Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/NWkGOFMTRpRkq2qRd1CSD7Md0ko.roa
File: NWkGOFMTRpRkq2qRd1CSD7Md0ko.roa (raw, json)
Hash identifier: KgnKMbsB9en3PUdPRgKQ5qug1mHMLHz86MoFO+2tMq0=
Subject key identifier: 35:69:06:38:53:13:46:94:64:AB:6A:91:77:50:92:0F:B3:1D:D2:4A
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 42C2
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NWkGOFMTRpRkq2qRd1CSD7Md0ko.roa
Signing time: Mon 07 Feb 2022 00:30:07 +0000
ROA not before: Mon 07 Feb 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 45.132.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17090 (0x42c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 7 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=356906385313469464AB6A917750920FB31DD24A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e2:d3:6b:64:d9:05:01:55:07:b1:7e:f2:cd:
48:0c:14:a4:3c:83:90:3c:2b:1e:6e:e3:61:d3:86:
c1:0d:cc:af:29:8b:20:82:11:d3:a8:35:89:2e:c2:
f1:aa:c1:46:e4:2f:21:3a:fe:1b:3c:7a:5f:93:a4:
f1:69:5d:fc:99:19:73:17:ce:d9:c9:ad:5e:e4:49:
6d:0e:8b:3a:22:0d:81:cd:d9:aa:95:1d:b2:af:ee:
dc:6b:50:c5:81:90:66:9f:c5:2c:e0:b1:bf:f9:21:
9d:3f:1f:c8:e6:d9:c1:3c:3f:63:69:04:19:1b:25:
63:61:29:b6:e6:93:09:ee:21:ad:87:0e:97:a8:07:
32:52:30:b9:45:f6:d6:38:d7:71:11:52:5e:06:51:
50:10:78:a0:9d:ac:b8:76:d5:51:9b:e3:e1:00:71:
59:55:14:ce:a4:a1:6f:f4:3d:13:d0:22:7a:86:65:
55:7a:16:38:a5:4f:07:08:8f:35:87:3b:2a:c9:6b:
16:b9:30:b1:3e:67:46:d8:ab:41:3f:52:96:0b:2e:
6c:ed:fd:0a:9f:07:32:34:2f:81:7b:3a:ed:8c:a6:
08:d6:1c:0d:1f:6c:5b:50:02:8c:fa:5e:79:f3:1b:
6e:ba:9c:60:c4:82:ca:7e:d2:bf:12:91:2f:3f:69:
84:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:69:06:38:53:13:46:94:64:AB:6A:91:77:50:92:0F:B3:1D:D2:4A
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NWkGOFMTRpRkq2qRd1CSD7Md0ko.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.191.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:98:1f:bb:fe:4d:43:77:9a:7d:f1:4e:d2:4f:4b:2c:3b:4b:
62:e0:26:c2:ad:4b:8f:d6:c6:e0:d3:db:e8:c2:f9:78:3c:44:
ab:46:3d:3d:01:60:67:c7:e2:32:0a:5a:c0:8e:39:97:b7:ec:
e6:64:19:de:1a:21:e8:54:2c:bb:a1:9a:df:d7:ed:b7:82:7c:
6c:d3:d8:2f:ba:0d:77:b8:55:4e:d4:0b:42:f7:b1:82:ef:e9:
07:aa:dc:50:f3:c4:e2:11:11:f2:d0:33:9d:f3:1d:77:4c:f2:
44:fa:dd:84:0b:9e:7b:cd:d9:3f:5f:ca:e3:5a:58:fd:4e:21:
d8:08:8f:59:56:74:8a:5a:77:cc:1a:6a:dc:1d:f8:8a:88:58:
c5:29:e5:14:ad:24:f1:af:9e:10:f9:d2:8b:5d:91:58:6a:eb:
8b:e1:45:9a:c2:45:15:17:f8:2d:5a:48:b8:57:0d:0d:2c:e1:
b7:f7:f1:eb:51:28:9b:4a:4c:9a:62:d8:77:88:80:3c:5e:1d:
01:c3:68:8d:0d:14:7e:3a:75:7d:23:cf:40:1f:b9:24:93:b3:
1b:a3:d3:b0:41:69:8c:33:86:86:5c:d3:5f:b3:6f:ce:cd:c5:
b5:74:2d:c8:42:75:db:a2:5e:4e:00:8d:f9:1c:04:4f:63:52:
1b:8d:45:28
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQsIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDcw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDM1NjkwNjM4NTMxMzQ2
OTQ2NEFCNkE5MTc3NTA5MjBGQjMxREQyNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE4tNrZNkFAVUHsX7yzUgMFKQ8g5A8Kx5u42HThsENzK8piyCC
EdOoNYkuwvGqwUbkLyE6/hs8el+TpPFpXfyZGXMXztnJrV7kSW0OizoiDYHN2aqV
HbKv7txrUMWBkGafxSzgsb/5IZ0/H8jm2cE8P2NpBBkbJWNhKbbmkwnuIa2HDpeo
BzJSMLlF9tY413ERUl4GUVAQeKCdrLh21VGb4+EAcVlVFM6koW/0PRPQInqGZVV6
FjilTwcIjzWHOyrJaxa5MLE+Z0bYq0E/UpYLLmzt/QqfBzI0L4F7Ou2MpgjWHA0f
bFtQAoz6XnnzG266nGDEgsp+0r8SkS8/aYQzAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUNWkGOFMTRpRkq2qRd1CSD7Md0kowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9OV2tHT0ZNVFJwUmtxMnFSZDFDU0Q3TWQwa28ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL8wDQYJKoZIhvcNAQELBQADggEB
ABuYH7v+TUN3mn3xTtJPSyw7S2LgJsKtS4/WxuDT2+jC+Xg8RKtGPT0BYGfH4jIK
WsCOOZe37OZkGd4aIehULLuhmt/X7beCfGzT2C+6DXe4VU7UC0L3sYLv6Qeq3FDz
xOIREfLQM53zHXdM8kT63YQLnnvN2T9fyuNaWP1OIdgIj1lWdIpad8waatwd+IqI
WMUp5RStJPGvnhD50otdkVhq64vhRZrCRRUX+C1aSLhXDQ0s4bf38etRKJtKTJpi
2HeIgDxeHQHDaI0NFH46dX0jz0AfuSSTsxuj07BBaYwzhoZc01+zb87NxbV0LchC
dduiXk4AjfkcBE9jUhuNRSg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org