$ rpki-client -vvf rpki-repo.registro.br/repo/CRWxwqj9KkCUjUrQa61c8Zo1DHmHmpTkT9nUfjafQfuq/1/AS28598.roa File: AS28598.roa (raw, json) Hash identifier: NaT3lIcN3oKlhvWTdYv5kT4dKVnF/bh2v8WbG8qijk4= Subject key identifier: E0:54:3F:85:93:2A:C4:2B:49:CA:76:9C:DA:B7:4A:3C:D0:08:3F:D0 Certificate issuer: /CN=988E922E2EBFFBA80468C170F0B053C90FD160E4 Certificate serial: 05C56271BEFA22C619BA10834980009473F92F3E Authority key identifier: 98:8E:92:2E:2E:BF:FB:A8:04:68:C1:70:F0:B0:53:C9:0F:D1:60:E4 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/988E922E2EBFFBA80468C170F0B053C90FD160E4.cer Subject info access: rsync://rpki-repo.registro.br/repo/CRWxwqj9KkCUjUrQa61c8Zo1DHmHmpTkT9nUfjafQfuq/1/AS28598.roa Signing time: Mon 22 Jul 2024 12:36:25 +0000 ROA not before: Mon 22 Jul 2024 12:31:25 +0000 ROA not after: Mon 21 Jul 2025 12:36:25 +0000 asID: 28598 IP address blocks: 45.7.104.0/22 maxlen: 22 45.7.104.0/23 maxlen: 23 45.165.228.0/22 maxlen: 24 45.172.124.0/22 maxlen: 22 45.172.124.0/23 maxlen: 23 45.172.124.0/24 maxlen: 24 45.172.125.0/24 maxlen: 24 45.172.126.0/23 maxlen: 23 45.172.126.0/24 maxlen: 24 45.179.224.0/22 maxlen: 22 45.179.224.0/23 maxlen: 24 45.179.226.0/23 maxlen: 24 45.229.212.0/22 maxlen: 22 45.229.212.0/23 maxlen: 23 45.229.214.0/23 maxlen: 23 138.59.228.0/22 maxlen: 22 138.59.228.0/23 maxlen: 23 138.59.230.0/23 maxlen: 23 138.122.80.0/22 maxlen: 22 138.122.80.0/23 maxlen: 23 138.122.82.0/23 maxlen: 23 167.250.136.0/22 maxlen: 22 167.250.136.0/23 maxlen: 23 167.250.138.0/23 maxlen: 23 167.250.139.0/24 maxlen: 24 170.78.4.0/22 maxlen: 22 170.78.4.0/23 maxlen: 23 170.78.6.0/23 maxlen: 23 170.81.4.0/22 maxlen: 22 170.81.4.0/23 maxlen: 23 170.81.6.0/23 maxlen: 23 177.104.112.0/20 maxlen: 20 177.104.112.0/21 maxlen: 21 177.104.120.0/21 maxlen: 21 177.104.124.0/24 maxlen: 24 177.190.208.0/22 maxlen: 22 177.190.208.0/23 maxlen: 23 177.190.210.0/23 maxlen: 23 187.94.8.0/22 maxlen: 22 187.94.8.0/23 maxlen: 23 187.94.10.0/23 maxlen: 23 187.110.224.0/20 maxlen: 20 187.110.224.0/21 maxlen: 21 187.110.224.0/23 maxlen: 23 187.110.226.0/23 maxlen: 23 187.110.228.0/23 maxlen: 23 187.110.230.0/23 maxlen: 23 187.110.232.0/21 maxlen: 21 187.110.232.0/22 maxlen: 22 187.110.232.0/23 maxlen: 23 187.110.236.0/22 maxlen: 22 187.110.238.0/23 maxlen: 23 187.120.48.0/20 maxlen: 20 187.120.48.0/21 maxlen: 21 191.52.224.0/20 maxlen: 20 201.20.64.0/18 maxlen: 18 201.20.64.0/19 maxlen: 19 201.20.64.0/20 maxlen: 20 201.20.64.0/21 maxlen: 21 201.20.64.0/23 maxlen: 23 201.20.71.0/24 maxlen: 24 201.20.72.0/21 maxlen: 21 201.20.80.0/20 maxlen: 20 201.20.80.0/21 maxlen: 21 201.20.87.0/24 maxlen: 24 201.20.94.0/24 maxlen: 24 201.20.96.0/19 maxlen: 19 201.20.96.0/20 maxlen: 20 201.20.96.0/21 maxlen: 21 201.20.96.0/23 maxlen: 23 201.20.104.0/23 maxlen: 23 201.20.112.0/20 maxlen: 20 201.20.116.0/23 maxlen: 23 201.20.117.0/24 maxlen: 24 201.20.119.0/24 maxlen: 24 201.20.120.0/21 maxlen: 