvF7UFIgPKk5c9xKM3Sc4FRvbKKYRxymoyhdKg0pE=
Subject key identifier: B9:4E:07:CB:48:48:C4:E8:31:30:A0:20:A3:6A:70:1C:1D:1D:6C:F2
Certificate issuer: /CN=AC1FE9387640A777B73D94211D4C8FFA5C669304
Certificate serial: 16AAE41AE4C2C73C3F28C126E3AF86B23D3CFCFF
Authority key identifier: AC:1F:E9:38:76:40:A7:77:B7:3D:94:21:1D:4C:8F:FA:5C:66:93:04
Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC1FE9387640A777B73D94211D4C8FFA5C669304.cer
Subject info access: rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/3133382e35392e32302e302f32322d3234203d3e203238323031.roa
Signing time: Wed 12 Mar 2025 13:33:21 +0000
ROA not before: Wed 12 Mar 2025 13:28:21 +0000
ROA not after: Wed 11 Mar 2026 13:33:21 +0000
asID: 28201
IP address blocks: 138.59.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:aa:e4:1a:e4:c2:c7:3c:3f:28:c1:26:e3:af:86:b2:3d:3c:fc:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AC1FE9387640A777B73D94211D4C8FFA5C669304
Validity
Not Before: Mar 12 13:28:21 2025 GMT
Not After : Mar 11 13:33:21 2026 GMT
Subject: CN=B94E07CB4848C4E83130A020A36A701C1D1D6CF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1f:4d:4c:4d:72:99:6b:d5:79:42:b2:4f:67:
b7:79:94:8f:b1:25:9a:5e:45:8e:3e:76:c0:8d:e7:
92:0e:7d:47:10:a9:f8:c5:b5:66:d9:22:11:39:23:
c9:21:02:03:db:a5:31:86:45:67:b6:9d:4f:0a:24:
df:bb:5a:5f:da:45:19:67:8a:d2:5b:3d:3c:bc:db:
3c:71:fe:37:09:16:2a:2d:0f:04:9a:0a:89:b5:ef:
e3:7e:35:46:57:4d:3d:e2:b2:b0:f4:45:58:ac:e3:
5f:86:ac:1e:28:f0:b3:a0:56:66:1c:b3:27:46:fb:
3f:ce:bd:e2:9b:b9:14:bb:9d:13:46:c4:0a:2a:4d:
f6:f0:ac:8b:54:fc:85:7e:69:f5:fa:40:67:97:62:
09:10:1f:ab:95:55:20:0e:45:83:d3:6c:50:1e:7e:
56:4e:df:5b:ce:f1:cc:b6:0e:23:6d:72:a8:7f:3f:
f2:6b:e7:ee:01:9b:8b:ae:33:77:9d:be:f0:e6:4d:
0b:9f:6b:92:6d:a9:2b:da:08:4c:b1:79:63:2c:cc:
12:df:83:3a:0a:97:72:f1:64:d0:5d:e4:3c:81:34:
c5:d8:32:23:8e:7d:0f:c6:bb:5e:3f:0d:fe:ee:cc:
cc:e5:3c:d2:f6:32:4c:c4:51:3f:3e:72:fd:7c:db:
fc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4E:07:CB:48:48:C4:E8:31:30:A0:20:A3:6A:70:1C:1D:1D:6C:F2
X509v3 Authority Key Identifier:
keyid:AC:1F:E9:38:76:40:A7:77:B7:3D:94:21:1D:4C:8F:FA:5C:66:93:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/AC1FE9387640A777B73D94211D4C8FFA5C669304.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC1FE9387640A777B73D94211D4C8FFA5C669304.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/3133382e35392e32302e302f32322d3234203d3e203238323031.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.59.20.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:2a:f0:0c:e2:40:6f:4d:15:e7:27:27:a1:d3:40:c6:6c:99:
