Route Origin Authorization
$ rpki-client -vvf rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/3230302e3139322e3135322e302f32332d3233203d3e203238353732.roa
File: 3230302e3139322e3135322e302f32332d3233203d3e203238353732.roa (raw, json)
Hash identifier: pQH3P/UahaByI5i8ustMJe5r+ZwFqG+d5wqmUlWk7qk=
Subject key identifier: 6E:99:DD:D5:A9:A3:34:DA:E0:0D:01:E8:70:7E:95:50:A5:53:77:08
Certificate issuer: /CN=19EAE38D15F5899D3609C411EB1A1C6B42DFB009
Certificate serial: 538BAA02400D300A0C8239C30A55DF59A6469D6A
Authority key identifier: 19:EA:E3:8D:15:F5:89:9D:36:09:C4:11:EB:1A:1C:6B:42:DF:B0:09
Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.cer
Subject info access: rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/3230302e3139322e3135322e302f32332d3233203d3e203238353732.roa
Signing time: Sat 29 Jun 2024 15:32:19 +0000
ROA not before: Sat 29 Jun 2024 15:27:19 +0000
ROA not after: Sat 28 Jun 2025 15:32:19 +0000
asID: 28572
IP address blocks: 200.192.152.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:8b:aa:02:40:0d:30:0a:0c:82:39:c3:0a:55:df:59:a6:46:9d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19EAE38D15F5899D3609C411EB1A1C6B42DFB009
Validity
Not Before: Jun 29 15:27:19 2024 GMT
Not After : Jun 28 15:32:19 2025 GMT
Subject: CN=6E99DDD5A9A334DAE00D01E8707E9550A5537708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:61:1b:71:be:7d:9e:6d:bd:48:bf:3a:ff:ba:
6e:a9:c8:0c:84:92:a5:f9:ea:3a:63:15:fe:94:5f:
a8:30:55:c5:21:83:08:c7:41:ba:22:96:28:ad:da:
6d:f7:b7:b2:22:13:4e:0f:b7:59:0c:d1:f3:47:0b:
33:7b:7e:e5:a2:42:44:6c:66:c4:01:ab:09:92:cd:
09:8d:74:2f:b7:70:fe:44:ca:5a:73:cb:f4:ef:3b:
13:10:13:2b:a9:83:bd:62:63:30:71:d1:c8:8b:91:
3b:ec:2a:d3:18:9a:db:ac:0f:2a:a1:66:91:a3:bd:
71:43:7a:28:f2:a8:34:cc:07:07:18:e8:e1:d0:0b:
9a:2f:26:e7:f2:0e:84:d2:43:2a:28:a1:05:b8:80:
88:6e:9f:92:20:ae:8a:25:bc:59:37:0d:e3:56:48:
f9:1a:4c:34:d2:ae:b6:0c:d3:d2:5d:28:16:38:7a:
bf:36:a9:92:28:3d:3a:34:f3:58:fd:06:3c:e5:b1:
ac:88:ea:1f:bb:fa:14:6f:0c:9b:46:ee:32:e2:80:
39:62:ca:b3:18:2b:ee:21:95:b3:d8:cf:c9:45:dd:
ed:27:2f:57:80:cf:9f:a1:92:cd:2b:ed:d3:1a:8b:
50:3c:2c:fd:3b:e2:98:6c:9d:33:6d:f2:65:8d:ff:
2e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:99:DD:D5:A9:A3:34:DA:E0:0D:01:E8:70:7E:95:50:A5:53:77:08
X509v3 Authority Key Identifier:
keyid:19:EA:E3:8D:15:F5:89:9D:36:09:C4:11:EB:1A:1C:6B:42:DF:B0:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/3230302e3139322e3135322e302f32332d3233203d3e203238353732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.192.152.0/23
Signature Algorithm: sha256WithRSAEncryption
