Route Origin Authorization
$ rpki-client -vvf rpki-repo.registro.br/repo/DKNtGA7spd4f5R3QACa56rczYDQyAc81wqo5cjBDU3d/0/3138392e38392e3234382e302f32322d3330203d3e203238313838.roa
File: 3138392e38392e3234382e302f32322d3330203d3e203238313838.roa (raw, json)
Hash identifier: xBLaslpgzFCCPzLR1Zeq+N2EzbKxFLetTAA4Ga48k0Q=
Subject key identifier: E0:87:EF:AF:D2:42:03:7D:8C:E4:DD:1B:0E:A3:DB:F5:37:15:AB:6B
Certificate issuer: /CN=E38AC2CFB299715B3B6D5866C15CF353BE48A770
Certificate serial: 01CB2E20D83D80ABB38C2BEAC5AABDC7AE0C14E3
Authority key identifier: E3:8A:C2:CF:B2:99:71:5B:3B:6D:58:66:C1:5C:F3:53:BE:48:A7:70
Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/E38AC2CFB299715B3B6D5866C15CF353BE48A770.cer
Subject info access: rsync://rpki-repo.registro.br/repo/DKNtGA7spd4f5R3QACa56rczYDQyAc81wqo5cjBDU3d/0/3138392e38392e3234382e302f32322d3330203d3e203238313838.roa
Signing time: Wed 05 Feb 2025 22:56:12 +0000
ROA not before: Wed 05 Feb 2025 22:51:12 +0000
ROA not after: Wed 04 Feb 2026 22:56:12 +0000
asID: 28188
IP address blocks: 189.89.248.0/22 maxlen: 30
Validation: OK
Signature path: rsync://rpki-repo.registro.br/repo/DKNtGA7spd4f5R3QACa56rczYDQyAc81wqo5cjBDU3d/0/E38AC2CFB299715B3B6D5866C15CF353BE48A770.crl
rsync://rpki-repo.registro.br/repo/DKNtGA7spd4f5R3QACa56rczYDQyAc81wqo5cjBDU3d/0/E38AC2CFB299715B3B6D5866C15CF353BE48A770.mft
rsync://rpki-repo.registro.br/repo/nicbr_repo/1/E38AC2CFB299715B3B6D5866C15CF353BE48A770.cer
rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires: Sun 13 Apr 2025 21:39:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:cb:2e:20:d8:3d:80:ab:b3:8c:2b:ea:c5:aa:bd:c7:ae:0c:14:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E38AC2CFB299715B3B6D5866C15CF353BE48A770
Validity
Not Before: Feb 5 22:51:12 2025 GMT
Not After : Feb 4 22:56:12 2026 GMT
Subject: CN=E087EFAFD242037D8CE4DD1B0EA3DBF53715AB6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:14:f6:10:25:95:19:50:4f:64:83:91:2b:8d:
ee:17:34:c6:c3:91:f0:20:8a:b8:47:ee:94:2a:95:
36:7d:97:4b:ef:c5:e7:17:04:f4:2c:52:9b:0c:50:
6c:5e:e3:af:7e:3e:85:73:a8:00:d0:4b:41:7d:80:
07:ed:b3:04:0d:ef:cf:a3:cb:8f:d7:96:5e:04:0d:
70:38:6b:18:e9:12:f6:f1:3d:bc:49:25:81:ef:6b:
5a:87:47:5f:94:08:ac:6d:71:d3:7d:c4:7b:22:f8:
31:75:83:54:75:c9:0f:b3:12:40:c1:e5:0f:52:3a:
14:bc:c4:7f:97:fb:bb:ab:9e:85:a3:dc:52:b3:96:
96:70:1f:7a:77:25:04:6b:bd:d3:8c:76:12:a1:01:
79:36:80:62:df:8e:95:f8:df:02:bf:3e:02:c0:7d:
71:d1:88:2f:b5:3f:fc:71:a6:b9:61:00:d8:9e:90:
d9:23:c2:2d:e0:6f:41:5e:1c:1a:de:01:7f:0d:37:
51:27:83:7c:b4:4e:91:65:85:a4:13:5d:7c:68:12:
53:6d:3c:8c:c8:d6:11:a0:c0:3f:99:b0:4d:27:e1:
c7:80:a7:96:91:80:41:67:42:1d:98:0e:df:ef:85:
af:a2:1d:f5:4c:f7:29:1f:3d:5d:a1:3a:b9:a6:e8:
6a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:87:EF:AF:D2:42:03:7D:8C:E4:DD:1B:0E:A3:DB:F5:37:15:AB:6B
X509v3 Authority Key Identifier:
keyid:E3:8A:C2:CF:B2:99:71:5B:3B:6D:58:66:C1:5C:F3:53:BE:48:A7:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repo.registro.br/repo/DKNtGA7spd4f5R3QACa56rczYDQyAc81wqo5cjBDU3d/0/E38AC2CFB299715B3B6D5866C15CF353BE48A770.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/E38AC2CFB299715B3B6D5866C15CF353BE48A770.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-repo.registro.br/repo/DKNtGA7spd4f5R3QACa56rczYDQyAc81wqo5cjBDU3d/0/3138392e38392e3234382e302f32322d3330203d3e203238313838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
