Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/NP1bvG2ghXLr-YqKACMDp--TZB8.roa
File: NP1bvG2ghXLr-YqKACMDp--TZB8.roa (raw, json)
Hash identifier: XHmWO4TldX3KE03HzFUYApX0b13JHbaxwixA5vWOxaA=
Subject key identifier: 34:FD:5B:BC:6D:A0:85:72:EB:F9:8A:8A:00:23:03:A7:EF:93:64:1F
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4464
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NP1bvG2ghXLr-YqKACMDp--TZB8.roa
Signing time: Wed 09 Mar 2022 00:36:48 +0000
ROA not before: Wed 09 Mar 2022 00:36:48 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17508 (0x4464)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 9 00:36:48 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=34FD5BBC6DA08572EBF98A8A002303A7EF93641F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9d:3c:e0:11:84:1f:78:4e:40:7a:70:22:86:
9b:e3:69:05:0c:d6:d9:f2:0a:af:8d:7f:99:01:31:
52:30:a0:3a:54:7c:6a:85:cc:50:48:8b:5a:3f:14:
a5:b8:06:c1:75:52:64:47:11:32:04:1c:2b:19:ae:
a8:31:bd:15:da:e3:dd:bf:45:82:36:d0:94:ee:f7:
4e:6b:ac:f8:6d:ec:a8:1b:e2:39:f4:9d:1f:39:23:
10:ee:63:0a:c4:d2:07:3a:71:46:f0:99:5a:be:40:
c4:59:4d:a7:8f:61:9d:3e:77:72:a2:e3:a5:c6:64:
c8:0b:9a:2c:29:0b:de:e6:55:27:39:a9:32:ab:99:
8e:6c:4b:a9:aa:48:18:d6:0f:5d:fd:be:12:52:8c:
ac:26:86:0f:5c:ed:92:24:75:48:93:75:f8:a2:2b:
ae:42:34:d8:c6:05:d5:80:c2:7f:b9:b8:e6:7e:31:
b7:49:c0:52:83:9c:eb:7c:25:ef:38:ea:29:ff:1e:
6e:d3:3c:ab:f4:90:3b:21:bd:d2:2c:b1:b8:83:b5:
29:0f:c9:80:c5:9b:6b:a4:ce:60:42:d1:aa:7b:cc:
5d:24:cc:30:0f:70:1f:f0:b7:18:b7:02:75:b1:20:
ed:89:45:aa:f8:07:4d:7a:5b:5f:0c:04:a3:03:1e:
58:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:FD:5B:BC:6D:A0:85:72:EB:F9:8A:8A:00:23:03:A7:EF:93:64:1F
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NP1bvG2ghXLr-YqKACMDp--TZB8.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:97:7d:0c:77:1d:bb:b0:f2:90:0a:43:f7:5f:2c:be:2f:21:
bf:63:47:42:4f:90:fa:d9:06:70:1e:21:f6:0f:84:77:17:76:
ad:96:85:90:56:24:b4:06:43:cf:c3:76:0e:88:d3:f1:85:a9:
25:00:b6:09:1f:4f:50:58:37:c9:d5:b5:78:ea:e8:c7:44:c4:
55:6b:e3:34:7e:7f:3b:14:f0:8b:a4:2e:a3:6b:3e:18:ae:e5:
92:e1:d1:5d:c6:55:97:48:fa:9a:f7:d6:b1:89:01:a7:c6:5c:
f8:93:27:fb:f3:cc:f0:9d:aa:c8:9e:ca:de:a1:d5:d2:46:de:
fd:86:0e:08:e6:c0:d3:ba:9b:29:07:3a:0b:3e:66:f4:b3:43:
bb:56:65:55:30:28:64:9d:97:c7:01:60:c2:2a:95:ed:97:1a:
f3:1b:9d:7a:10:ee:b9:44:4e:99:fa:e1:2b:0c:c2:77:f5:69:
09:fb:f4:d8:49:dc:6e:1f:c4:94:79:76:74:e4:5d:47:fc:9f:
88:db:2f:16:30:3e:b3:35:b1:78:ec:03:05:67:7b:94:c7:9d:
8c:eb:ee:01:e8:38:f0:d3:1c:79:7a:2b:f6:7c:80:81:ca:47:
f0:3d:cc:a8:aa:40:10:60:dc:71:a1:17:a8:1b:a5:34:53:7f:
4f:88:bb:8a
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRGQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDkw
MDM2NDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDM0RkQ1QkJDNkRBMDg1
NzJFQkY5OEE4QTAwMjMwM0E3RUY5MzY0MUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEnTzgEYQfeE5AenAihpvjaQUM1tnyCq+Nf5kBMVIwoDpUfGqF
zFBIi1o/FKW4BsF1UmRHETIEHCsZrqgxvRXa492/RYI20JTu905rrPht7Kgb4jn0
nR85IxDuYwrE0gc6cUbwmVq+QMRZTaePYZ0+d3Ki46XGZMgLmiwpC97mVSc5qTKr
mY5sS6mqSBjWD139vhJSjKwmhg9c7ZIkdUiTdfiiK65CNNjGBdWAwn+5uOZ+MbdJ
wFKDnOt8Je846in/Hm7TPKv0kDshvdIssbiDtSkPyYDFm2ukzmBC0ap7zF0kzDAP
cB/wtxi3AnWxIO2JRar4B016W18MBKMDHljLAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUNP1bvG2ghXLr+YqKACMDp++TZB8wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9OUDFidkcyZ2hYTHItWXFLQUNNRHAtLVRaQjgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
ALaXfQx3Hbuw8pAKQ/dfLL4vIb9jR0JPkPrZBnAeIfYPhHcXdq2WhZBWJLQGQ8/D
dg6I0/GFqSUAtgkfT1BYN8nVtXjq6MdExFVr4zR+fzsU8IukLqNrPhiu5ZLh0V3G
VZdI+pr31rGJAafGXPiTJ/vzzPCdqsieyt6h1dJG3v2GDgjmwNO6mykHOgs+ZvSz
Q7tWZVUwKGSdl8cBYMIqle2XGvMbnXoQ7rlETpn64SsMwnf1aQn79NhJ3G4fxJR5
dnTkXUf8n4jbLxYwPrM1sXjsAwVne5THnYzr7gHoOPDTHHl6K/Z8gIHKR/A9zKiq
QBBg3HGhF6gbpTRTf0+Iu4o=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org