Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/kKsPBhEvFmdc8NH8XOXkZ7zkBBE.roa
File: kKsPBhEvFmdc8NH8XOXkZ7zkBBE.roa (raw, json)
Hash identifier: tZs9uSTrZllpyzYTb7v3xnygYVBtSpSfy6pgUx7U7oc=
Subject key identifier: 90:AB:0F:06:11:2F:16:67:5C:F0:D1:FC:5C:E5:E4:67:BC:E4:04:11
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 497D
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/kKsPBhEvFmdc8NH8XOXkZ7zkBBE.roa
Signing time: Tue 07 Jun 2022 00:30:08 +0000
ROA not before: Tue 07 Jun 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18813 (0x497d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 7 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=90AB0F06112F16675CF0D1FC5CE5E467BCE40411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6e:42:f5:33:c0:14:74:59:5c:8d:1e:79:de:
58:33:17:e4:1c:03:c7:d2:b4:9a:02:5a:1a:78:bb:
a1:4e:5a:a5:30:60:87:b9:2a:e6:82:a4:ab:4f:3d:
bf:3b:9d:54:3b:4f:c6:90:59:b5:5b:a2:b7:ea:63:
30:69:9f:bb:18:95:ac:ca:b2:e3:51:06:e8:a8:79:
d0:8a:df:48:eb:e8:f6:66:6c:2b:9d:9b:28:07:c1:
51:49:55:6c:c2:8e:c5:fc:31:a2:b4:ab:10:8d:07:
b1:0d:72:93:10:87:70:7c:2b:62:bf:90:6e:19:2e:
24:d5:71:87:3b:ec:b8:2d:c1:e3:d6:cf:88:4c:8c:
f7:47:3f:0c:3b:5b:3c:c2:b0:48:53:c4:15:c4:d1:
e1:f5:4a:a0:94:fe:aa:ad:20:e2:b7:50:ca:68:89:
e9:88:37:7b:29:af:16:28:33:0f:94:b9:1f:6a:f3:
e4:eb:09:6e:bc:97:7e:00:65:b2:b0:bc:c2:cb:8e:
d0:ab:4f:02:ae:1a:4a:09:f9:fe:97:6e:47:51:a8:
c8:b4:35:de:69:ef:13:a7:b3:d4:8e:71:26:1b:2c:
13:27:b0:f3:3d:87:45:dc:54:f2:b8:13:49:f4:52:
50:23:50:13:b9:03:92:9a:1a:79:49:85:cf:a8:d7:
78:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:AB:0F:06:11:2F:16:67:5C:F0:D1:FC:5C:E5:E4:67:BC:E4:04:11
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/kKsPBhEvFmdc8NH8XOXkZ7zkBBE.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:de:e7:be:b2:ef:c2:1b:3e:ca:b1:43:28:e5:2a:ff:7a:1b:
4a:5a:ab:5c:a4:63:13:f0:11:cb:fe:ef:4e:62:f3:3e:27:b2:
3b:b7:ce:93:4d:f6:72:81:98:e1:a9:35:65:1f:64:2c:44:f4:
f0:c4:c7:f3:f2:81:4a:3e:f1:1a:c8:40:0e:62:60:62:23:bd:
0f:93:38:8c:14:d9:64:f0:7e:49:d9:1f:8a:bf:fe:23:4a:c5:
3b:9f:62:cb:87:cd:43:70:6b:50:86:e4:65:4a:f0:10:a3:b8:
d8:48:ac:79:8b:5f:ac:2a:97:cf:58:9e:30:b3:1c:fa:16:f4:
16:42:8f:7f:fb:a7:54:26:3d:2c:5e:64:1c:57:82:0c:d6:d1:
4e:73:7a:9e:34:c7:f5:8d:cc:28:27:19:b7:f3:4f:b9:5a:76:
88:12:08:95:68:20:a1:42:ed:7b:8b:0c:06:5a:d2:fd:09:9f:
4a:c8:63:67:88:15:5d:4d:ca:c8:89:af:7e:3b:3b:bb:84:07:
33:b2:d4:3f:c8:e7:43:f4:82:4f:67:15:2b:08:95:5b:a7:9a:
e1:d6:37:41:cc:b9:2b:59:18:d5:fb:41:17:b7:da:1b:de:2f:
0c:31:64:13:6a:af:c3:c0:8f:ac:0e:32:3b:e0:3f:3b:51:13:
55:05:4b:a2
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSX0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDcw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDkwQUIwRjA2MTEyRjE2
Njc1Q0YwRDFGQzVDRTVFNDY3QkNFNDA0MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDObkL1M8AUdFlcjR553lgzF+QcA8fStJoCWhp4u6FOWqUwYIe5
KuaCpKtPPb87nVQ7T8aQWbVborfqYzBpn7sYlazKsuNRBuioedCK30jr6PZmbCud
mygHwVFJVWzCjsX8MaK0qxCNB7ENcpMQh3B8K2K/kG4ZLiTVcYc77LgtwePWz4hM
jPdHPww7WzzCsEhTxBXE0eH1SqCU/qqtIOK3UMpoiemIN3sprxYoMw+UuR9q8+Tr
CW68l34AZbKwvMLLjtCrTwKuGkoJ+f6XbkdRqMi0Nd5p7xOns9SOcSYbLBMnsPM9
h0XcVPK4E0n0UlAjUBO5A5KaGnlJhc+o13h7AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUkKsPBhEvFmdc8NH8XOXkZ7zkBBEwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9rS3NQQmhFdkZtZGM4Tkg4WE9Ya1o3emtCQkUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AB7e576y78IbPsqxQyjlKv96G0paq1ykYxPwEcv+705i8z4nsju3zpNN9nKBmOGp
NWUfZCxE9PDEx/PygUo+8RrIQA5iYGIjvQ+TOIwU2WTwfknZH4q//iNKxTufYsuH
zUNwa1CG5GVK8BCjuNhIrHmLX6wql89YnjCzHPoW9BZCj3/7p1QmPSxeZBxXggzW
0U5zep40x/WNzCgnGbfzT7ladogSCJVoIKFC7XuLDAZa0v0Jn0rIY2eIFV1NysiJ
r347O7uEBzOy1D/I50P0gk9nFSsIlVunmuHWN0HMuStZGNX7QRe32hveLwwxZBNq
r8PAj6wOMjvgPztRE1UFS6I=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org