21 201.20.126.0/24 maxlen: 24 201.148.120.0/22 maxlen: 22 201.148.120.0/23 maxlen: 23 201.148.122.0/23 maxlen: 23 2804:248::/32 maxlen: 32 2804:248::/34 maxlen: 34 2804:248::/48 maxlen: 48 2804:248:2::/48 maxlen: 48 2804:248:4::/48 maxlen: 48 2804:248:8::/48 maxlen: 48 2804:248:100::/40 maxlen: 40 2804:248:800::/39 maxlen: 39 2804:248:3000::/40 maxlen: 40 2804:248:4000::/34 maxlen: 34 2804:248:4002::/48 maxlen: 48 2804:248:4004::/48 maxlen: 48 2804:248:4007::/48 maxlen: 48 2804:248:8000::/34 maxlen: 34 2804:248:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/CRWxwqj9KkCUjUrQa61c8Zo1DHmHmpTkT9nUfjafQfuq/1/988E922E2EBFFBA80468C170F0B053C90FD160E4.crl rsync://rpki-repo.registro.br/repo/CRWxwqj9KkCUjUrQa61c8Zo1DHmHmpTkT9nUfjafQfuq/1/988E922E2EBFFBA80468C170F0B053C90FD160E4.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/988E922E2EBFFBA80468C170F0B053C90FD160E4.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Sun 24 Nov 2024 07:27:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:c5:62:71:be:fa:22:c6:19:ba:10:83:49:80:00:94:73:f9:2f:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=988E922E2EBFFBA80468C170F0B053C90FD160E4 Validity Not Before: Jul 22 12:31:25 2024 GMT Not After : Jul 21 12:36:25 2025 GMT Subject: CN=E0543F85932AC42B49CA769CDAB74A3CD0083FD0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:6f:60:a5:ab:1a:a4:71:7c:6d:a3:d0:9e:fa: fb:50:3e:b7:26:2d:33:65:f7:83:0a:a8:21:ce:1e: 70:bb:97:bc:3d:0e:c8:20:9f:6a:3b:ec:60:93:db: 7f:50:d9:98:d9:e4:d8:e0:c1:c4:f4:c7:f6:a7:77: 4b:05:6c:ea:24:12:b7:38:f2:79:61:a1:17:6e:45: 71:0c:29:f5:cf:56:8a:5c:5a:87:47:de:24:ec:42: 65:8d:1d:63:64:b4:4d:03:7a:62:6d:57:43:b1:e0: aa:be:f0:df:a7:e8:2c:7a:b2:11:39:8e:d7:9d:56: e0:cf:d2:33:8b:e7:4d:3c:68:6c:7f:cb:32:70:56: 59:03:03:28:00:ae:46:fe:17:29:95:49:e5:9e:29: 39:83:18:35:ea:97:0d:36:db:9c:8e:4c:d5:6a:61: 68:62:08:50:2a:fa:be:e5:89:37:fb:14:ac:77:53: fe:9b:5d:18:00:91:44:03:4b:87:75:04:ee:c6:fd: c5:c5:d3:d2:da:ee:06:12:0e:4e:f6:bd:36:86:eb: db:7e:11:38:09:37:cb:22:c3:16:c5:4d:d6:fe:4a: 24:d6:3c:ab:d3:e9:d7:ff:51:fb:49:b8:8e:73:1e: 8b:87:c9:82:89:f4:0e:e1:5d:c4:c2:99:2b:78:97: ec:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:54:3F:85:93:2A:C4:2B:49:CA:76:9C:DA:B7:4A:3C:D0:08:3F:D0 X509v3 Authority Key Identifier: keyid:98:8E:92:2E:2E:BF:FB:A8:04:68:C1:70:F0:B0:53:C9:0F:D1:60:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/CRWxwqj9KkCUjUrQa61c8Zo1DHmHmpTkT9nUfjafQfuq/1/988E922E2EBFFBA80468C170F0B053C90FD160E4.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/988E922E2EBFFBA80468C170F0B053C90FD160E4.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/CRWxwqj9KkCUjUrQa61c8Zo1DHmHmpTkT9nUfjafQfuq/1/AS28598.