Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/PaBqbGyeZaKG5TRxySql5szakSM.roa
File: PaBqbGyeZaKG5TRxySql5szakSM.roa (raw, json)
Hash identifier: 1HjYAacF17kF/5FtMdXN28yx7hrRYRcKbsZHogiHank=
Subject key identifier: 3D:A0:6A:6C:6C:9E:65:A2:86:E5:34:71:C9:2A:A5:E6:CC:DA:91:23
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4244
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/PaBqbGyeZaKG5TRxySql5szakSM.roa
Signing time: Sat 29 Jan 2022 00:30:06 +0000
ROA not before: Sat 29 Jan 2022 00:30:06 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 45.132.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16964 (0x4244)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jan 29 00:30:06 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=3DA06A6C6C9E65A286E53471C92AA5E6CCDA9123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:22:76:4f:19:47:3a:04:4f:4d:32:49:90:08:
81:47:67:d2:0c:90:72:8d:07:92:a3:93:b2:0b:b2:
30:38:80:1a:36:a3:05:dd:54:06:19:57:ed:82:d6:
f1:2b:e9:0a:29:81:c2:76:f4:84:77:5c:e4:ee:4c:
57:72:e1:d0:d6:5e:23:9a:0e:b1:78:18:10:ae:92:
44:6e:e7:ac:8a:c5:47:38:2a:95:74:5a:b4:05:9c:
d9:a4:7c:0c:ce:3e:69:74:d8:a7:ac:e9:77:1a:02:
0c:16:e6:09:6e:27:9a:d2:00:c3:03:4a:9b:31:d9:
ea:63:3f:d9:9a:40:7c:a1:e9:a0:04:4a:da:e6:46:
5d:d5:0f:91:dc:09:6d:c4:53:3b:56:ff:ee:2a:d2:
11:c2:46:ba:88:72:09:a5:31:a1:76:cc:0d:16:67:
47:1b:de:ee:e0:b5:2e:ad:54:72:90:e1:a0:fb:13:
18:e0:5b:f7:16:29:9f:c2:1b:9d:ea:1c:f3:73:9c:
ff:03:99:fd:8b:2b:f0:c8:b1:5a:3e:76:6b:c8:59:
6c:e9:19:68:f3:21:f6:f9:7e:ce:38:df:5f:07:40:
84:79:3b:9b:fe:1b:1c:84:70:1f:16:c7:9f:c3:cd:
0a:84:1e:b9:fa:d0:eb:c9:63:77:b9:27:20:ba:15:
37:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A0:6A:6C:6C:9E:65:A2:86:E5:34:71:C9:2A:A5:E6:CC:DA:91:23
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/PaBqbGyeZaKG5TRxySql5szakSM.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.191.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:03:41:d3:02:04:5b:34:9d:91:20:dd:f0:9d:ba:35:0b:75:
63:c1:4d:01:c6:57:82:97:2b:4c:4e:5d:a9:ec:a7:66:fa:b5:
0a:b2:42:71:7c:a5:6c:39:e7:65:5b:56:87:10:9f:58:e2:38:
d9:ca:47:29:3d:72:a1:1f:5a:43:b8:71:cd:5a:ae:b2:9d:da:
e0:17:ca:17:0c:f9:25:12:19:7f:06:69:cd:9e:22:63:1b:65:
6e:97:c2:4d:c7:1a:47:af:40:ed:23:56:b3:d0:b5:9f:9d:57:
9d:88:65:be:92:3d:ab:4c:03:63:2b:01:3e:1f:15:57:52:aa:
86:f1:a1:a4:5d:30:a6:a8:83:c3:71:2c:ed:41:81:90:8c:ff:
8e:f2:c6:e6:35:87:8c:92:c8:ac:45:fb:1c:a7:ed:38:0f:8b:
24:4f:36:7a:4d:6e:43:c4:a3:9e:a4:a8:b4:4f:85:2e:31:d4:
0a:c2:22:cd:d9:52:d7:70:6f:8a:35:b2:b7:d6:80:58:bd:9f:
bc:ad:fa:f3:22:86:f2:94:ec:1e:53:13:1b:9f:fc:2e:17:e5:
54:04:3b:d3:be:d1:18:92:d8:5d:ab:ae:07:c3:38:e5:f5:07:
0e:ff:7d:3b:37:e2:ec:0d:e9:60:05:c5:63:c4:43:36:30:a6:
13:86:4a:3f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQkQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAxMjkw
MDMwMDZaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDNEQTA2QTZDNkM5RTY1
QTI4NkU1MzQ3MUM5MkFBNUU2Q0NEQTkxMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkInZPGUc6BE9NMkmQCIFHZ9IMkHKNB5Kjk7ILsjA4gBo2owXd
VAYZV+2C1vEr6QopgcJ29IR3XOTuTFdy4dDWXiOaDrF4GBCukkRu56yKxUc4KpV0
WrQFnNmkfAzOPml02Kes6XcaAgwW5gluJ5rSAMMDSpsx2epjP9maQHyh6aAEStrm
Rl3VD5HcCW3EUztW/+4q0hHCRrqIcgmlMaF2zA0WZ0cb3u7gtS6tVHKQ4aD7Exjg
W/cWKZ/CG53qHPNznP8Dmf2LK/DIsVo+dmvIWWzpGWjzIfb5fs44318HQIR5O5v+
GxyEcB8Wx5/DzQqEHrn60OvJY3e5JyC6FTcRAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUPaBqbGyeZaKG5TRxySql5szakSMwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9QYUJxYkd5ZVphS0c1VFJ4eVNxbDVzemFrU00ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL8wDQYJKoZIhvcNAQELBQADggEB
ACwDQdMCBFs0nZEg3fCdujULdWPBTQHGV4KXK0xOXansp2b6tQqyQnF8pWw552Vb
VocQn1jiONnKRyk9cqEfWkO4cc1arrKd2uAXyhcM+SUSGX8Gac2eImMbZW6Xwk3H
GkevQO0jVrPQtZ+dV52IZb6SPatMA2MrAT4fFVdSqobxoaRdMKaog8NxLO1BgZCM
/47yxuY1h4ySyKxF+xyn7TgPiyRPNnpNbkPEo56kqLRPhS4x1ArCIs3ZUtdwb4o1
srfWgFi9n7yt+vMihvKU7B5TExuf/C4X5VQEO9O+0RiS2F2rrgfDOOX1Bw7/fTs3
4uwN6WAFxWPEQzYwphOGSj8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org