Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/BkrtfCR_OgukGue8YjYYTrx4W0U.roa
File: BkrtfCR_OgukGue8YjYYTrx4W0U.roa (raw, json)
Hash identifier: HCHgBH28VvQgyYvy/dNRgKEk0TnAIjpWN3OPNnpgDiU=
Subject key identifier: 06:4A:ED:7C:24:7F:3A:0B:A4:1A:E7:BC:62:36:18:4E:BC:78:5B:45
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 462E
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/BkrtfCR_OgukGue8YjYYTrx4W0U.roa
Signing time: Mon 11 Apr 2022 00:30:07 +0000
ROA not before: Mon 11 Apr 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 45.132.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17966 (0x462e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 11 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=064AED7C247F3A0BA41AE7BC6236184EBC785B45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c2:12:21:fa:57:ed:d6:9d:f9:b5:29:89:00:
ec:4b:0d:ec:87:7a:af:68:40:96:d7:0f:f6:c5:9c:
a2:a5:53:87:73:3b:6a:89:dc:9e:7b:e0:0d:51:c4:
06:16:55:62:65:78:c2:0f:33:8b:b8:45:fd:1e:00:
a8:d0:bc:0a:d6:fa:ba:2f:cd:fc:af:08:74:2f:a0:
82:55:f0:2c:8e:17:93:e7:a4:e5:c6:51:7f:ae:2a:
45:ba:46:5e:e8:dc:b4:1b:41:8e:9e:aa:7f:2e:9f:
4c:54:31:9e:c5:fc:61:5d:1a:d0:da:a5:f9:46:62:
5d:53:a4:40:0e:ce:24:00:ac:e4:94:13:02:5b:d9:
1c:be:fb:5b:30:bd:f9:44:ed:10:36:98:eb:74:eb:
d2:18:6d:0b:2f:27:65:1c:89:35:f1:1c:ac:ae:28:
d6:bc:46:b9:b9:f8:c1:f8:e5:10:d9:5b:d3:1f:12:
68:85:2a:35:ac:48:f9:a7:91:6d:97:b8:88:3f:92:
03:93:99:1c:e8:b3:20:5c:f8:28:1b:8f:22:52:59:
e8:e1:95:79:e2:a4:90:f4:2d:5f:28:aa:69:b0:5d:
02:68:2a:8b:f2:4a:09:6f:8c:1b:a3:8e:1e:00:18:
91:8e:ca:55:54:a2:37:f3:c2:5d:1d:63:62:f8:c8:
c2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:4A:ED:7C:24:7F:3A:0B:A4:1A:E7:BC:62:36:18:4E:BC:78:5B:45
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/BkrtfCR_OgukGue8YjYYTrx4W0U.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.191.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:6a:76:a1:52:83:ae:53:20:70:24:2b:d6:01:5d:f1:09:43:
8a:5c:00:57:16:bd:c2:e2:c6:7e:24:b3:40:29:29:d1:b0:c3:
4a:70:44:8a:41:0c:21:cd:ba:b0:40:ac:5e:6e:8c:28:74:96:
e9:15:7c:42:ce:80:6b:46:14:20:b6:ca:5c:5d:2b:2a:11:6c:
5f:46:28:55:3e:dd:50:4e:02:f2:21:20:51:47:2c:5d:94:ab:
5c:48:d4:af:4c:0a:ff:30:03:b1:2a:55:73:93:88:88:c3:17:
72:f1:6f:5a:c9:f7:a8:2a:8c:bd:e6:0a:f1:f1:ed:4f:12:19:
ef:93:e6:c7:9a:aa:1c:76:43:22:9f:d4:e4:dc:af:7b:44:c2:
ba:48:d8:4d:b0:2b:68:ba:3f:92:1f:09:04:0f:21:b1:9b:d1:
bc:bd:0a:91:c6:a6:66:7a:9d:32:57:87:8b:26:2a:16:a9:04:
59:e0:f8:93:f9:90:57:55:c1:1b:c1:e3:ce:c0:a4:2c:28:93:
48:6a:92:bb:7a:04:b2:13:7f:94:28:02:89:a9:00:a9:4f:0d:
95:3f:9c:18:7f:04:00:06:11:53:db:ea:e9:67:46:6f:00:25:
95:15:24:57:95:a1:d4:03:a7:07:f0:68:58:67:75:98:fd:29:
f0:c3:86:1c
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRi4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MTEw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDA2NEFFRDdDMjQ3RjNB
MEJBNDFBRTdCQzYyMzYxODRFQkM3ODVCNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwwhIh+lft1p35tSmJAOxLDeyHeq9oQJbXD/bFnKKlU4dzO2qJ
3J574A1RxAYWVWJleMIPM4u4Rf0eAKjQvArW+rovzfyvCHQvoIJV8CyOF5PnpOXG
UX+uKkW6Rl7o3LQbQY6eqn8un0xUMZ7F/GFdGtDapflGYl1TpEAOziQArOSUEwJb
2Ry++1swvflE7RA2mOt069IYbQsvJ2UciTXxHKyuKNa8Rrm5+MH45RDZW9MfEmiF
KjWsSPmnkW2XuIg/kgOTmRzosyBc+CgbjyJSWejhlXnipJD0LV8oqmmwXQJoKovy
SglvjBujjh4AGJGOylVUojfzwl0dY2L4yMLRAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUBkrtfCR/OgukGue8YjYYTrx4W0UwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9Ca3J0ZkNSX09ndWtHdWU4WWpZWVRyeDRXMFUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL8wDQYJKoZIhvcNAQELBQADggEB
AE1qdqFSg65TIHAkK9YBXfEJQ4pcAFcWvcLixn4ks0ApKdGww0pwRIpBDCHNurBA
rF5ujCh0lukVfELOgGtGFCC2ylxdKyoRbF9GKFU+3VBOAvIhIFFHLF2Uq1xI1K9M
Cv8wA7EqVXOTiIjDF3Lxb1rJ96gqjL3mCvHx7U8SGe+T5seaqhx2QyKf1OTcr3tE
wrpI2E2wK2i6P5IfCQQPIbGb0by9CpHGpmZ6nTJXh4smKhapBFng+JP5kFdVwRvB
487ApCwok0hqkrt6BLITf5QoAompAKlPDZU/nBh/BAAGEVPb6ulnRm8AJZUVJFeV
odQDpwfwaFhndZj9KfDDhhw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org