189.89.248.0/22
Signature Algorithm: sha256WithRSAEncryption
25:97:6f:97:8c:92:6c:4e:26:53:1b:6e:b9:b9:a3:d9:71:c1:
17:13:e7:ea:79:57:c3:bb:ef:8b:b3:e2:c2:2a:b5:09:13:3a:
31:82:b6:1e:77:cd:c2:bb:48:b0:23:81:36:fb:bc:68:d2:34:
93:cf:1e:d3:50:8d:16:08:5e:08:e8:33:48:8f:f2:17:36:e2:
fa:a5:51:e6:5e:ec:b3:6e:04:79:08:a9:a2:78:cf:01:0d:cd:
ca:64:8b:7c:78:8c:29:ff:82:f8:44:7c:3b:29:10:53:1d:2e:
d8:f8:40:72:e5:cc:80:f1:ff:59:e7:56:34:d5:fd:2d:f2:c5:
b4:14:c3:92:c2:89:43:e6:dc:a7:18:9c:a5:d4:f4:62:71:df:
15:95:c3:c7:50:92:ec:ee:d7:6b:f4:b5:11:65:ac:bf:4e:0f:
45:b7:f5:87:f2:e9:b8:96:f4:cf:96:2f:a8:73:2f:e0:15:fa:
9a:b1:f5:8e:3c:76:bc:d7:9c:00:1e:ec:d0:99:83:35:38:cf:
2e:3f:70:6b:17:84:5f:47:33:d6:cb:2d:55:87:15:fe:a5:a0:
48:7b:ce:a4:9a:61:fa:c5:ac:d1:e6:2b:69:e6:e8:f6:cb:c4:
5e:72:bf:ec:56:e7:ea:0a:e8:a4:a3:37:4f:a7:56:53:ed:cb:
ed:aa:2e:d4
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUAcsuINg9gKuzjCvqxaq9x64MFOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTM4QUMyQ0ZCMjk5NzE1QjNCNkQ1ODY2QzE1Q0YzNTNC
RTQ4QTc3MDAeFw0yNTAyMDUyMjUxMTJaFw0yNjAyMDQyMjU2MTJaMDMxMTAvBgNV
BAMTKEUwODdFRkFGRDI0MjAzN0Q4Q0U0REQxQjBFQTNEQkY1MzcxNUFCNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzFPYQJZUZUE9kg5Erje4XNMbD
kfAgirhH7pQqlTZ9l0vvxecXBPQsUpsMUGxe469+PoVzqADQS0F9gAftswQN78+j
y4/Xll4EDXA4axjpEvbxPbxJJYHva1qHR1+UCKxtcdN9xHsi+DF1g1R1yQ+zEkDB
5Q9SOhS8xH+X+7urnoWj3FKzlpZwH3p3JQRrvdOMdhKhAXk2gGLfjpX43wK/PgLA
fXHRiC+1P/xxprlhANiekNkjwi3gb0FeHBreAX8NN1Eng3y0TpFlhaQTXXxoElNt
PIzI1hGgwD+ZsE0n4ceAp5aRgEFnQh2YDt/vha+iHfVM9ykfPV2hOrmm6GpxAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQU4Ifvr9JCA32M5N0bDqPb9TcVq2swHwYDVR0j
BBgwFoAU44rCz7KZcVs7bVhmwVzzU75Ip3AwDgYDVR0PAQH/BAQDAgeAMIGSBgNV
HR8EgYowgYcwgYSggYGgf4Z9cnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIv
cmVwby9ES050R0E3c3BkNGY1UjNRQUNhNTZyY3pZRFF5QWM4MXdxbzVjakJEVTNk
LzAvRTM4QUMyQ0ZCMjk5NzE1QjNCNkQ1ODY2QzE1Q0YzNTNCRTQ4QTc3MC5jcmww
eAYIKwYBBQUHAQEEbDBqMGgGCCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5y
ZWdpc3Ryby5ici9yZXBvL25pY2JyX3JlcG8vMS9FMzhBQzJDRkIyOTk3MTVCM0I2
RDU4NjZDMTVDRjM1M0JFNDhBNzcwLmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgG
CCsGAQUFBzALhoGLcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9E
S050R0E3c3BkNGY1UjNRQUNhNTZyY3pZRFF5QWM4MXdxbzVjakJEVTNkLzAvMzEz
ODM5MmUzODM5MmUzMjM0MzgyZTMwMmYzMjMyMmQzMzMwMjAzZDNlMjAzMjM4MzEz
ODM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQCvVn4MA0GCSqGSIb3DQEBCwUAA4IBAQAll2+XjJJsTiZT
G265uaPZccEXE+fqeVfDu++Ls+LCKrUJEzoxgrYed83Cu0iwI4E2+7xo0jSTzx7T
UI0WCF4I6DNIj/IXNuL6pVHmXuyzbgR5CKmieM8BDc3KZIt8eIwp/4L4RHw7KRBT
HS7Y+EBy5cyA8f9Z51Y01f0t8sW0FMOSwolD5tynGJyl1PRicd8VlcPHUJLs7tdr
9LURZay/Tg9Ft/WH8um4lvTPli+ocy/gFfqasfWOPHa815wAHuzQmYM1OM8uP3Br
F4RfRzPWyy1VhxX+paBIe86kmmH6xazR5itp5uj2y8Recr/sVufqCuikozdPp1ZT
7cvtqi7U
-----END CERTIFICATE-----
Generated at Sun Apr 13 13:21:48 2025 by rpki-client