Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/fXMFeWN7hnqxblxcIfQ8pLJ-_Zs.roa
File: fXMFeWN7hnqxblxcIfQ8pLJ-_Zs.roa (raw, json)
Hash identifier: ofGqK9p9fdXcxmJ72K0dOlU9w7gq6ZCDCmD/onyZCf4=
Subject key identifier: 7D:73:05:79:63:7B:86:7A:B1:6E:5C:5C:21:F4:3C:A4:B2:7E:FD:9B
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4336
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/fXMFeWN7hnqxblxcIfQ8pLJ-_Zs.roa
Signing time: Tue 15 Feb 2022 00:30:08 +0000
ROA not before: Tue 15 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17206 (0x4336)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 15 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=7D730579637B867AB16E5C5C21F43CA4B27EFD9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8f:9a:a1:2d:5b:06:c3:41:2d:86:94:23:0c:
fa:81:0c:dc:b8:02:54:a7:ec:8d:a0:68:4c:c3:f6:
16:4a:ec:be:e6:90:fa:35:5e:ed:b2:aa:38:e4:b2:
cc:99:11:84:a8:1e:fd:fe:31:2d:fe:74:f9:b2:82:
b1:11:d3:dc:3c:7c:3f:e6:3b:b2:c7:37:0a:67:25:
4a:09:b0:d0:d4:05:fd:48:47:9a:8d:bd:67:79:50:
bf:c8:27:30:ff:9f:16:9c:a8:dc:51:f5:37:b0:9d:
f9:7a:f6:8e:3a:3a:ba:eb:d1:b6:2e:e9:bf:e7:83:
e2:6a:22:21:66:30:da:10:dd:6c:3e:5e:8b:8f:1a:
9a:50:c5:c6:ec:e4:e7:54:36:a5:6c:a9:1e:8a:ec:
de:a9:c4:84:6d:5b:44:40:ad:d7:72:ef:c7:f9:02:
e7:e8:58:c7:a5:a1:15:07:9e:ee:ac:2a:32:38:51:
44:0e:f7:51:c8:65:d4:3e:ef:0d:b5:80:70:9d:d4:
66:56:0b:0b:5a:0b:4a:09:ef:38:f3:1e:c7:b0:b2:
74:f3:59:44:7f:62:32:db:ba:f7:15:a9:0d:0b:fc:
f4:cc:8c:32:33:71:24:e2:ed:43:79:2d:b3:ee:f5:
12:e3:83:70:7d:4d:40:0b:17:be:2e:b3:37:81:fb:
4a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:73:05:79:63:7B:86:7A:B1:6E:5C:5C:21:F4:3C:A4:B2:7E:FD:9B
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/fXMFeWN7hnqxblxcIfQ8pLJ-_Zs.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:12:23:12:a7:22:55:5e:6a:f1:82:58:df:ea:fa:2a:52:8b:
bd:6f:5c:b9:97:f7:b8:7c:5a:bb:0c:95:8a:af:85:27:87:79:
35:8f:71:50:c5:d0:3c:6d:50:fe:08:d1:c6:bb:1c:d6:32:04:
e5:7b:bb:94:ec:52:39:b3:7a:3c:87:22:7c:3e:11:60:ac:91:
ef:c4:f8:21:cc:81:19:87:63:af:5b:3e:f6:86:23:48:c7:f4:
6b:ef:77:b6:18:43:ad:12:50:24:d5:0a:84:77:39:81:e3:a4:
fa:cb:be:2c:f0:bb:9d:17:27:8e:b6:7c:5e:58:47:90:e5:82:
da:8b:06:47:ba:d5:be:5d:52:a4:2c:17:0f:a6:35:3f:c5:a1:
8f:4e:83:1a:4c:55:74:71:07:80:40:d1:b9:07:e0:da:7a:f5:
32:af:20:7e:13:fd:eb:05:a6:56:9c:2a:6e:b6:e0:c8:8e:11:
f5:ef:fa:7e:bc:44:4b:e4:18:e7:cb:b9:08:4a:77:39:62:5f:
0b:9e:c6:20:2d:9d:83:25:91:06:59:f3:0e:07:0d:5c:89:b6:
75:bd:3b:e3:fb:0c:2d:48:36:57:ec:77:11:66:74:0c:4a:ca:
e7:18:6d:b4:21:ef:72:70:27:9e:2e:71:ce:1c:16:ce:a5:4b:
5d:7f:c9:11
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQzYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTUw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDdENzMwNTc5NjM3Qjg2
N0FCMTZFNUM1QzIxRjQzQ0E0QjI3RUZEOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBj5qhLVsGw0EthpQjDPqBDNy4AlSn7I2gaEzD9hZK7L7mkPo1
Xu2yqjjkssyZEYSoHv3+MS3+dPmygrER09w8fD/mO7LHNwpnJUoJsNDUBf1IR5qN
vWd5UL/IJzD/nxacqNxR9Tewnfl69o46Orrr0bYu6b/ng+JqIiFmMNoQ3Ww+XouP
GppQxcbs5OdUNqVsqR6K7N6pxIRtW0RArddy78f5AufoWMeloRUHnu6sKjI4UUQO
91HIZdQ+7w21gHCd1GZWCwtaC0oJ7zjzHsewsnTzWUR/YjLbuvcVqQ0L/PTMjDIz
cSTi7UN5LbPu9RLjg3B9TUALF74uszeB+0pBAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUfXMFeWN7hnqxblxcIfQ8pLJ+/ZswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9mWE1GZVdON2hucXhibHhjSWZROHBMSi1fWnMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AI0SIxKnIlVeavGCWN/q+ipSi71vXLmX97h8WrsMlYqvhSeHeTWPcVDF0DxtUP4I
0ca7HNYyBOV7u5TsUjmzejyHInw+EWCske/E+CHMgRmHY69bPvaGI0jH9Gvvd7YY
Q60SUCTVCoR3OYHjpPrLvizwu50XJ462fF5YR5DlgtqLBke61b5dUqQsFw+mNT/F
oY9OgxpMVXRxB4BA0bkH4Np69TKvIH4T/esFplacKm624MiOEfXv+n68REvkGOfL
uQhKdzliXwuexiAtnYMlkQZZ8w4HDVyJtnW9O+P7DC1INlfsdxFmdAxKyucYbbQh
73JwJ54ucc4cFs6lS11/yRE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org