Route Origin Authorization
$ rpki-client -vvf rpki-repo.registro.br/repo/GKi2zYPvVCvUpaK8TRHVa88YkdKQi7wBzKgwjmyL4RCq/0/323830343a6636383a3a2f33322d3332203d3e20323633353834.roa
File: 323830343a6636383a3a2f33322d3332203d3e20323633353834.roa (raw, json)
Hash identifier: F0KhNJIeUyYC7RwuASJwDCy4T2F18NcZavMHXlC81C4=
Subject key identifier: 9C:D5:8C:37:0C:30:F5:1C:48:D6:EA:4E:7F:86:EB:4F:00:4D:7B:41
Certificate issuer: /CN=0CA968287B9271A9974F582D45CD23848B33CFFD
Certificate serial: 469F00E7F36434894FDAD856A7F3F329F96F7476
Authority key identifier: 0C:A9:68:28:7B:92:71:A9:97:4F:58:2D:45:CD:23:84:8B:33:CF:FD
Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0CA968287B9271A9974F582D45CD23848B33CFFD.cer
Subject info access: rsync://rpki-repo.registro.br/repo/GKi2zYPvVCvUpaK8TRHVa88YkdKQi7wBzKgwjmyL4RCq/0/323830343a6636383a3a2f33322d3332203d3e20323633353834.roa
Signing time: Fri 13 Jun 2025 03:14:41 +0000
ROA not before: Fri 13 Jun 2025 03:09:41 +0000
ROA not after: Fri 12 Jun 2026 03:14:41 +0000
asID: 263584
IP address blocks: 2804:f68::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:9f:00:e7:f3:64:34:89:4f:da:d8:56:a7:f3:f3:29:f9:6f:74:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0CA968287B9271A9974F582D45CD23848B33CFFD
Validity
Not Before: Jun 13 03:09:41 2025 GMT
Not After : Jun 12 03:14:41 2026 GMT
Subject: CN=9CD58C370C30F51C48D6EA4E7F86EB4F004D7B41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:1f:1a:df:65:c4:f6:9b:1a:e6:95:34:4c:96:
4a:c2:08:2f:4f:37:53:d2:f4:a7:d1:f6:06:de:75:
5c:39:39:67:8a:7e:38:f8:27:6d:c9:8b:cc:ce:ee:
9b:0b:86:dd:54:b7:aa:24:d8:5d:fe:31:eb:39:50:
b7:cc:40:85:44:b1:e8:ec:50:3a:1c:6b:22:79:ba:
95:48:6a:3d:ec:fe:e7:89:31:33:a9:14:25:fc:02:
77:48:c6:96:41:26:5f:ba:5a:e0:86:e7:23:9d:71:
e9:55:01:d7:85:69:2b:e9:d0:19:66:35:49:d2:45:
ee:dd:6a:4f:6d:7a:e7:e4:fd:26:e5:7c:fe:b5:5e:
9a:88:40:e3:03:d6:8e:60:1c:aa:e3:b4:2f:af:d2:
b9:67:42:54:50:d7:2d:e8:ef:c6:52:52:76:97:0b:
28:35:6e:e7:58:5b:68:80:61:77:26:de:60:8a:a2:
b0:e8:16:00:53:97:79:9e:6c:56:ec:0f:c5:b0:64:
3d:5d:f9:31:49:ce:fb:e5:6a:2d:00:93:14:72:df:
3e:c6:6e:2d:d2:9a:a9:cb:5f:11:9d:84:13:29:b2:
ae:ee:ce:ec:73:7a:6b:a5:ed:2a:a0:69:74:7b:67:
2f:47:b1:78:cc:8b:7d:03:52:90:ef:14:98:c6:05:
11:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D5:8C:37:0C:30:F5:1C:48:D6:EA:4E:7F:86:EB:4F:00:4D:7B:41
X509v3 Authority Key Identifier:
keyid:0C:A9:68:28:7B:92:71:A9:97:4F:58:2D:45:CD:23:84:8B:33:CF:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repo.registro.br/repo/GKi2zYPvVCvUpaK8TRHVa88YkdKQi7wBzKgwjmyL4RCq/0/0CA968287B9271A9974F582D45CD23848B33CFFD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0CA968287B9271A9974F582D45CD23848B33CFFD.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-repo.registro.br/repo/GKi2zYPvVCvUpaK8TRHVa88YkdKQi7wBzKgwjmyL4RCq/0/323830343a6636383a3a2f33322d3332203d3e20323633353834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2804:f68::/32
