Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/YKHFsAVVqYF-2rF5cDq0TnXUqhg.roa
File: YKHFsAVVqYF-2rF5cDq0TnXUqhg.roa (raw, json)
Hash identifier: GmspxSklcXphfuS4ct0rNoME5oNPT3CnIlwg4XUiwTI=
Subject key identifier: 60:A1:C5:B0:05:55:A9:81:7E:DA:B1:79:70:3A:B4:4E:75:D4:AA:18
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4480
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/YKHFsAVVqYF-2rF5cDq0TnXUqhg.roa
Signing time: Fri 11 Mar 2022 00:36:57 +0000
ROA not before: Fri 11 Mar 2022 00:36:57 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17536 (0x4480)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 11 00:36:57 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=60A1C5B00555A9817EDAB179703AB44E75D4AA18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b8:05:32:eb:52:bd:2c:05:f8:c7:40:99:1c:
d5:61:88:99:1f:d2:f8:4d:69:dd:5b:f6:7f:c5:c6:
de:97:ff:60:03:15:66:5c:55:11:21:2b:b3:06:0e:
91:4e:2a:6a:58:b1:1f:42:d0:b3:2f:c4:c1:e1:dc:
33:59:d7:22:cb:9e:4c:4f:d6:bc:bd:6c:bf:0d:69:
e9:f8:19:ad:d0:b4:24:1f:8b:60:79:0d:3a:79:23:
90:4c:ee:12:96:64:86:06:26:61:c5:6e:4f:38:76:
d3:6c:76:8d:ce:11:4f:08:07:ac:7e:4d:f5:56:60:
27:a1:4a:63:b7:5b:34:bc:d5:2e:5b:98:a2:3d:19:
16:e5:8d:be:7c:f4:75:5d:53:b3:50:a8:ea:31:40:
f4:e3:9e:76:f0:a6:60:b0:9e:42:db:03:2c:64:0b:
01:86:b2:18:09:39:f1:a9:c4:4a:76:8c:bd:a6:a5:
26:0f:b2:19:1c:f7:62:f6:fd:46:09:88:c5:c5:25:
0a:2f:fb:28:12:f2:84:d6:f5:63:d2:bb:91:1a:33:
19:f9:f1:7e:f7:fc:d4:73:e6:a5:e7:26:04:9b:4f:
81:17:1e:ca:51:c6:f6:be:cf:7f:b1:69:ca:8b:34:
0c:a1:32:3f:ca:a9:6d:b5:71:04:b9:bb:b0:2f:84:
09:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A1:C5:B0:05:55:A9:81:7E:DA:B1:79:70:3A:B4:4E:75:D4:AA:18
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/YKHFsAVVqYF-2rF5cDq0TnXUqhg.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:05:5a:ec:71:b4:4e:91:6d:38:26:7c:e0:35:80:f7:f9:a7:
d4:b3:58:ce:01:be:5d:ab:12:53:f5:4a:13:e1:4e:cc:86:ac:
d7:3f:ac:f7:3e:72:b6:e0:51:ae:e0:58:61:ee:a4:a5:f2:2e:
ae:eb:52:69:bf:e1:df:36:19:68:07:8c:65:bb:4d:89:b0:80:
03:8f:09:a3:d3:c7:27:8f:71:ba:04:9c:cf:97:c5:91:08:72:
32:4c:39:2b:f3:38:c3:b8:bc:1e:9b:93:8e:75:34:80:e8:df:
32:6f:59:e5:8c:82:5c:82:ce:06:25:f6:c0:e5:5b:a9:90:cc:
70:a3:9a:c4:17:8f:76:85:8d:52:1d:43:33:b5:d5:d2:d1:d0:
5c:eb:62:95:76:bc:aa:df:28:fe:fa:dd:fe:4d:c1:00:be:9d:
48:13:3e:80:4c:50:05:e9:d0:45:b2:51:35:6b:4c:a4:d1:0e:
a7:74:20:92:b9:74:db:4e:4e:7e:b5:0a:d6:08:fa:fe:29:0c:
6b:f2:98:b4:5c:20:c7:6e:41:43:2d:07:41:ed:72:34:d9:2a:
9b:e7:d6:7c:0e:27:29:ef:f8:22:f9:48:bf:36:5e:6b:08:9a:
a1:43:d9:42:b5:7e:3e:d3:4e:e8:cb:a0:8e:5f:31:25:6d:c5:
20:3d:79:01
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRIAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTEw
MDM2NTdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDYwQTFDNUIwMDU1NUE5
ODE3RURBQjE3OTcwM0FCNDRFNzVENEFBMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDauAUy61K9LAX4x0CZHNVhiJkf0vhNad1b9n/Fxt6X/2ADFWZc
VREhK7MGDpFOKmpYsR9C0LMvxMHh3DNZ1yLLnkxP1ry9bL8Naen4Ga3QtCQfi2B5
DTp5I5BM7hKWZIYGJmHFbk84dtNsdo3OEU8IB6x+TfVWYCehSmO3WzS81S5bmKI9
GRbljb589HVdU7NQqOoxQPTjnnbwpmCwnkLbAyxkCwGGshgJOfGpxEp2jL2mpSYP
shkc92L2/UYJiMXFJQov+ygS8oTW9WPSu5EaMxn58X73/NRz5qXnJgSbT4EXHspR
xva+z3+xacqLNAyhMj/KqW21cQS5u7AvhAmHAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUYKHFsAVVqYF+2rF5cDq0TnXUqhgwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ZS0hGc0FWVnFZRi0yckY1Y0RxMFRuWFVxaGcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AAsFWuxxtE6RbTgmfOA1gPf5p9SzWM4Bvl2rElP1ShPhTsyGrNc/rPc+crbgUa7g
WGHupKXyLq7rUmm/4d82GWgHjGW7TYmwgAOPCaPTxyePcboEnM+XxZEIcjJMOSvz
OMO4vB6bk451NIDo3zJvWeWMglyCzgYl9sDlW6mQzHCjmsQXj3aFjVIdQzO11dLR
0FzrYpV2vKrfKP763f5NwQC+nUgTPoBMUAXp0EWyUTVrTKTRDqd0IJK5dNtOTn61
CtYI+v4pDGvymLRcIMduQUMtB0HtcjTZKpvn1nwOJynv+CL5SL82XmsImqFD2UK1
fj7TTujLoI5fMSVtxSA9eQE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org