66:55:14:3e:bc:92:df:ca:2b:52:a9:ec:86:c7:92:bc:f3:1a:
82:a5:89:bd:e3:bd:ca:62:cb:c0:83:47:4d:4f:1f:dc:ab:f4:
55:a0:14:c9:3b:75:be:83:d2:11:78:8a:61:25:5b:c8:a2:20:
bb:db:bb:60:56:b2:44:04:42:f3:70:2a:fc:b1:8f:44:96:9a:
8d:26:f3:d7:d5:d8:8d:94:4c:c1:b0:2b:dc:01:4b:b5:51:6a:
bc:9b:de:03:4e:03:f5:76:67:d4:cd:33:bb:0e:bf:d1:9b:f8:
c0:14:87:b9:30:b1:a8:c4:f2:d9:5b:6e:f1:30:08:c2:e0:2b:
0a:8d:ca:60:6c:70:2e:1e:79:41:62:1b:c8:3d:62:4f:f0:b0:
7a:ad:60:7d:b0:83:4e:d8:57:5e:22:95:76:46:85:f7:aa:84:
b9:bd:1a:1f:e4:26:ab:43:2a:de:f3:aa:af:22:53:d4:25:c4:
47:e2:98:38:ae:3a:aa:7d:6f:d6:d3:b3:02:0c:46:a6:ea:8a:
1b:8a:e6:24:1e:ad:82:07:7c:0f:6c:49:a7:79:f9:aa:a9:db:
e2:1d:ef:bf:81:29:fe:6f:ab:0b:be:59:88:e0:54:6a:fd:1c:
45:f3:90:c2
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUFqrkGuTCxzw/KMEm46+Gsj08/P8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUMxRkU5Mzg3NjQwQTc3N0I3M0Q5NDIxMUQ0QzhGRkE1
QzY2OTMwNDAeFw0yNTAzMTIxMzI4MjFaFw0yNjAzMTExMzMzMjFaMDMxMTAvBgNV
BAMTKEI5NEUwN0NCNDg0OEM0RTgzMTMwQTAyMEEzNkE3MDFDMUQxRDZDRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgH01MTXKZa9V5QrJPZ7d5lI+x
JZpeRY4+dsCN55IOfUcQqfjFtWbZIhE5I8khAgPbpTGGRWe2nU8KJN+7Wl/aRRln
itJbPTy82zxx/jcJFiotDwSaCom17+N+NUZXTT3isrD0RVis41+GrB4o8LOgVmYc
sydG+z/OveKbuRS7nRNGxAoqTfbwrItU/IV+afX6QGeXYgkQH6uVVSAORYPTbFAe
flZO31vO8cy2DiNtcqh/P/Jr5+4Bm4uuM3edvvDmTQufa5JtqSvaCEyxeWMszBLf
gzoKl3LxZNBd5DyBNMXYMiOOfQ/Gu14/Df7uzMzlPNL2MkzEUT8+cv182/y/AgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUuU4Hy0hIxOgxMKAgo2pwHB0dbPIwHwYDVR0j
BBgwFoAUrB/pOHZAp3e3PZQhHUyP+lxmkwQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOXRnSEZyWXFvdGtucnpHTkhBMjJxUFhBcmJUMjJVc3BUR2NacmlETjZm
Z1UvMC9BQzFGRTkzODc2NDBBNzc3QjczRDk0MjExRDRDOEZGQTVDNjY5MzA0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDMUZFOTM4NzY0MEE3NzdC
NzNEOTQyMTFENEM4RkZBNUM2NjkzMDQuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
Lzl0Z0hGcllxb3RrbnJ6R05IQTIycVBYQXJiVDIyVXNwVEdjWnJpRE42ZmdVLzAv
MzEzMzM4MmUzNTM5MmUzMjMwMmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzODMy
MzAzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEAoo7FDANBgkqhkiG9w0BAQsFAAOCAQEAfCrwDOJAb00V
5ycnodNAxmyZZlUUPryS38orUqnshseSvPMagqWJveO9ymLLwINHTU8f3Kv0VaAU
yTt1voPSEXiKYSVbyKIgu9u7YFayRARC83Aq/LGPRJaajSbz19XYjZRMwbAr3AFL
tVFqvJveA04D9XZn1M0zuw6/0Zv4wBSHuTCxqMTy2Vtu8TAIwuArCo3KYGxwLh55
QWIbyD1iT/Cweq1gfbCDTthXXiKVdkaF96qEub0aH+Qmq0Mq3vOqryJT1CXER+KY
OK46qn1v1tOzAgxGpuqKG4rmJB6tggd8D2xJp3n5qqnb4h3vv4Ep/m+rC75ZiOBU
av0cRfOQwg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 17:18:56 2025 by rpki-client