Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/jP8TXpecWrCwcFq_111gdytmQJI.roa
File: jP8TXpecWrCwcFq_111gdytmQJI.roa (raw, json)
Hash identifier: ePvWX7zZwt1YSXLUtoY7rAky34S2aX3oJabfAQ3kne4=
Subject key identifier: 8C:FF:13:5E:97:9C:5A:B0:B0:70:5A:BF:D7:5D:60:77:2B:66:40:92
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4738
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/jP8TXpecWrCwcFq_111gdytmQJI.roa
Signing time: Sat 30 Apr 2022 00:30:09 +0000
ROA not before: Sat 30 Apr 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 45.132.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18232 (0x4738)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 30 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=8CFF135E979C5AB0B0705ABFD75D60772B664092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cc:4c:1e:a3:ee:98:b1:4d:91:03:59:c4:ab:
49:10:2b:10:ad:cb:17:2d:c1:e4:a9:ed:35:76:cb:
15:a6:18:93:85:8e:9e:e7:80:9e:6b:c6:33:44:f8:
46:b9:70:29:ab:db:54:9b:54:fb:c0:27:04:7c:3f:
59:bb:5f:b9:9b:1c:b9:0e:ba:52:57:f4:62:50:d1:
4c:1e:9f:01:e5:f9:3d:3c:7f:d8:cc:e9:43:46:54:
93:47:1a:7f:7f:dd:54:29:ae:58:ff:47:43:19:6e:
ad:e3:4e:46:09:e9:04:5b:fa:9e:ae:4f:f6:77:05:
b4:10:fb:44:9d:dc:5a:8d:2c:07:c7:c9:6e:b2:77:
d4:1c:c1:24:b1:4e:a3:28:7d:49:56:b1:d1:13:84:
2e:33:02:f2:fa:40:54:8b:57:01:72:eb:28:d6:68:
1b:36:3b:ca:27:81:69:14:ec:d0:ae:e0:3c:e7:59:
a7:4f:5b:50:9b:6c:e1:92:25:b5:b0:dd:08:d6:11:
ee:84:2d:fd:d0:de:84:7e:e4:c1:bb:75:64:6b:1e:
0d:2d:4e:0a:a7:5f:00:2d:95:f1:c5:bf:dd:5c:cd:
91:5a:ba:21:ff:58:af:f7:b5:41:25:b9:b5:99:58:
df:ae:5f:90:0d:21:02:d6:f4:a3:07:08:5d:fb:e8:
e9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:FF:13:5E:97:9C:5A:B0:B0:70:5A:BF:D7:5D:60:77:2B:66:40:92
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/jP8TXpecWrCwcFq_111gdytmQJI.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.191.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:e0:0e:e7:42:33:37:a0:71:db:5e:ce:2d:b9:2e:43:2e:18:
df:b1:9f:83:82:0e:07:4c:ec:3b:c7:b4:51:c0:05:de:05:30:
5e:9c:81:2a:af:74:66:f1:81:2d:6f:06:4e:b8:d1:f1:64:3c:
13:9c:59:f9:f7:29:56:51:a9:25:04:5e:6c:cd:07:cf:65:a1:
29:34:74:3f:bb:06:f7:97:f0:68:38:3c:f6:d7:95:68:49:22:
66:cc:e8:6b:13:00:f0:45:54:4c:34:0a:d4:22:69:c7:ef:ef:
73:81:fe:ff:f2:bb:95:cc:ae:36:25:8a:c8:c2:da:e3:f3:ce:
33:11:70:12:45:1c:4e:04:32:b8:c4:5c:51:e1:2d:37:3f:36:
3f:87:40:b6:fd:6d:f1:9b:46:c5:8c:66:4f:59:c0:1e:ee:3f:
fd:90:31:7b:00:79:33:76:e2:51:6c:7f:71:df:ff:83:c2:d4:
c5:be:9a:5c:64:b2:a5:46:2e:11:95:ec:dc:d3:28:ec:37:71:
88:cc:d0:73:b6:27:38:0c:52:aa:6f:61:96:ff:a6:4d:c7:8b:
18:54:67:ed:05:51:f7:8e:ff:6a:84:9a:20:a6:c0:c6:30:95:
63:e8:40:ad:3f:1b:d0:63:16:58:e0:06:72:72:36:d6:40:2a:
dc:e0:95:4f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRzgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MzAw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDhDRkYxMzVFOTc5QzVB
QjBCMDcwNUFCRkQ3NUQ2MDc3MkI2NjQwOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAzEweo+6YsU2RA1nEq0kQKxCtyxctweSp7TV2yxWmGJOFjp7n
gJ5rxjNE+Ea5cCmr21SbVPvAJwR8P1m7X7mbHLkOulJX9GJQ0UwenwHl+T08f9jM
6UNGVJNHGn9/3VQprlj/R0MZbq3jTkYJ6QRb+p6uT/Z3BbQQ+0Sd3FqNLAfHyW6y
d9QcwSSxTqMofUlWsdEThC4zAvL6QFSLVwFy6yjWaBs2O8ongWkU7NCu4DznWadP
W1CbbOGSJbWw3QjWEe6ELf3Q3oR+5MG7dWRrHg0tTgqnXwAtlfHFv91czZFauiH/
WK/3tUElubWZWN+uX5ANIQLW9KMHCF376OkxAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUjP8TXpecWrCwcFq/111gdytmQJIwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9qUDhUWHBlY1dyQ3djRnFfMTExZ2R5dG1RSkkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL8wDQYJKoZIhvcNAQELBQADggEB
AJ7gDudCMzegcdtezi25LkMuGN+xn4OCDgdM7DvHtFHABd4FMF6cgSqvdGbxgS1v
Bk640fFkPBOcWfn3KVZRqSUEXmzNB89loSk0dD+7BveX8Gg4PPbXlWhJImbM6GsT
APBFVEw0CtQiacfv73OB/v/yu5XMrjYlisjC2uPzzjMRcBJFHE4EMrjEXFHhLTc/
Nj+HQLb9bfGbRsWMZk9ZwB7uP/2QMXsAeTN24lFsf3Hf/4PC1MW+mlxksqVGLhGV
7NzTKOw3cYjM0HO2JzgMUqpvYZb/pk3HixhUZ+0FUfeO/2qEmiCmwMYwlWPoQK0/
G9BjFljgBnJyNtZAKtzglU8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org