Route Origin Authorization
$ rpki-client -vvf rpki-repo.registro.br/repo/BLaKFpUd6fnt4Pn4AedZTS86SJWqVcK1BzsThC2dYhGe/0/3138372e3132312e3232342e302f32342d3234203d3e203238323936.roa
File: 3138372e3132312e3232342e302f32342d3234203d3e203238323936.roa (raw, json)
Hash identifier: Smb3XyqvjbPKD3etqMCi5y8igjSUjywwhHEKGifK/6M=
Subject key identifier: 0C:1E:FB:8C:D0:E2:1E:87:D6:5C:E8:E6:75:5E:8F:1F:6E:79:66:DD
Certificate issuer: /CN=240776095D0A2A2617F52A2F4657B9D69AA661DD
Certificate serial: 21EB2E707F99B5D98B468194A248887F4184BA8B
Authority key identifier: 24:07:76:09:5D:0A:2A:26:17:F5:2A:2F:46:57:B9:D6:9A:A6:61:DD
Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/240776095D0A2A2617F52A2F4657B9D69AA661DD.cer
Subject info access: rsync://rpki-repo.registro.br/repo/BLaKFpUd6fnt4Pn4AedZTS86SJWqVcK1BzsThC2dYhGe/0/3138372e3132312e3232342e302f32342d3234203d3e203238323936.roa
Signing time: Sun 01 Dec 2024 22:43:16 +0000
ROA not before: Sun 01 Dec 2024 22:38:16 +0000
ROA not after: Sun 30 Nov 2025 22:43:16 +0000
asID: 28296
IP address blocks: 187.121.224.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:eb:2e:70:7f:99:b5:d9:8b:46:81:94:a2:48:88:7f:41:84:ba:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=240776095D0A2A2617F52A2F4657B9D69AA661DD
Validity
Not Before: Dec 1 22:38:16 2024 GMT
Not After : Nov 30 22:43:16 2025 GMT
Subject: CN=0C1EFB8CD0E21E87D65CE8E6755E8F1F6E7966DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9e:bf:38:0f:9e:66:3c:f0:5d:da:82:6a:3e:
60:45:ab:b7:f8:91:14:6c:80:c5:28:87:c4:e7:32:
f8:d5:a8:a3:b7:64:b7:80:59:c1:af:ee:2f:5c:04:
79:df:f6:95:e7:49:e0:a8:9d:d6:66:8f:57:9e:d0:
5c:69:0b:ab:aa:16:77:4e:4f:58:d1:0d:a8:e9:2a:
49:f7:99:66:97:af:48:e6:0f:73:32:9a:ea:8e:a3:
84:54:7f:5c:62:82:ee:57:9c:20:a9:21:40:f7:77:
c8:01:6b:be:b3:88:53:04:b1:44:72:1a:e0:ae:68:
d2:d6:02:3d:7b:61:f1:e3:be:6c:d4:ba:0b:5d:54:
02:26:69:b5:59:af:09:a8:87:7b:87:0e:61:00:d3:
30:a8:33:4a:c9:ca:e6:6b:be:57:00:ec:45:8e:26:
70:78:b8:00:77:8b:66:7b:15:4e:0f:6a:d5:fe:f7:
33:44:4a:1a:cd:78:a6:7e:c3:fc:1f:c7:f0:8f:79:
8f:05:fc:e6:09:d4:e6:fe:e6:b1:7d:3f:18:4e:cb:
a6:c0:9d:d2:5a:44:ee:f4:4c:c2:f1:2b:47:96:07:
5c:5a:91:d8:aa:6b:9b:ca:aa:77:f9:0d:ba:a3:26:
4b:d5:59:b5:76:f4:a3:18:bb:bf:53:cc:fe:a3:04:
9d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:1E:FB:8C:D0:E2:1E:87:D6:5C:E8:E6:75:5E:8F:1F:6E:79:66:DD
X509v3 Authority Key Identifier:
keyid:24:07:76:09:5D:0A:2A:26:17:F5:2A:2F:46:57:B9:D6:9A:A6:61:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repo.registro.br/repo/BLaKFpUd6fnt4Pn4AedZTS86SJWqVcK1BzsThC2dYhGe/0/240776095D0A2A2617F52A2F4657B9D69AA661DD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/240776095D0A2A2617F52A2F4657B9D69AA661DD.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-repo.registro.br/repo/BLaKFpUd6fnt4Pn4AedZTS86SJWqVcK1BzsThC2dYhGe/0/3138372e3132312e3232342e302f32342d3234203d3e203238323936.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
