Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/L3TkxQkbXqpYC735BHtwG8LcLiw.roa
File: L3TkxQkbXqpYC735BHtwG8LcLiw.roa (raw, json)
Hash identifier: LibiTsnvxfCq9z8WwWo18gtmc7wbe3ZQxy6qGcCWJ2w=
Subject key identifier: 2F:74:E4:C5:09:1B:5E:AA:58:0B:BD:F9:04:7B:70:1B:C2:DC:2E:2C
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4678
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/L3TkxQkbXqpYC735BHtwG8LcLiw.roa
Signing time: Sat 16 Apr 2022 00:30:06 +0000
ROA not before: Sat 16 Apr 2022 00:30:06 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18040 (0x4678)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 16 00:30:06 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=2F74E4C5091B5EAA580BBDF9047B701BC2DC2E2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a2:f5:b8:0e:69:96:b9:1c:94:52:31:d6:9f:
60:1a:61:eb:9f:3d:d6:b6:05:6a:d5:78:5b:c5:63:
58:9f:71:e4:93:27:94:98:22:d9:4a:e0:52:88:eb:
31:fb:0a:e9:c4:74:4b:22:41:70:f1:44:c2:65:7c:
33:fd:eb:f1:45:ab:74:3d:20:7b:fa:db:7e:68:c6:
31:4f:6a:95:0d:fd:cf:70:17:62:80:9f:44:84:98:
7e:14:08:00:c1:cb:d3:1e:2c:76:3f:d9:12:71:d1:
16:40:2c:66:ff:40:e6:2a:b2:5b:14:65:86:46:82:
25:a9:a5:ca:9d:02:d0:72:b3:d1:47:d4:3f:2d:88:
42:67:70:a8:84:5a:e2:2f:0c:39:01:dc:e4:a8:e6:
6f:7a:7b:7d:f1:a3:4d:4a:19:18:32:66:6b:05:40:
37:83:74:d9:5d:4e:65:b7:7a:21:bf:4c:d8:fc:dc:
68:9d:bd:c4:41:6c:52:95:6e:7e:3e:e9:8a:9c:e2:
2d:f9:65:43:77:38:8e:1f:be:ee:3b:09:be:22:8c:
91:c4:86:d6:9f:b8:b6:dc:ff:be:1d:7a:3b:6c:3b:
13:66:82:1c:fc:48:0c:68:81:0c:0e:c7:09:1f:32:
ff:32:bd:2b:2b:65:4c:cc:18:09:8e:44:96:d5:e0:
6c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:74:E4:C5:09:1B:5E:AA:58:0B:BD:F9:04:7B:70:1B:C2:DC:2E:2C
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/L3TkxQkbXqpYC735BHtwG8LcLiw.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:b6:83:67:8b:3a:80:ad:11:de:6f:df:dc:20:0f:dc:6c:9c:
cc:19:49:7b:12:ae:03:16:19:8c:ee:f0:be:a0:74:40:9a:cb:
ca:4c:84:59:7a:2c:4d:50:d2:2a:d9:cf:59:94:b0:d2:da:9d:
17:52:d7:7c:7e:92:c0:4d:85:42:41:80:6f:ca:45:fa:e1:21:
30:ae:56:1e:53:a1:da:3b:07:ef:5e:eb:b0:c3:89:9b:da:c7:
9f:47:d8:bd:50:5c:35:cc:ee:cd:e3:9b:23:e4:60:52:38:4b:
12:e5:d8:3e:40:32:09:c1:ee:e0:93:de:a0:84:03:8a:34:3f:
e9:e0:92:d8:25:5b:27:20:5c:16:a8:70:35:a8:1f:6c:2a:39:
21:8d:fb:d0:c3:0b:af:0d:11:a8:dc:14:de:96:55:9a:17:17:
74:b9:2c:ab:65:e5:ea:df:d8:7b:c7:da:68:17:c7:a6:f5:e4:
c4:9d:f0:f5:0a:4f:ae:1e:91:a2:12:2d:26:41:9d:93:82:e8:
fc:9e:70:f0:27:31:b9:90:2e:92:25:56:f3:74:63:0e:71:09:
c0:11:b5:be:42:0c:8e:c0:ca:e9:8e:50:e4:22:27:1d:fb:d0:
4e:c3:80:c0:18:5e:3a:e3:21:97:53:f9:60:c1:61:4a:05:cf:
e8:b9:22:66
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRngwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MTYw
MDMwMDZaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDJGNzRFNEM1MDkxQjVF
QUE1ODBCQkRGOTA0N0I3MDFCQzJEQzJFMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQovW4DmmWuRyUUjHWn2AaYeufPda2BWrVeFvFY1ifceSTJ5SY
ItlK4FKI6zH7CunEdEsiQXDxRMJlfDP96/FFq3Q9IHv6235oxjFPapUN/c9wF2KA
n0SEmH4UCADBy9MeLHY/2RJx0RZALGb/QOYqslsUZYZGgiWppcqdAtBys9FH1D8t
iEJncKiEWuIvDDkB3OSo5m96e33xo01KGRgyZmsFQDeDdNldTmW3eiG/TNj83Gid
vcRBbFKVbn4+6Yqc4i35ZUN3OI4fvu47Cb4ijJHEhtafuLbc/74dejtsOxNmghz8
SAxogQwOxwkfMv8yvSsrZUzMGAmORJbV4GwbAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUL3TkxQkbXqpYC735BHtwG8LcLiwwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9MM1RreFFrYlhxcFlDNzM1Qkh0d0c4TGNMaXcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
ALW2g2eLOoCtEd5v39wgD9xsnMwZSXsSrgMWGYzu8L6gdECay8pMhFl6LE1Q0irZ
z1mUsNLanRdS13x+ksBNhUJBgG/KRfrhITCuVh5Todo7B+9e67DDiZvax59H2L1Q
XDXM7s3jmyPkYFI4SxLl2D5AMgnB7uCT3qCEA4o0P+ngktglWycgXBaocDWoH2wq
OSGN+9DDC68NEajcFN6WVZoXF3S5LKtl5erf2HvH2mgXx6b15MSd8PUKT64ekaIS
LSZBnZOC6PyecPAnMbmQLpIlVvN0Yw5xCcARtb5CDI7AyumOUOQiJx370E7DgMAY
XjrjIZdT+WDBYUoFz+i5ImY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org