Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/hjLaQJNkhK0kCp8pgpI7U8eWB7A.roa
File: hjLaQJNkhK0kCp8pgpI7U8eWB7A.roa (raw, json)
Hash identifier: kqQbFNyDanuRPSqOg0/cYV+casAJQj9iITXLmBYknbg=
Subject key identifier: 86:32:DA:40:93:64:84:AD:24:0A:9F:29:82:92:3B:53:C7:96:07:B0
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44E0
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hjLaQJNkhK0kCp8pgpI7U8eWB7A.roa
Signing time: Fri 18 Mar 2022 00:30:10 +0000
ROA not before: Fri 18 Mar 2022 00:30:10 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17632 (0x44e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 18 00:30:10 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=8632DA40936484AD240A9F2982923B53C79607B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ef:3a:b1:44:1e:12:7f:92:e3:0c:8a:fd:3e:
cb:5e:c1:34:97:3a:c5:34:96:03:71:8b:0c:8e:96:
9f:e7:33:66:de:7f:be:a9:03:c8:bf:03:29:97:84:
61:2c:89:71:5c:04:b3:06:38:f5:3d:e8:1e:ca:4f:
1a:f9:08:6b:67:3c:f5:73:e2:46:b4:c0:60:ec:af:
e0:53:2f:39:17:71:50:13:fc:87:2b:b2:95:39:09:
85:62:3a:01:c8:9f:c6:4a:d1:26:22:ad:49:f3:d4:
3c:4a:8d:3a:0c:2d:0b:31:2f:6f:8d:29:38:a8:62:
15:7c:8d:cb:60:ca:b5:84:16:ae:32:3f:09:16:8e:
1d:8a:70:55:7d:d6:f1:7c:9b:d8:51:f2:0c:ac:bf:
c5:a0:92:9d:e2:54:5f:c4:b5:24:e5:b4:85:90:72:
e9:93:bf:ed:02:91:9b:27:16:59:9a:4a:02:56:b1:
30:be:55:f1:5a:08:f8:55:38:46:a2:e8:1c:df:80:
50:b8:6e:68:cc:54:46:94:d0:e3:f6:e7:1f:06:bf:
bf:38:8b:db:e8:3d:0b:ab:37:81:97:19:fc:aa:9b:
20:01:8c:36:e2:d0:64:f5:eb:25:04:a3:eb:bc:3b:
35:60:d9:60:67:ba:47:c2:6a:db:d2:de:07:01:1d:
33:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:32:DA:40:93:64:84:AD:24:0A:9F:29:82:92:3B:53:C7:96:07:B0
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hjLaQJNkhK0kCp8pgpI7U8eWB7A.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
64:f9:44:b6:f6:ec:f1:a7:c7:1b:b0:c3:74:77:7a:8f:82:aa:
ec:e4:77:f7:18:12:36:7e:ce:be:d7:40:9d:b5:a1:15:0d:fd:
1f:bf:85:ad:46:6d:50:89:e5:25:5f:cf:48:82:c3:dd:94:03:
a8:ea:52:93:d6:64:5b:c6:3a:c6:13:77:6c:64:b3:c2:08:8b:
df:44:05:96:6f:65:6d:77:4c:07:6c:84:f9:18:9e:47:57:c2:
99:7f:44:3b:55:c3:2a:79:2e:af:01:5d:d2:f6:9c:50:15:30:
9a:5a:5f:0f:51:31:46:71:f5:c2:eb:6d:5f:f5:19:f1:7e:76:
87:95:b2:9c:f4:40:a7:5f:2a:fe:24:2d:88:77:91:04:cc:55:
be:28:aa:c0:bc:de:63:30:50:91:4b:81:0e:2e:b8:72:ff:79:
5c:2a:4f:6f:ab:e7:a9:69:ae:e9:ab:29:37:0f:48:e9:3b:31:
b7:35:be:c3:ac:e3:f9:52:6f:40:78:58:2c:e4:42:05:3f:e0:
6e:46:54:79:a2:d8:3e:24:39:cd:89:97:d4:38:06:1c:a8:24:
5d:7b:cf:90:b5:6d:50:50:94:53:e7:f4:bc:45:37:30:0b:c1:
a3:66:f5:8e:ba:14:a5:e8:3a:53:fa:98:4c:bc:79:a2:70:cd:
c3:df:53:66
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICROAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTgw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDg2MzJEQTQwOTM2NDg0
QUQyNDBBOUYyOTgyOTIzQjUzQzc5NjA3QjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr7zqxRB4Sf5LjDIr9PstewTSXOsU0lgNxiwyOlp/nM2bef76p
A8i/AymXhGEsiXFcBLMGOPU96B7KTxr5CGtnPPVz4ka0wGDsr+BTLzkXcVAT/Icr
spU5CYViOgHIn8ZK0SYirUnz1DxKjToMLQsxL2+NKTioYhV8jctgyrWEFq4yPwkW
jh2KcFV91vF8m9hR8gysv8Wgkp3iVF/EtSTltIWQcumTv+0CkZsnFlmaSgJWsTC+
VfFaCPhVOEai6BzfgFC4bmjMVEaU0OP25x8Gv784i9voPQurN4GXGfyqmyABjDbi
0GT16yUEo+u8OzVg2WBnukfCatvS3gcBHTOxAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUhjLaQJNkhK0kCp8pgpI7U8eWB7AwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9oakxhUUpOa2hLMGtDcDhwZ3BJN1U4ZVdCN0Eucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AGT5RLb27PGnxxuww3R3eo+Cquzkd/cYEjZ+zr7XQJ21oRUN/R+/ha1GbVCJ5SVf
z0iCw92UA6jqUpPWZFvGOsYTd2xks8IIi99EBZZvZW13TAdshPkYnkdXwpl/RDtV
wyp5Lq8BXdL2nFAVMJpaXw9RMUZx9cLrbV/1GfF+doeVspz0QKdfKv4kLYh3kQTM
Vb4oqsC83mMwUJFLgQ4uuHL/eVwqT2+r56lprumrKTcPSOk7Mbc1vsOs4/lSb0B4
WCzkQgU/4G5GVHmi2D4kOc2Jl9Q4BhyoJF17z5C1bVBQlFPn9LxFNzALwaNm9Y66
FKXoOlP6mEy8eaJwzcPfU2Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org