Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/58gc0aK00c_TTprPc4N670egOQA.roa
File: 58gc0aK00c_TTprPc4N670egOQA.roa (raw, json)
Hash identifier: 4Ums39hSPhi5oCCsPBkYVNcbA0WdRLRl7tUhoIG4qVI=
Subject key identifier: E7:C8:1C:D1:A2:B4:D1:CF:D3:4E:9A:CF:73:83:7A:EF:47:A0:39:00
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4256
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/58gc0aK00c_TTprPc4N670egOQA.roa
Signing time: Sun 30 Jan 2022 00:30:08 +0000
ROA not before: Sun 30 Jan 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16982 (0x4256)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jan 30 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=E7C81CD1A2B4D1CFD34E9ACF73837AEF47A03900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:62:6d:9b:3d:b4:83:76:55:9a:54:f1:89:f5:
c4:a4:5a:e1:83:0c:06:f1:16:1c:d0:df:09:44:2a:
47:49:77:ed:3e:5c:7e:c5:fe:e6:97:bb:71:87:37:
f1:7c:2f:cf:ed:3d:62:7e:8b:45:3d:29:c1:4b:c8:
01:0c:1e:2d:6d:99:8a:b3:08:14:f1:9d:6e:9e:84:
c1:3c:86:0c:4a:03:53:65:a0:94:d7:05:80:30:65:
1e:f6:43:c0:51:71:9e:9e:92:65:4b:9e:6a:b3:7b:
7a:fd:45:7c:bd:87:0b:59:ae:06:0b:01:b9:7d:bf:
6e:d8:f5:0e:99:8d:e5:6b:29:9d:48:8a:fe:b4:c4:
12:06:aa:10:30:d1:a7:4d:ef:3f:39:d5:39:81:f9:
d4:fb:43:f3:fd:82:78:df:e0:58:15:2b:16:5d:4a:
fa:0c:55:a0:72:28:72:35:53:23:d0:6c:4b:ed:6e:
bc:8f:4e:f6:3c:0b:1f:3a:79:c4:ef:f8:9d:76:5b:
3c:88:7a:18:4a:72:92:cd:e1:92:88:02:9d:91:6e:
71:34:ad:b9:2e:50:eb:c8:38:d0:98:54:da:ce:68:
73:1f:ff:ba:35:50:0e:b2:42:99:2f:ed:f7:0c:51:
d0:c1:d7:91:07:2a:fd:82:a1:0e:ad:b1:7e:fc:d2:
6c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C8:1C:D1:A2:B4:D1:CF:D3:4E:9A:CF:73:83:7A:EF:47:A0:39:00
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/58gc0aK00c_TTprPc4N670egOQA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:57:3d:ca:38:c5:cd:e0:fd:d3:b3:94:a3:19:be:b3:17:dd:
dc:e5:e1:09:f3:66:e0:a9:af:3f:f0:ec:31:f1:73:fe:e5:aa:
2e:15:5d:3d:9a:3f:14:6a:99:f7:75:d9:e8:48:74:d3:fc:a5:
0d:eb:32:f3:cf:ae:64:92:0c:bb:1c:ac:cf:6e:60:22:30:ec:
dc:73:b5:74:77:d5:08:da:75:6c:2b:90:a0:90:a9:b5:2a:a1:
84:5f:ca:c8:c3:2c:43:99:55:a6:e0:36:d1:4f:42:fb:de:3c:
5c:29:54:ff:bd:23:2e:d9:71:87:28:75:95:a3:82:d0:e3:b7:
d2:00:59:72:89:14:03:cd:d9:0c:74:95:56:d9:dd:87:c2:25:
b0:65:18:33:db:96:5c:83:3f:d8:83:f2:63:6f:bf:29:4e:24:
a0:4c:56:0b:57:2a:8b:ff:38:fa:37:f3:2e:69:2c:e0:1c:34:
ac:a9:c5:43:78:70:01:db:a1:1a:f2:4b:36:04:f7:2f:c9:5b:
97:fb:87:db:4d:e4:8d:1d:60:d0:bb:a3:f0:19:67:f7:23:77:
7d:f2:24:48:d0:9d:a2:4d:08:17:49:10:3c:eb:44:52:0b:3c:
7c:47:9f:b4:62:5a:c9:52:1c:bb:18:79:d0:64:fd:67:fd:70:
5c:60:02:af
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQlYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAxMzAw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEU3QzgxQ0QxQTJCNEQx
Q0ZEMzRFOUFDRjczODM3QUVGNDdBMDM5MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsYm2bPbSDdlWaVPGJ9cSkWuGDDAbxFhzQ3wlEKkdJd+0+XH7F
/uaXu3GHN/F8L8/tPWJ+i0U9KcFLyAEMHi1tmYqzCBTxnW6ehME8hgxKA1NloJTX
BYAwZR72Q8BRcZ6ekmVLnmqze3r9RXy9hwtZrgYLAbl9v27Y9Q6ZjeVrKZ1Iiv60
xBIGqhAw0adN7z851TmB+dT7Q/P9gnjf4FgVKxZdSvoMVaByKHI1UyPQbEvtbryP
TvY8Cx86ecTv+J12WzyIehhKcpLN4ZKIAp2RbnE0rbkuUOvIONCYVNrOaHMf/7o1
UA6yQpkv7fcMUdDB15EHKv2CoQ6tsX780myfAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU58gc0aK00c/TTprPc4N670egOQAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS81OGdjMGFLMDBjX1RUcHJQYzRONjcwZWdPUUEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
ALZXPco4xc3g/dOzlKMZvrMX3dzl4QnzZuCprz/w7DHxc/7lqi4VXT2aPxRqmfd1
2ehIdNP8pQ3rMvPPrmSSDLscrM9uYCIw7NxztXR31QjadWwrkKCQqbUqoYRfysjD
LEOZVabgNtFPQvvePFwpVP+9Iy7ZcYcodZWjgtDjt9IAWXKJFAPN2Qx0lVbZ3YfC
JbBlGDPbllyDP9iD8mNvvylOJKBMVgtXKov/OPo38y5pLOAcNKypxUN4cAHboRry
SzYE9y/JW5f7h9tN5I0dYNC7o/AZZ/cjd33yJEjQnaJNCBdJEDzrRFILPHxHn7Ri
WslSHLsYedBk/Wf9cFxgAq8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org