Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/5BLMr9Y4m3kkq5F7ruKETlphd2k.roa
File: 5BLMr9Y4m3kkq5F7ruKETlphd2k.roa (raw, json)
Hash identifier: qHd1Tojyat8ng2VHOBK2dQf/Bj/u2yAqsvGmmhPzUYQ=
Subject key identifier: E4:12:CC:AF:D6:38:9B:79:24:AB:91:7B:AE:E2:84:4E:5A:61:77:69
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4920
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/5BLMr9Y4m3kkq5F7ruKETlphd2k.roa
Signing time: Thu 02 Jun 2022 00:30:11 +0000
ROA not before: Thu 02 Jun 2022 00:30:11 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18720 (0x4920)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 2 00:30:11 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=E412CCAFD6389B7924AB917BAEE2844E5A617769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:26:3c:ba:de:f9:6e:a7:68:b2:c2:95:57:59:
b6:24:2c:9a:99:0c:eb:37:98:f0:3e:2b:37:70:f0:
08:08:55:92:5d:c2:39:b8:1f:38:2a:d1:f0:fb:11:
01:4f:2a:b4:67:e2:d5:bf:4f:ca:46:5b:e7:2f:bc:
ff:da:09:da:e3:d5:1c:8f:9f:cf:09:4f:88:bb:56:
bb:6a:d2:27:f3:b6:60:40:00:34:c8:c4:71:9a:d7:
c7:39:58:50:4b:ed:b7:bd:00:a8:a1:cc:d9:be:4c:
df:e0:32:5f:30:a4:65:8a:94:49:93:53:70:60:ed:
a8:f0:63:5f:70:0a:ef:34:0c:12:d5:b3:77:99:ca:
d6:51:c8:6e:e6:92:96:ac:ab:f5:53:ec:cf:d1:a7:
0a:e3:d0:71:f0:1b:8c:1e:e2:cb:10:d1:8a:8e:1d:
52:2b:0d:4d:cd:65:49:8e:6c:d3:26:3e:44:4e:e6:
46:38:37:b2:4f:43:92:7e:c9:10:04:c4:c5:a5:be:
0e:0a:0c:bd:ca:3a:27:6c:9b:e1:cb:dd:ae:d1:54:
19:b4:ae:15:65:c9:fc:7e:00:aa:9c:45:95:e7:da:
0f:fd:82:31:d7:3a:5b:b0:e4:47:8f:94:f9:01:da:
13:9f:48:7e:d9:bf:ba:aa:4c:3e:5c:9e:d1:9c:b2:
5e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:12:CC:AF:D6:38:9B:79:24:AB:91:7B:AE:E2:84:4E:5A:61:77:69
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/5BLMr9Y4m3kkq5F7ruKETlphd2k.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ac:ac:6d:79:57:2c:5e:1d:d8:7b:07:56:c1:5f:66:b2:63:
c2:37:03:a6:b9:04:c5:2f:dc:3f:ce:50:19:80:c6:17:ed:80:
f5:c3:18:22:1f:6e:f7:a8:0c:a3:9a:88:b1:36:f2:90:0b:47:
50:9e:b6:2a:04:c2:f4:64:bb:dc:5b:56:40:4f:30:2e:b2:8f:
e1:64:17:db:03:06:87:bf:08:3b:1e:44:fe:39:7a:9d:e3:17:
24:67:da:75:29:81:c8:10:bb:95:92:a7:96:fc:c4:a3:01:81:
e0:7d:1a:cb:69:6a:5f:a1:3c:36:8e:59:c7:b2:0a:86:a4:0a:
b5:69:75:fd:05:01:76:17:00:a3:41:a8:05:41:16:fd:21:98:
27:bc:74:b2:c7:0a:fd:7e:f1:fe:93:a1:99:47:3a:f3:d8:f2:
38:3a:25:03:ca:8b:cd:c8:59:93:e5:df:0a:40:bf:3a:fd:bf:
43:17:af:8f:74:b0:1b:5e:c0:b2:12:cf:20:4b:12:7f:9f:1d:
42:49:b3:44:d9:2c:57:67:9d:f7:41:03:e3:9f:23:62:2c:49:
73:57:5a:7c:d8:79:e5:7f:6f:7a:33:07:9d:02:77:6f:cc:1b:
58:2b:64:88:51:60:31:16:1d:a4:ca:fd:ca:4e:ed:ee:24:de:
10:89:92:ec
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSSAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDIw
MDMwMTFaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEU0MTJDQ0FGRDYzODlC
NzkyNEFCOTE3QkFFRTI4NDRFNUE2MTc3NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDJjy63vlup2iywpVXWbYkLJqZDOs3mPA+Kzdw8AgIVZJdwjm4
Hzgq0fD7EQFPKrRn4tW/T8pGW+cvvP/aCdrj1RyPn88JT4i7Vrtq0ifztmBAADTI
xHGa18c5WFBL7be9AKihzNm+TN/gMl8wpGWKlEmTU3Bg7ajwY19wCu80DBLVs3eZ
ytZRyG7mkpasq/VT7M/Rpwrj0HHwG4we4ssQ0YqOHVIrDU3NZUmObNMmPkRO5kY4
N7JPQ5J+yRAExMWlvg4KDL3KOidsm+HL3a7RVBm0rhVlyfx+AKqcRZXn2g/9gjHX
Oluw5EePlPkB2hOfSH7Zv7qqTD5cntGcsl6nAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU5BLMr9Y4m3kkq5F7ruKETlphd2kwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS81QkxNcjlZNG0za2txNUY3cnVLRVRscGhkMmsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AFqsrG15VyxeHdh7B1bBX2ayY8I3A6a5BMUv3D/OUBmAxhftgPXDGCIfbveoDKOa
iLE28pALR1CetioEwvRku9xbVkBPMC6yj+FkF9sDBoe/CDseRP45ep3jFyRn2nUp
gcgQu5WSp5b8xKMBgeB9Gstpal+hPDaOWceyCoakCrVpdf0FAXYXAKNBqAVBFv0h
mCe8dLLHCv1+8f6ToZlHOvPY8jg6JQPKi83IWZPl3wpAvzr9v0MXr490sBtewLIS
zyBLEn+fHUJJs0TZLFdnnfdBA+OfI2IsSXNXWnzYeeV/b3ozB50Cd2/MG1grZIhR
YDEWHaTK/cpO7e4k3hCJkuw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org