Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/R1kLDCExjG0RxvAbgcFIX76RurI.roa
File: R1kLDCExjG0RxvAbgcFIX76RurI.roa (raw, json)
Hash identifier: ds788RIqsYEcYelLlOQobM/TSWbqSVE29Zij2J+gk/I=
Subject key identifier: 47:59:0B:0C:21:31:8C:6D:11:C6:F0:1B:81:C1:48:5F:BE:91:BA:B2
Certificate issuer: /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial: 015F08
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/R1kLDCExjG0RxvAbgcFIX76RurI.roa
Signing time: Mon 17 Jun 2024 00:14:17 +0000
ROA not before: Mon 17 Jun 2024 00:14:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4128
IP address blocks: 198.180.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89864 (0x15f08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Validity
Not Before: Jun 17 00:14:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47590B0C21318C6D11C6F01B81C1485FBE91BAB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7f:22:06:bb:fa:52:c5:52:4d:5c:6b:53:5f:
d1:6d:75:7d:ab:cf:e7:08:d3:76:cc:93:20:ed:e8:
94:bd:41:1d:d1:a3:0f:ad:db:b4:b4:b9:10:a7:66:
8f:cf:a7:49:b0:de:d9:78:cd:47:c1:fa:1c:84:3e:
14:b2:ce:6c:9f:6a:64:60:2e:34:22:d4:11:7d:14:
86:e5:d6:c7:b9:4c:d9:7b:c9:b3:44:e2:31:e2:0f:
bc:e3:12:b4:c6:b4:95:6b:b2:76:21:d8:bc:f0:f6:
b6:16:70:8e:d5:c1:38:48:e1:e7:f4:8a:1d:88:93:
6f:9a:45:1f:c2:9c:88:29:a3:4e:fa:3c:7a:36:71:
36:f5:0a:6f:2e:ab:4d:0a:c8:04:e4:d1:44:13:a9:
a9:2b:bc:bb:4a:fb:46:1c:62:62:d0:2e:14:1f:f0:
26:d9:ba:6c:77:ae:e4:56:d7:00:fc:22:60:1a:0a:
62:dc:e4:e5:bb:b8:15:d2:90:20:9b:c9:cc:69:15:
b0:83:c0:c4:63:8e:d1:f9:7d:f0:cd:22:eb:56:db:
45:63:9b:03:5b:9f:72:0f:a8:47:dc:59:53:87:cb:
d5:30:12:5e:59:58:7d:93:27:b2:a8:19:37:81:af:
ed:15:df:75:ba:a8:de:94:e0:46:26:c6:2e:1c:c4:
68:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:59:0B:0C:21:31:8C:6D:11:C6:F0:1B:81:C1:48:5F:BE:91:BA:B2
X509v3 Authority Key Identifier:
keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/R1kLDCExjG0RxvAbgcFIX76RurI.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
198.180.152.0/24
Signature Algorithm: sha256WithRSAEncryption
76:a1:fd:7a:ad:8e:a1:e8:1a:d8:8a:34:28:85:76:7f:9f:73:
e8:17:ab:53:dd:8b:2c:e1:d3:fb:d5:05:ae:40:85:fe:6a:70:
cd:39:2e:f6:58:7d:75:1e:e9:8f:19:9c:3b:fe:4c:77:bb:f7:
8b:31:89:2d:35:5a:91:3f:6f:e3:c1:fd:5d:ca:3d:7a:2e:7c:
2a:fd:12:55:8a:31:0b:9d:68:c5:1b:b6:22:cf:78:73:66:2c:
20:e0:bc:16:f5:e9:ae:3e:1e:f6:b8:7b:b6:35:03:32:01:c9:
7c:c5:b9:b3:7d:3c:d1:14:11:d1:c0:89:eb:62:91:8e:22:bb:
a8:fc:98:69:c1:f1:f8:85:5a:f4:6d:ad:be:ff:1a:ee:cc:45:
2d:e0:d3:ef:62:d4:d3:d6:d2:d7:a9:4f:cb:5e:df:9a:66:74:
3d:6a:7b:73:68:67:0f:14:56:24:d8:e1:da:70:60:f3:35:3e:
98:df:63:3f:00:08:b2:3a:26:b1:dc:66:ee:b5:0a:2b:ce:c0:
01:4a:cd:d3:38:ef:d0:fe:01:3f:38:a6:ba:42:88:d4:bd:b6:
be:be:b5:3f:a3:74:d8:af:5f:88:21:f9:ac:ca:40:76:3a:27:
c5:52:38:f0:1e:f8:a3:5e:89:06:ca:ac:e9:85:17:fa:44:1d:
e5:90:12:a7
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDAV8IMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjQwNjE3
MDAxNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0NzU5MEIwQzIxMzE4
QzZEMTFDNkYwMUI4MUMxNDg1RkJFOTFCQUIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuX8iBrv6UsVSTVxrU1/RbXV9q8/nCNN2zJMg7eiUvUEd0aMP
rdu0tLkQp2aPz6dJsN7ZeM1HwfochD4Uss5sn2pkYC40ItQRfRSG5dbHuUzZe8mz
ROIx4g+84xK0xrSVa7J2Idi88Pa2FnCO1cE4SOHn9IodiJNvmkUfwpyIKaNO+jx6
NnE29QpvLqtNCsgE5NFEE6mpK7y7SvtGHGJi0C4UH/Am2bpsd67kVtcA/CJgGgpi
3OTlu7gV0pAgm8nMaRWwg8DEY47R+X3wzSLrVttFY5sDW59yD6hH3FlTh8vVMBJe
WVh9kyeyqBk3ga/tFd91uqjelOBGJsYuHMRoIwIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFEdZCwwhMYxtEcbwG4HBSF++kbqyMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VL1Ixa0xEQ0V4akcwUnh2QWJnY0ZJWDc2UnVySS5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAMa0mDANBgkqhkiG9w0BAQsFAAOCAQEAdqH9
eq2Ooega2Io0KIV2f59z6BerU92LLOHT+9UFrkCF/mpwzTku9lh9dR7pjxmcO/5M
d7v3izGJLTVakT9v48H9Xco9ei58Kv0SVYoxC51oxRu2Is94c2YsIOC8FvXprj4e
9rh7tjUDMgHJfMW5s3080RQR0cCJ62KRjiK7qPyYacHx+IVa9G2tvv8a7sxFLeDT
72LU09bS16lPy17fmmZ0PWp7c2hnDxRWJNjh2nBg8zU+mN9jPwAIsjomsdxm7rUK
K87AAUrN0zjv0P4BPzimukKI1L22vr61P6N02K9fiCH5rMpAdjonxVI48B74o16J
Bsqs6YUX+kQd5ZASpw==
-----END CERTIFICATE-----
Generated at Thu Apr 10 07:50:08 2025 by rpki-client