Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/NtXbelqFfRrACNAdGDx86ztMi2M.roa
File: NtXbelqFfRrACNAdGDx86ztMi2M.roa (raw, json)
Hash identifier: 2hraAhfatd8zPrmRMaykfZrYX5w+KG77ncxHs4rewlM=
Subject key identifier: 36:D5:DB:7A:5A:85:7D:1A:C0:08:D0:1D:18:3C:7C:EB:3B:4C:8B:63
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 494C
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NtXbelqFfRrACNAdGDx86ztMi2M.roa
Signing time: Sat 04 Jun 2022 00:30:08 +0000
ROA not before: Sat 04 Jun 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 45.132.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18764 (0x494c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 4 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=36D5DB7A5A857D1AC008D01D183C7CEB3B4C8B63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:c5:a1:e1:85:30:c8:de:e1:a3:f3:57:5b:a1:
25:f6:48:b7:28:61:ed:fd:7c:90:50:1b:76:6a:21:
06:eb:4b:cb:af:99:c5:1e:b7:43:7f:42:a8:56:60:
de:26:94:af:9b:3f:fb:0a:bb:e5:4d:64:6c:0a:ed:
32:67:c1:03:a3:ff:36:45:d0:e6:83:4a:e6:45:83:
1b:d8:ee:ec:d7:be:8a:35:03:ed:35:48:9b:3c:be:
f0:55:46:63:1a:ac:08:dd:1a:68:d0:ed:87:b7:e8:
6a:d4:f1:65:9e:6d:28:ef:3f:27:5e:5d:dd:e1:cd:
9f:e0:00:b3:32:56:2d:89:98:27:4b:ee:4d:a8:3e:
fa:ef:19:8c:2f:30:89:73:56:41:ee:87:04:e3:4e:
5c:97:2a:e2:e5:06:9f:76:a0:30:ba:e7:cb:74:72:
6e:0c:2f:43:47:8e:9b:47:b0:c6:92:89:a4:bc:3a:
f6:50:93:d2:3e:29:12:b1:c2:d5:03:3a:87:aa:1b:
75:28:52:a4:ae:9d:1b:82:03:b7:5e:d6:63:fb:8a:
cd:22:5b:5c:69:94:b7:05:39:56:87:e3:bd:70:16:
c2:11:62:03:42:e1:81:81:4b:a7:ae:7d:23:e5:c4:
1f:ed:9d:35:ca:28:69:4e:2d:13:ff:fa:b8:eb:10:
b5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D5:DB:7A:5A:85:7D:1A:C0:08:D0:1D:18:3C:7C:EB:3B:4C:8B:63
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NtXbelqFfRrACNAdGDx86ztMi2M.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.188.0/24
Signature Algorithm: sha256WithRSAEncryption
68:c1:c1:af:29:28:98:c6:bf:6d:b2:da:8a:86:2b:ec:86:fd:
7e:cb:d4:f5:5a:5a:d7:95:b1:72:bc:2b:c7:6f:c4:ca:e2:e0:
28:c4:f4:e5:9e:e2:fb:cb:29:70:4d:fc:e6:3a:2a:1d:cd:66:
ce:54:5c:36:e7:01:64:3a:eb:fd:73:fd:7b:85:13:57:fc:22:
84:9d:a3:d3:fc:8f:0a:38:3b:63:95:3f:36:1d:76:98:65:85:
98:ff:50:9f:98:f4:38:77:c4:f6:c7:31:90:09:0e:aa:cf:a6:
09:69:84:50:42:fb:69:57:75:60:aa:d9:16:49:cf:6d:eb:c4:
14:14:1c:a5:0b:96:35:6f:d8:d3:8d:eb:94:88:e3:6e:b2:bd:
4b:07:4c:09:61:75:85:6f:91:9c:50:4c:d2:27:13:e6:6d:71:
4a:93:0f:67:95:68:19:d2:b1:a6:3e:eb:8e:62:22:48:1f:84:
e4:d7:f8:98:71:a5:c7:a6:b4:24:f2:2f:97:e7:2a:32:9a:c9:
58:f3:c7:11:04:de:e2:7c:52:51:39:c5:44:ab:e6:4a:98:81:
89:33:ae:dc:f6:e6:f0:fb:54:85:90:a9:57:49:13:46:95:96:
a5:11:73:46:5b:b6:b4:b1:e2:b6:11:b1:ae:1b:7d:6b:24:88:
d2:a8:bf:49
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSUwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDQw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDM2RDVEQjdBNUE4NTdE
MUFDMDA4RDAxRDE4M0M3Q0VCM0I0QzhCNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwxaHhhTDI3uGj81dboSX2SLcoYe39fJBQG3ZqIQbrS8uvmcUe
t0N/QqhWYN4mlK+bP/sKu+VNZGwK7TJnwQOj/zZF0OaDSuZFgxvY7uzXvoo1A+01
SJs8vvBVRmMarAjdGmjQ7Ye36GrU8WWebSjvPydeXd3hzZ/gALMyVi2JmCdL7k2o
PvrvGYwvMIlzVkHuhwTjTlyXKuLlBp92oDC658t0cm4ML0NHjptHsMaSiaS8OvZQ
k9I+KRKxwtUDOoeqG3UoUqSunRuCA7de1mP7is0iW1xplLcFOVaH471wFsIRYgNC
4YGBS6eufSPlxB/tnTXKKGlOLRP/+rjrELUFAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUNtXbelqFfRrACNAdGDx86ztMi2MwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9OdFhiZWxxRmZSckFDTkFkR0R4ODZ6dE1pMk0ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthLwwDQYJKoZIhvcNAQELBQADggEB
AGjBwa8pKJjGv22y2oqGK+yG/X7L1PVaWteVsXK8K8dvxMri4CjE9OWe4vvLKXBN
/OY6Kh3NZs5UXDbnAWQ66/1z/XuFE1f8IoSdo9P8jwo4O2OVPzYddphlhZj/UJ+Y
9Dh3xPbHMZAJDqrPpglphFBC+2lXdWCq2RZJz23rxBQUHKULljVv2NON65SI426y
vUsHTAlhdYVvkZxQTNInE+ZtcUqTD2eVaBnSsaY+645iIkgfhOTX+JhxpcemtCTy
L5fnKjKayVjzxxEE3uJ8UlE5xUSr5kqYgYkzrtz25vD7VIWQqVdJE0aVlqURc0Zb
trSx4rYRsa4bfWskiNKov0k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org