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.7.104.0/22 45.165.228.0/22 45.172.124.0/22 45.179.224.0/22 45.229.212.0/22 138.59.228.0/22 138.122.80.0/22 167.250.136.0/22 170.78.4.0/22 170.81.4.0/22 177.104.112.0/20 177.190.208.0/22 187.94.8.0/22 187.110.224.0/20 187.120.48.0/20 191.52.224.0/20 201.20.64.0/18 201.148.120.0/22 IPv6: 2804:248::/32 Signature Algorithm: sha256WithRSAEncryption 51:81:64:15:79:ec:6e:bb:d4:b3:92:29:64:aa:43:0e:b4:94: 47:8c:2b:ba:b4:11:04:1e:1d:c2:d0:2b:23:7a:bc:60:1f:9b: cf:a8:82:50:23:e1:9e:9d:69:79:7d:b4:03:6b:01:8c:73:c8: e8:ec:df:db:dc:3e:eb:bb:e0:8b:17:2f:71:9d:8a:e9:b8:a5: 97:2a:88:41:00:24:e1:a8:66:d1:b5:a2:3e:f4:2f:a8:0b:14: 78:4a:3c:02:2e:ae:8e:94:37:4f:50:2b:37:33:28:f6:48:c3: 02:28:d9:cf:9a:2c:89:62:bf:31:77:0c:9f:9c:b6:f5:67:c8: d4:03:e1:2d:9e:58:51:b6:e7:d2:d7:42:9d:c8:f7:fe:58:fd: e0:d0:46:bf:b0:95:18:fb:89:6a:54:eb:a8:fe:c0:0a:39:08: 1a:db:35:04:3a:ff:be:77:dd:6f:91:65:3c:53:b7:7a:f4:a6: 3c:ff:5d:f1:40:e2:12:b9:31:e4:b5:9d:00:bb:c1:02:68:4a: 8b:85:bc:03:1f:fa:9d:46:5d:70:dd:c4:72:2e:77:19:a4:ec: ec:4b:50:76:89:02:76:94:df:07:51:77:fd:c0:38:cd:4d:72: 48:11:fb:ba:ef:b0:9a:0d:33:51:45:64:94:7c:43:65:c2:b9: 4c:25:9a:91 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIUBcVicb76IsYZuhCDSYAAlHP5Lz4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTg4RTkyMkUyRUJGRkJBODA0NjhDMTcwRjBCMDUzQzkw RkQxNjBFNDAeFw0yNDA3MjIxMjMxMjVaFw0yNTA3MjExMjM2MjVaMDMxMTAvBgNV BAMTKEUwNTQzRjg1OTMyQUM0MkI0OUNBNzY5Q0RBQjc0QTNDRDAwODNGRDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkb2ClqxqkcXxto9Ce+vtQPrcm LTNl94MKqCHOHnC7l7w9Dsggn2o77GCT239Q2ZjZ5NjgwcT0x/and0sFbOokErc4 8nlhoRduRXEMKfXPVopcWodH3iTsQmWNHWNktE0DemJtV0Ox4Kq+8N+n6Cx6shE5 jtedVuDP0jOL5008aGx/yzJwVlkDAygArkb+FymVSeWeKTmDGDXqlw0225yOTNVq YWhiCFAq+r7liTf7FKx3U/6bXRgAkUQDS4d1BO7G/cXF09La7gYSDk72vTaG69t+ ETgJN8siwxbFTdb+SiTWPKvT6df/UftJuI5zHouHyYKJ9A7hXcTCmSt4l+yVAgMB AAGjggKTMIICjzAdBgNVHQ4EFgQU4FQ/hZMqxCtJynac2rdKPNAIP9AwHwYDVR0j BBgwFoAUmI6SLi6/+6gEaMFw8LBTyQ/RYOQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vQ1JXeHdxajlLa0NValVyUWE2MWM4Wm8xREhtSG1wVGtUOW5VZmphZlFm dXEvMS85ODhFOTIyRTJFQkZGQkE4MDQ2OEMxNzBGMEIwNTNDOTBGRDE2MEU0LmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzk4OEU5MjJFMkVCRkZCQTgw NDY4QzE3MEYwQjA1M0M5MEZEMTYwRTQuY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9DUld4 d3FqOUtrQ1VqVXJRYTYxYzhabzFESG1IbXBUa1Q5blVmamFmUWZ1cS8xL0FTMjg1 OTgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgZYGCCsGAQUFBwEHAQH/ BIGGMIGDMHIEAgABMGwDBAItB2gDBAItpeQDBAItrHwDBAIts+ADBAIt5dQDBAKK O+QDBAKKelADBAKn+ogDBAKqTgQDBAKqUQQDBASxaHADBAKxvtADBAK7XggDBAS7 buADBAS7eDADBAS/NOADBAbJFEADBALJlHgwDQQCAAIwBwMFACgEAkgwDQYJKoZI hvcNAQELBQADggEBAFGBZBV57G671LOSKWSqQw60lEeMK7q0EQQeHcLQKyN6vGAf m8+oglAj4Z6daXl9tANrAYxzyOjs39vcPuu74IsXL3Gdium4pZcqiEEAJOGoZtG1 oj70L6gLFHhKPAIuro6UN09QKzczKPZIwwIo2c+aLIlivzF3DJ+ctvVnyNQD4S2e WFG259LXQp3I9/5Y/eDQRr+wlRj7iWpU66j+wAo5CBrbNQQ6/7533W+RZTxTt3r0 pjz/XfFA4hK5MeS1nQC7wQJoSouFvAMf+p1GXXDdxHIudxmk7OxLUHaJAnaU3wdR d/3AOM1NckgR+7rvsJoNM1FFZJR8Q2XCuUwlmpE= -----END CERTIFICATE-----Generated at Sat Nov 23 08:42:03 2024 by rpki-client on console-fra.rpki-client.org