Signature Algorithm: sha256WithRSAEncryption
62:eb:54:5c:bf:9b:31:85:d4:26:9d:dd:9a:7c:15:f5:9b:a7:
2a:41:bc:00:a1:e0:16:87:77:9f:1c:7e:7b:b2:80:94:9d:04:
aa:b8:df:7b:9a:89:df:44:80:5f:a8:f8:35:71:e7:5c:fa:42:
96:82:7b:f3:f8:16:eb:55:db:f2:90:ab:d0:e8:85:a1:7c:5e:
81:f1:4b:7a:bd:b9:cb:6e:6c:87:18:00:3a:65:48:7a:0b:fe:
d3:1e:6b:a2:f3:60:d2:3a:6b:75:74:cb:fb:bd:cd:69:8f:31:
98:c9:f9:be:f4:1c:b7:2c:c2:12:92:36:5c:9b:3f:d3:fb:87:
0e:9f:fc:bd:07:26:d4:c3:00:f7:8f:ad:b3:b1:f8:17:12:f6:
89:73:92:f1:a0:8d:11:62:97:a4:70:89:0b:a8:20:1d:7e:79:
a4:97:49:46:c3:4c:7b:c2:10:cf:0e:94:d8:9d:f6:ba:28:76:
be:55:7f:9a:62:c0:d6:ba:5f:d3:c0:88:05:1e:bc:c9:52:77:
23:bb:61:b4:b8:49:a8:ce:b0:63:18:62:60:5c:0c:e3:67:c9:
a6:fc:7b:5a:1a:58:e3:e0:d5:18:64:6c:8b:61:79:2b:81:3e:
59:af:92:3c:9d:88:ee:94:b9:c3:ab:8e:ee:79:b8:36:b6:f8:
dc:3b:9d:fd
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIURp8A5/NkNIlP2thWp/PzKflvdHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMENBOTY4Mjg3QjkyNzFBOTk3NEY1ODJENDVDRDIzODQ4
QjMzQ0ZGRDAeFw0yNTA2MTMwMzA5NDFaFw0yNjA2MTIwMzE0NDFaMDMxMTAvBgNV
BAMTKDlDRDU4QzM3MEMzMEY1MUM0OEQ2RUE0RTdGODZFQjRGMDA0RDdCNDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrHxrfZcT2mxrmlTRMlkrCCC9P
N1PS9KfR9gbedVw5OWeKfjj4J23Ji8zO7psLht1Ut6ok2F3+Mes5ULfMQIVEsejs
UDocayJ5upVIaj3s/ueJMTOpFCX8AndIxpZBJl+6WuCG5yOdcelVAdeFaSvp0Blm
NUnSRe7dak9teufk/SblfP61XpqIQOMD1o5gHKrjtC+v0rlnQlRQ1y3o78ZSUnaX
Cyg1budYW2iAYXcm3mCKorDoFgBTl3mebFbsD8WwZD1d+TFJzvvlai0AkxRy3z7G
bi3SmqnLXxGdhBMpsq7uzuxzemul7SqgaXR7Zy9HsXjMi30DUpDvFJjGBRHtAgMB
AAGjggJOMIICSjAdBgNVHQ4EFgQUnNWMNwww9RxI1upOf4brTwBNe0EwHwYDVR0j
BBgwFoAUDKloKHuScamXT1gtRc0jhIszz/0wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vR0tpMnpZUHZWQ3ZVcGFLOFRSSFZhODhZa2RLUWk3d0J6S2d3am15TDRS
Q3EvMC8wQ0E5NjgyODdCOTI3MUE5OTc0RjU4MkQ0NUNEMjM4NDhCMzNDRkZELmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzBDQTk2ODI4N0I5MjcxQTk5
NzRGNTgyRDQ1Q0QyMzg0OEIzM0NGRkQuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0dLaTJ6WVB2VkN2VXBhSzhUUkhWYTg4WWtkS1FpN3dCektnd2pteUw0UkNxLzAv
MzIzODMwMzQzYTY2MzYzODNhM2EyZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzYzMzM1
MzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB
/wQRMA8wDQQCAAIwBwMFACgED2gwDQYJKoZIhvcNAQELBQADggEBAGLrVFy/mzGF
1Cad3Zp8FfWbpypBvACh4BaHd58cfnuygJSdBKq433uaid9EgF+o+DVx51z6QpaC
e/P4FutV2/KQq9DohaF8XoHxS3q9uctubIcYADplSHoL/tMea6LzYNI6a3V0y/u9
zWmPMZjJ+b70HLcswhKSNlybP9P7hw6f/L0HJtTDAPePrbOx+BcS9olzkvGgjRFi
l6RwiQuoIB1+eaSXSUbDTHvCEM8OlNid9roodr5Vf5piwNa6X9PAiAUevMlSdyO7
YbS4SajOsGMYYmBcDONnyab8e1oaWOPg1RhkbItheSuBPlmvkjydiO6UucOrju55
uDa2+Nw7nf0=
-----END CERTIFICATE-----
Generated at Tue Jul 1 14:15:59 2025 by rpki-client