Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/hM3dLQWEBGFqu693WyH2kHvuw_s.roa
File: hM3dLQWEBGFqu693WyH2kHvuw_s.roa (raw, json)
Hash identifier: u/Kc6Om8t9kcCsCN+sfI+azD4KbNvJ6QE4nfXgqQk/4=
Subject key identifier: 84:CD:DD:2D:05:84:04:61:6A:BB:AF:77:5B:21:F6:90:7B:EE:C3:FB
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 47C8
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hM3dLQWEBGFqu693WyH2kHvuw_s.roa
Signing time: Tue 10 May 2022 00:30:10 +0000
ROA not before: Tue 10 May 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18376 (0x47c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 10 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=84CDDD2D058404616ABBAF775B21F6907BEEC3FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:09:ec:ae:a7:7c:0f:f3:ba:0a:0a:3f:ee:d5:
37:60:17:8d:3b:2a:85:10:d0:c6:c9:75:5f:98:f5:
27:61:25:2d:2c:0f:ce:8b:58:89:c8:51:7e:16:2f:
57:43:53:eb:b0:13:f2:3e:c8:6d:fd:0e:57:31:dc:
d7:b1:86:88:c6:a1:96:29:cb:77:4a:90:01:85:36:
85:47:26:20:df:57:ff:ad:9f:5e:2b:4a:ce:ec:31:
27:fe:b2:5e:a1:20:db:a5:0e:b5:8b:f2:c9:cc:25:
9e:55:0c:c9:b0:4a:42:04:fe:68:ae:ad:0c:7b:e5:
d0:11:4e:3c:ac:d9:fb:34:e4:86:bb:a5:00:17:8c:
17:a5:04:21:f1:9d:87:45:1c:4f:af:53:b9:63:94:
20:f3:86:db:06:cd:f2:55:16:ae:9b:66:85:d4:d3:
af:aa:23:04:42:87:0a:80:40:2a:42:4a:7f:48:06:
c0:53:d8:f5:a3:91:3d:e8:24:81:53:85:9c:2e:e2:
21:28:6a:2a:e4:e7:af:38:8d:bc:40:4d:5c:37:46:
d9:23:0f:ea:7e:76:5e:93:77:b5:7a:09:dc:41:a2:
05:f2:cb:1b:20:e6:a1:d2:73:bf:09:da:e6:ba:83:
a2:de:84:a3:db:48:25:b5:1a:c6:f7:32:45:ed:26:
54:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CD:DD:2D:05:84:04:61:6A:BB:AF:77:5B:21:F6:90:7B:EE:C3:FB
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hM3dLQWEBGFqu693WyH2kHvuw_s.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
84:b2:91:59:fd:05:74:0c:e8:be:c2:c9:9a:db:db:d0:6e:92:
f6:f0:11:42:bd:65:0f:e3:e3:82:5a:3c:48:6e:9b:36:0a:a7:
b0:52:99:b3:76:eb:05:e5:28:6f:7f:f6:ed:0f:72:07:18:6d:
6a:27:b0:b0:fb:c9:da:cb:72:d2:86:bc:d2:40:c1:3b:2d:9b:
94:46:70:82:4c:c2:bc:10:c1:3d:54:89:2c:19:6d:48:6f:96:
23:d7:17:e0:7b:5c:4e:00:2a:3a:12:74:a5:ce:de:f4:96:01:
0d:c2:aa:c6:40:e9:87:8a:69:8c:1b:c3:b3:3e:4b:d7:54:2d:
7d:39:7f:ee:f4:22:1e:45:51:31:18:4f:5b:b1:49:b1:13:e9:
7b:b0:18:7d:27:05:80:57:4b:2c:91:78:fc:99:a7:c7:25:42:
e9:e9:96:49:76:8c:02:c5:f4:cb:c2:ec:ec:90:25:c3:ec:62:
a8:f5:a8:94:74:6a:69:9e:37:fc:cc:ea:80:a7:a6:9f:ad:bb:
25:e4:e8:0b:2e:6d:7a:ac:82:f9:66:95:63:c5:14:ac:37:2a:
c2:5e:b4:a5:fa:6d:14:89:63:af:27:1d:3c:59:19:54:30:9c:
06:5b:5c:10:ef:09:c1:a6:8c:9b:b3:55:b4:c3:9f:d0:a7:69:
d3:a5:2c:93
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR8gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MTAw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDg0Q0RERDJEMDU4NDA0
NjE2QUJCQUY3NzVCMjFGNjkwN0JFRUMzRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+Ceyup3wP87oKCj/u1TdgF407KoUQ0MbJdV+Y9SdhJS0sD86L
WInIUX4WL1dDU+uwE/I+yG39Dlcx3NexhojGoZYpy3dKkAGFNoVHJiDfV/+tn14r
Ss7sMSf+sl6hINulDrWL8snMJZ5VDMmwSkIE/miurQx75dARTjys2fs05Ia7pQAX
jBelBCHxnYdFHE+vU7ljlCDzhtsGzfJVFq6bZoXU06+qIwRChwqAQCpCSn9IBsBT
2PWjkT3oJIFThZwu4iEoairk5684jbxATVw3RtkjD+p+dl6Td7V6CdxBogXyyxsg
5qHSc78J2ua6g6LehKPbSCW1Gsb3MkXtJlQDAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUhM3dLQWEBGFqu693WyH2kHvuw/swHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9oTTNkTFFXRUJHRnF1NjkzV3lIMmtIdnV3X3Mucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AISykVn9BXQM6L7CyZrb29BukvbwEUK9ZQ/j44JaPEhumzYKp7BSmbN26wXlKG9/
9u0PcgcYbWonsLD7ydrLctKGvNJAwTstm5RGcIJMwrwQwT1UiSwZbUhvliPXF+B7
XE4AKjoSdKXO3vSWAQ3CqsZA6YeKaYwbw7M+S9dULX05f+70Ih5FUTEYT1uxSbET
6XuwGH0nBYBXSyyRePyZp8clQunplkl2jALF9MvC7OyQJcPsYqj1qJR0ammeN/zM
6oCnpp+tuyXk6AsubXqsgvlmlWPFFKw3KsJetKX6bRSJY68nHTxZGVQwnAZbXBDv
CcGmjJuzVbTDn9CnadOlLJM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org