Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/2jcn0IdmqS6Uf4-Wd1_kqsgXlj4.roa
File: 2jcn0IdmqS6Uf4-Wd1_kqsgXlj4.roa (raw, json)
Hash identifier: hur1BIDAV7UTrCUeSKxWItXt4P9zv3LicQuJH4UDMjc=
Subject key identifier: DA:37:27:D0:87:66:A9:2E:94:7F:8F:96:77:5F:E4:AA:C8:17:96:3E
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 45B0
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/2jcn0IdmqS6Uf4-Wd1_kqsgXlj4.roa
Signing time: Sat 02 Apr 2022 00:30:07 +0000
ROA not before: Sat 02 Apr 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 45.132.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17840 (0x45b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 2 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=DA3727D08766A92E947F8F96775FE4AAC817963E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f2:eb:d5:58:98:ce:0b:f3:1b:3f:fc:dd:b0:
e7:9a:7d:5d:82:b5:17:91:fc:4f:59:ce:f6:12:92:
2d:da:4e:60:c2:02:a0:a4:82:d4:bb:b5:53:0e:13:
ec:b2:33:fb:83:aa:8f:46:40:ab:57:03:de:24:ea:
0b:1c:73:ff:dd:c3:f8:97:15:53:8a:51:b6:11:18:
c2:d9:79:ee:e5:da:56:8e:ad:24:23:23:10:5a:58:
0b:07:21:06:d9:7e:09:9b:3e:6b:4c:5a:50:5a:78:
d5:cf:22:78:67:b5:7e:48:c6:fc:c7:89:90:22:e1:
dd:02:46:7c:1e:5e:65:ab:dd:32:5e:5d:69:38:42:
c6:35:f6:5d:94:ba:6d:cd:59:5d:5a:a5:3b:9a:ef:
de:a6:93:ac:56:89:15:a0:28:a7:f4:86:74:1d:18:
25:fa:da:04:c7:1e:60:66:b6:b8:e2:40:33:a0:dd:
71:54:8b:c6:bc:09:fa:08:0b:80:5f:d4:0d:ae:a2:
ef:07:9c:d4:4f:7a:e0:b8:3e:c6:4f:51:90:26:5f:
e7:54:75:b6:6b:a0:83:b8:fd:43:ad:5d:25:69:8b:
1b:62:8d:ca:ac:46:33:c8:44:bb:41:94:f4:fe:0f:
d0:2b:76:ab:95:54:12:5d:7f:b4:57:6e:f0:40:de:
6e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:37:27:D0:87:66:A9:2E:94:7F:8F:96:77:5F:E4:AA:C8:17:96:3E
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/2jcn0IdmqS6Uf4-Wd1_kqsgXlj4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.191.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:bf:70:92:92:a1:6c:e0:8b:69:01:1a:2a:db:a8:26:43:2a:
2e:34:fb:e0:9e:ae:09:52:fd:3f:7f:be:40:cd:69:e2:22:45:
b9:21:34:f0:59:c5:d5:30:74:75:09:cb:cf:98:5d:a8:8b:55:
f6:d4:11:a3:15:a6:fd:db:95:9d:23:67:41:cc:42:df:f6:fa:
0e:eb:7c:4e:f2:d6:7a:f6:b1:0a:9e:6a:42:cf:95:3e:21:ee:
d9:f4:d7:06:b6:af:c2:bb:90:51:cd:40:f5:71:0d:31:13:e3:
4c:8a:23:64:79:51:8d:1e:59:80:83:84:16:4b:59:96:9a:8c:
be:f0:51:ae:4d:54:ed:62:64:5e:78:de:39:51:de:4e:8b:28:
1e:60:d0:0e:a5:02:3e:64:52:8e:77:36:a3:bf:eb:b8:00:f7:
6b:28:f3:32:f9:27:b4:5f:86:b2:fc:cd:20:6a:6b:57:6c:c0:
05:77:68:ec:cf:27:51:ea:86:7f:c3:5c:f9:36:f2:6c:af:7a:
93:6b:02:af:16:07:a4:e0:e7:26:bb:48:2c:bd:52:af:c9:39:
bf:be:1f:3b:d0:67:f1:d4:dc:ca:d6:0f:2d:4f:be:a4:02:39:
a8:d0:3c:d2:69:12:7e:fe:95:bd:44:bc:21:fd:ea:a6:6c:ce:
94:35:10:34
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRbAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MDIw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKERBMzcyN0QwODc2NkE5
MkU5NDdGOEY5Njc3NUZFNEFBQzgxNzk2M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL8uvVWJjOC/MbP/zdsOeafV2CtReR/E9ZzvYSki3aTmDCAqCk
gtS7tVMOE+yyM/uDqo9GQKtXA94k6gscc//dw/iXFVOKUbYRGMLZee7l2laOrSQj
IxBaWAsHIQbZfgmbPmtMWlBaeNXPInhntX5IxvzHiZAi4d0CRnweXmWr3TJeXWk4
QsY19l2Uum3NWV1apTua796mk6xWiRWgKKf0hnQdGCX62gTHHmBmtrjiQDOg3XFU
i8a8CfoIC4Bf1A2uou8HnNRPeuC4PsZPUZAmX+dUdbZroIO4/UOtXSVpixtijcqs
RjPIRLtBlPT+D9ArdquVVBJdf7RXbvBA3m4lAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU2jcn0IdmqS6Uf4+Wd1/kqsgXlj4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS8yamNuMElkbXFTNlVmNC1XZDFfa3FzZ1hsajQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL8wDQYJKoZIhvcNAQELBQADggEB
AKi/cJKSoWzgi2kBGirbqCZDKi40++CerglS/T9/vkDNaeIiRbkhNPBZxdUwdHUJ
y8+YXaiLVfbUEaMVpv3blZ0jZ0HMQt/2+g7rfE7y1nr2sQqeakLPlT4h7tn01wa2
r8K7kFHNQPVxDTET40yKI2R5UY0eWYCDhBZLWZaajL7wUa5NVO1iZF543jlR3k6L
KB5g0A6lAj5kUo53NqO/67gA92so8zL5J7RfhrL8zSBqa1dswAV3aOzPJ1Hqhn/D
XPk28myvepNrAq8WB6Tg5ya7SCy9Uq/JOb++HzvQZ/HU3MrWDy1PvqQCOajQPNJp
En7+lb1EvCH96qZszpQ1EDQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:35 2023 by rpki-client on console-fra.rpki-client.org