Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/EZv7koXZ0cck7KFQHMrGM8kC5is.roa
File: EZv7koXZ0cck7KFQHMrGM8kC5is.roa (raw, json)
Hash identifier: SaefXvKp5ZMKpzPftYcNynLeFZflr52MxDH6rll1hjI=
Subject key identifier: 11:9B:FB:92:85:D9:D1:C7:24:EC:A1:50:1C:CA:C6:33:C9:02:E6:2B
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43BB
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/EZv7koXZ0cck7KFQHMrGM8kC5is.roa
Signing time: Fri 25 Feb 2022 00:30:08 +0000
ROA not before: Fri 25 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 45.132.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17339 (0x43bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 25 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=119BFB9285D9D1C724ECA1501CCAC633C902E62B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:99:ea:23:a0:50:41:aa:22:e4:81:10:40:ab:
c9:0b:90:03:00:42:4d:88:ba:01:96:0f:03:0f:77:
ec:05:74:41:25:f4:02:20:be:0a:c7:64:f9:87:c8:
4b:e3:b7:5e:16:2e:b3:ca:72:f3:5d:f0:5a:e6:c9:
e9:72:5a:e7:c4:da:68:2b:73:7b:a3:e1:ec:9b:d6:
dc:32:d6:dc:f8:a8:dc:65:fc:dd:73:d6:43:20:9e:
ba:cf:e4:cd:0a:39:e3:96:45:19:ec:63:43:01:42:
ed:98:1f:f9:65:da:c8:71:33:7c:68:32:37:91:f1:
d7:07:c7:98:dc:3e:ae:32:fd:c6:0b:f2:8e:aa:e9:
d2:23:58:ff:75:0c:4d:79:98:f9:7f:ad:8b:23:7c:
ea:2f:a8:9c:2b:20:27:3d:1b:87:22:7a:45:e9:c8:
40:22:89:86:75:16:33:27:70:0d:55:d8:09:6d:2d:
02:21:5d:ed:db:c6:65:87:c9:a4:fc:39:e2:05:f1:
0f:ef:30:e3:26:81:bc:40:62:59:75:8a:e3:58:1f:
de:22:3d:ab:3c:50:a7:22:f5:e1:15:d3:f5:bc:b3:
65:14:04:ed:20:10:54:0f:32:25:ea:e1:01:f7:11:
25:35:9d:cf:95:8a:c4:e6:7b:ca:d2:64:98:6e:64:
25:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:9B:FB:92:85:D9:D1:C7:24:EC:A1:50:1C:CA:C6:33:C9:02:E6:2B
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/EZv7koXZ0cck7KFQHMrGM8kC5is.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.191.0/24
Signature Algorithm: sha256WithRSAEncryption
59:1a:db:d0:a0:2b:2b:23:96:55:2e:23:72:3f:bb:b5:78:9c:
77:9d:6d:eb:02:63:e8:cf:86:3f:8f:51:da:bc:a1:fd:c6:76:
2b:20:03:fe:15:8f:42:77:43:62:98:d5:a7:02:8f:38:11:d8:
bc:0d:ca:09:a0:73:df:0f:ab:90:7a:62:a7:27:6b:74:e9:c6:
ec:c4:ae:b2:29:36:83:95:64:d6:2a:6b:4c:f4:42:02:9d:26:
78:e7:c7:fd:d9:1f:5b:80:f0:32:d2:4c:4d:f1:76:48:ba:c2:
21:bd:44:dc:32:cd:c5:d7:f3:f5:02:bd:3c:26:3e:99:d9:5c:
36:87:eb:8f:1f:07:29:53:50:48:3f:1c:8b:9a:64:ca:a2:cb:
b0:05:cd:e3:5d:9a:6f:9b:76:06:81:a2:28:de:74:c8:7e:6b:
c9:10:61:f8:dc:63:ef:ad:92:36:b8:b0:3b:c1:bc:2a:53:50:
90:02:13:a2:b9:0b:1a:40:54:75:c1:73:8e:2f:99:01:93:6a:
12:31:6d:dc:65:85:81:91:67:64:b3:07:f3:6e:85:6f:6f:ec:
f9:3e:ae:fa:88:94:90:5d:ec:60:30:0c:8e:21:80:be:28:3a:
1e:d9:c6:36:1f:3b:84:97:1b:5c:1c:9b:76:fa:cd:5e:ba:84:
e0:1a:e0:e0
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ7swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjUw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDExOUJGQjkyODVEOUQx
QzcyNEVDQTE1MDFDQ0FDNjMzQzkwMkU2MkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlmeojoFBBqiLkgRBAq8kLkAMAQk2IugGWDwMPd+wFdEEl9AIg
vgrHZPmHyEvjt14WLrPKcvNd8FrmyelyWufE2mgrc3uj4eyb1twy1tz4qNxl/N1z
1kMgnrrP5M0KOeOWRRnsY0MBQu2YH/ll2shxM3xoMjeR8dcHx5jcPq4y/cYL8o6q
6dIjWP91DE15mPl/rYsjfOovqJwrICc9G4ciekXpyEAiiYZ1FjMncA1V2AltLQIh
Xe3bxmWHyaT8OeIF8Q/vMOMmgbxAYll1iuNYH94iPas8UKci9eEV0/W8s2UUBO0g
EFQPMiXq4QH3ESU1nc+VisTme8rSZJhuZCVBAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUEZv7koXZ0cck7KFQHMrGM8kC5iswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9FWnY3a29YWjBjY2s3S0ZRSE1yR004a0M1aXMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL8wDQYJKoZIhvcNAQELBQADggEB
AFka29CgKysjllUuI3I/u7V4nHedbesCY+jPhj+PUdq8of3GdisgA/4Vj0J3Q2KY
1acCjzgR2LwNygmgc98Pq5B6Yqcna3TpxuzErrIpNoOVZNYqa0z0QgKdJnjnx/3Z
H1uA8DLSTE3xdki6wiG9RNwyzcXX8/UCvTwmPpnZXDaH648fBylTUEg/HIuaZMqi
y7AFzeNdmm+bdgaBoijedMh+a8kQYfjcY++tkja4sDvBvCpTUJACE6K5CxpAVHXB
c44vmQGTahIxbdxlhYGRZ2SzB/NuhW9v7Pk+rvqIlJBd7GAwDI4hgL4oOh7ZxjYf
O4SXG1wcm3b6zV66hOAa4OA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org