187.121.224.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:9c:e7:b8:56:a7:7a:77:38:58:3d:75:ef:60:2b:13:bc:96:
d9:63:a3:13:f6:63:9f:e1:da:75:df:93:e2:85:de:30:d7:d4:
c2:f0:1b:a3:09:c8:81:14:93:4e:ce:89:0b:71:83:6d:b2:ee:
c8:f8:10:ed:a3:51:77:88:48:1a:4d:eb:20:90:2f:4a:cd:06:
80:15:07:a5:45:73:a7:9b:2a:c6:c0:19:d5:65:8f:bf:17:ac:
39:90:dc:27:be:2e:7a:64:51:96:74:c9:cf:75:0f:2a:c6:47:
53:e8:3b:fb:a8:2c:53:8d:68:d4:c3:a3:fd:ca:a7:b8:13:07:
c4:00:4a:1c:be:6b:44:d2:0c:8a:f2:32:40:24:74:29:55:44:
9f:25:74:60:ce:83:43:b3:e2:11:e0:96:d5:94:02:75:05:dc:
aa:84:f8:11:d4:0b:cf:a9:d2:a1:db:ce:b0:c5:7f:d3:5b:95:
6b:66:38:f1:4b:33:32:9d:4f:03:32:be:5f:d3:00:fa:c9:4b:
b0:f6:b1:16:3a:49:50:5d:ee:7f:26:a6:17:e3:96:ca:2b:2e:
e0:a5:d5:b9:65:09:cd:53:50:9a:af:70:f6:27:28:a3:dc:f6:
78:23:cd:6a:60:a9:9b:11:8c:be:aa:6f:5b:4a:5f:8c:46:98:
9a:3d:85:0f
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUIesucH+ZtdmLRoGUokiIf0GEuoswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjQwNzc2MDk1RDBBMkEyNjE3RjUyQTJGNDY1N0I5RDY5
QUE2NjFERDAeFw0yNDEyMDEyMjM4MTZaFw0yNTExMzAyMjQzMTZaMDMxMTAvBgNV
BAMTKDBDMUVGQjhDRDBFMjFFODdENjVDRThFNjc1NUU4RjFGNkU3OTY2REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqnr84D55mPPBd2oJqPmBFq7f4
kRRsgMUoh8TnMvjVqKO3ZLeAWcGv7i9cBHnf9pXnSeCondZmj1ee0FxpC6uqFndO
T1jRDajpKkn3mWaXr0jmD3MymuqOo4RUf1xigu5XnCCpIUD3d8gBa76ziFMEsURy
GuCuaNLWAj17YfHjvmzUugtdVAImabVZrwmoh3uHDmEA0zCoM0rJyuZrvlcA7EWO
JnB4uAB3i2Z7FU4PatX+9zNEShrNeKZ+w/wfx/CPeY8F/OYJ1Ob+5rF9PxhOy6bA
ndJaRO70TMLxK0eWB1xakdiqa5vKqnf5DbqjJkvVWbV29KMYu79TzP6jBJ3vAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUDB77jNDiHofWXOjmdV6PH255Zt0wHwYDVR0j
BBgwFoAUJAd2CV0KKiYX9SovRle51pqmYd0wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQkxhS0ZwVWQ2Zm50NFBuNEFlZFpUUzg2U0pXcVZjSzFCenNUaEMyZFlo
R2UvMC8yNDA3NzYwOTVEMEEyQTI2MTdGNTJBMkY0NjU3QjlENjlBQTY2MURELmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzI0MDc3NjA5NUQwQTJBMjYx
N0Y1MkEyRjQ2NTdCOUQ2OUFBNjYxREQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JMYUtGcFVkNmZudDRQbjRBZWRaVFM4NlNKV3FWY0sxQnpzVGhDMmRZaEdlLzAv
MzEzODM3MmUzMTMyMzEyZTMyMzIzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzgzMjM5MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAC7eeAwDQYJKoZIhvcNAQELBQADggEBALOc57hW
p3p3OFg9de9gKxO8ltljoxP2Y5/h2nXfk+KF3jDX1MLwG6MJyIEUk07OiQtxg22y
7sj4EO2jUXeISBpN6yCQL0rNBoAVB6VFc6ebKsbAGdVlj78XrDmQ3Ce+LnpkUZZ0
yc91DyrGR1PoO/uoLFONaNTDo/3Kp7gTB8QAShy+a0TSDIryMkAkdClVRJ8ldGDO
g0Oz4hHgltWUAnUF3KqE+BHUC8+p0qHbzrDFf9NblWtmOPFLMzKdTwMyvl/TAPrJ
S7D2sRY6SVBd7n8mphfjlsorLuCl1bllCc1TUJqvcPYnKKPc9ngjzWpgqZsRjL6q
b1tKX4xGmJo9hQ8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:37:26 2025 by rpki-client