33:d6:63:36:85:cd:c1:0d:96:3f:f4:46:87:9c:74:09:45:9c:
c3:9c:11:0c:c4:1c:d4:fc:38:10:85:4b:61:52:57:e4:39:dc:
b4:b0:37:ee:11:c8:18:88:26:ac:e5:a7:0a:29:ca:ed:d4:e8:
eb:56:67:82:1f:c3:f8:7b:09:17:04:f8:1c:4b:7d:2c:d0:54:
8a:d6:f3:ff:bd:f6:7a:dc:6e:93:61:bb:b7:ec:f1:cb:38:d5:
0d:42:7f:d0:21:a0:97:6c:3b:92:4b:98:d9:11:04:c8:0d:62:
d4:e1:93:ba:e0:62:07:c7:4b:87:12:cd:88:ee:e0:51:34:77:
9b:0d:37:81:3f:b4:58:f1:61:50:ae:ff:29:ec:07:44:43:ba:
ed:41:2c:2a:da:3c:7b:f2:7a:c3:5e:e1:94:41:4f:4c:e7:9d:
0b:46:9e:77:d7:e3:4d:36:c6:5f:cb:9c:fd:c1:ad:0e:ab:b2:
d5:3a:b6:1a:1e:dc:e8:43:dd:ad:ab:07:d0:5e:5c:68:0c:5d:
3b:f1:7f:4d:70:74:7a:04:ab:36:93:9b:86:cb:7a:9c:e8:1e:
14:f8:28:aa:01:05:e3:28:22:32:e3:b7:33:af:b2:04:1f:a0:
50:8e:ef:ef:bc:bb:4c:17:e8:5c:08:4c:0c:91:7e:33:da:a4:
fd:39:a3:35
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUU4uqAkANMAoMgjnDClXfWaZGnWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTlFQUUzOEQxNUY1ODk5RDM2MDlDNDExRUIxQTFDNkI0
MkRGQjAwOTAeFw0yNDA2MjkxNTI3MTlaFw0yNTA2MjgxNTMyMTlaMDMxMTAvBgNV
BAMTKDZFOTlEREQ1QTlBMzM0REFFMDBEMDFFODcwN0U5NTUwQTU1Mzc3MDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEYRtxvn2ebb1Ivzr/um6pyAyE
kqX56jpjFf6UX6gwVcUhgwjHQboiliit2m33t7IiE04Pt1kM0fNHCzN7fuWiQkRs
ZsQBqwmSzQmNdC+3cP5Eylpzy/TvOxMQEyupg71iYzBx0ciLkTvsKtMYmtusDyqh
ZpGjvXFDeijyqDTMBwcY6OHQC5ovJufyDoTSQyoooQW4gIhun5IgroolvFk3DeNW
SPkaTDTSrrYM09JdKBY4er82qZIoPTo081j9BjzlsayI6h+7+hRvDJtG7jLigDli
yrMYK+4hlbPYz8lF3e0nL1eAz5+hks0r7dMai1A8LP074phsnTNt8mWN/y4/AgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUbpnd1amjNNrgDQHocH6VUKVTdwgwHwYDVR0j
BBgwFoAUGerjjRX1iZ02CcQR6xoca0LfsAkwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQk5abWZjelg4eExwVUxDQVhXQnhhamt3QkhESkprc0poSks0UG9hd3hB
U1EvMC8xOUVBRTM4RDE1RjU4OTlEMzYwOUM0MTFFQjFBMUM2QjQyREZCMDA5LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE5RUFFMzhEMTVGNTg5OUQz
NjA5QzQxMUVCMUExQzZCNDJERkIwMDkuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JOWm1mY3pYOHhMcFVMQ0FYV0J4YWprd0JIREpKa3NKaEpLNFBvYXd4QVNRLzAv
MzIzMDMwMmUzMTM5MzIyZTMxMzUzMjJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMy
MzgzNTM3MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAHIwJgwDQYJKoZIhvcNAQELBQADggEBADPWYzaF
zcENlj/0RoecdAlFnMOcEQzEHNT8OBCFS2FSV+Q53LSwN+4RyBiIJqzlpwopyu3U
6OtWZ4Ifw/h7CRcE+BxLfSzQVIrW8/+99nrcbpNhu7fs8cs41Q1Cf9AhoJdsO5JL
mNkRBMgNYtThk7rgYgfHS4cSzYju4FE0d5sNN4E/tFjxYVCu/ynsB0RDuu1BLCra
PHvyesNe4ZRBT0znnQtGnnfX4002xl/LnP3BrQ6rstU6thoe3OhD3a2rB9BeXGgM
XTvxf01wdHoEqzaTm4bLepzoHhT4KKoBBeMoIjLjtzOvsgQfoFCO7++8u0wX6FwI
TAyRfjPapP05ozU=
-----END CERTIFICATE-----
Generated at Fri Apr 18 14:03:30 2025 by rpki-client