Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/hFtyjHa8IUJNDTkMEafJxkZzoMQ.roa
File: hFtyjHa8IUJNDTkMEafJxkZzoMQ.roa (raw, json)
Hash identifier: 4UFTNfSdQ8aVAeFM0ryPC+k9glVzzrY5PvAoUIHv7Ng=
Subject key identifier: 84:5B:72:8C:76:BC:21:42:4D:0D:39:0C:11:A7:C9:C6:46:73:A0:C4
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 46E8
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hFtyjHa8IUJNDTkMEafJxkZzoMQ.roa
Signing time: Sun 24 Apr 2022 00:30:10 +0000
ROA not before: Sun 24 Apr 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18152 (0x46e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 24 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=845B728C76BC21424D0D390C11A7C9C64673A0C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f8:be:02:6d:44:27:6c:6d:55:5a:d2:2a:ac:
44:fe:43:3d:b7:59:bc:f6:e4:13:f8:fb:bb:9e:be:
67:7a:e8:5e:28:b8:36:f8:fe:fd:b4:3e:5c:17:80:
db:c3:f4:1b:26:41:4b:52:5c:76:84:07:8f:1b:de:
a1:3d:de:ac:e0:86:1f:01:f3:db:d0:7c:6a:ec:f5:
e6:46:71:47:bf:41:f4:2f:61:ba:93:67:fe:93:fc:
2a:a3:4a:0f:5f:ff:18:7a:94:10:23:93:ea:17:73:
2c:2f:c1:3b:23:bb:15:4c:af:d4:8a:d4:9b:21:5b:
1c:05:3e:70:b3:99:d3:10:a4:b7:fe:a6:b4:7a:ef:
0c:b7:7d:5d:af:ab:79:0e:2d:bd:10:40:bf:41:ee:
dc:59:ed:9d:a3:ec:bd:5a:63:20:46:7c:d6:5b:0d:
98:0b:8f:d7:85:40:22:00:df:f9:d5:9e:dc:3a:1b:
5e:39:b6:2e:30:89:ff:e7:2f:ba:2e:a5:f5:0c:0d:
db:b3:52:b5:77:4d:b6:5f:66:30:76:38:5a:e0:29:
a5:0f:2f:8a:96:30:fc:80:70:53:ab:27:a2:23:bd:
ff:38:02:6a:76:2b:39:6f:ae:04:3e:86:c0:fe:60:
22:47:8d:b7:95:4c:2a:a6:07:d5:d3:56:b4:ba:c4:
c7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:5B:72:8C:76:BC:21:42:4D:0D:39:0C:11:A7:C9:C6:46:73:A0:C4
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hFtyjHa8IUJNDTkMEafJxkZzoMQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
49:f1:19:f0:8f:11:0c:27:6d:75:dd:1f:6b:d0:4a:fc:07:2c:
11:d9:c9:e2:bf:b8:c8:b0:30:af:06:77:1c:f4:db:f3:27:9c:
2a:e8:21:69:4a:e6:f3:ca:08:2a:3e:21:38:f8:b0:7e:be:b4:
bb:07:c5:62:71:cf:fc:d6:53:43:77:67:7a:03:06:4e:69:8e:
71:1f:68:5d:f1:f3:d7:e4:97:64:4a:29:de:7e:0f:1d:fa:65:
c5:11:48:e6:d8:bf:c3:78:22:55:1d:98:67:17:e2:85:4e:41:
68:24:e1:e7:eb:13:f6:cc:2d:0c:44:27:96:bf:c8:7e:90:b8:
ac:c7:83:7f:6f:f0:da:a5:59:aa:1d:42:fb:be:88:cd:c0:6a:
01:09:00:43:3f:eb:62:0f:bc:a9:92:0a:7b:66:27:69:41:da:
fd:15:3a:39:78:cc:b3:4f:81:53:10:01:bd:7a:aa:88:89:ca:
65:07:e3:02:ca:5e:c5:f0:51:fc:5d:27:14:69:4d:c3:fa:22:
e1:a8:ea:5f:9c:e1:83:7f:9c:6a:ca:3a:6e:7b:75:2c:e7:7d:
f4:fd:4c:ba:a2:d0:70:ef:3f:aa:cb:bc:fb:ae:7b:2c:e3:91:
31:cc:41:b0:36:19:eb:d5:e9:eb:84:76:7a:b1:30:27:3e:89:
2b:62:15:c7
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRugwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MjQw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDg0NUI3MjhDNzZCQzIx
NDI0RDBEMzkwQzExQTdDOUM2NDY3M0EwQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx+L4CbUQnbG1VWtIqrET+Qz23Wbz25BP4+7uevmd66F4ouDb4
/v20PlwXgNvD9BsmQUtSXHaEB48b3qE93qzghh8B89vQfGrs9eZGcUe/QfQvYbqT
Z/6T/CqjSg9f/xh6lBAjk+oXcywvwTsjuxVMr9SK1JshWxwFPnCzmdMQpLf+prR6
7wy3fV2vq3kOLb0QQL9B7txZ7Z2j7L1aYyBGfNZbDZgLj9eFQCIA3/nVntw6G145
ti4wif/nL7oupfUMDduzUrV3TbZfZjB2OFrgKaUPL4qWMPyAcFOrJ6Ijvf84Amp2
KzlvrgQ+hsD+YCJHjbeVTCqmB9XTVrS6xMeNAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUhFtyjHa8IUJNDTkMEafJxkZzoMQwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9oRnR5akhhOElVSk5EVGtNRWFmSnhrWnpvTVEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AEnxGfCPEQwnbXXdH2vQSvwHLBHZyeK/uMiwMK8Gdxz02/MnnCroIWlK5vPKCCo+
ITj4sH6+tLsHxWJxz/zWU0N3Z3oDBk5pjnEfaF3x89fkl2RKKd5+Dx36ZcURSObY
v8N4IlUdmGcX4oVOQWgk4efrE/bMLQxEJ5a/yH6QuKzHg39v8NqlWaodQvu+iM3A
agEJAEM/62IPvKmSCntmJ2lB2v0VOjl4zLNPgVMQAb16qoiJymUH4wLKXsXwUfxd
JxRpTcP6IuGo6l+c4YN/nGrKOm57dSznffT9TLqi0HDvP6rLvPuueyzjkTHMQbA2
GevV6euEdnqxMCc+iStiFcc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org