Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/lGkbpK_OybhoRqgOnkDxFM8XVJ0.roa
File: lGkbpK_OybhoRqgOnkDxFM8XVJ0.roa (raw, json)
Hash identifier: 022t3w8FkbcRduY0AE0e0W+vGjh6wH+2qIBH2W0qrb4=
Subject key identifier: 94:69:1B:A4:AF:CE:C9:B8:68:46:A8:0E:9E:40:F1:14:CF:17:54:9D
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 47D6
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/lGkbpK_OybhoRqgOnkDxFM8XVJ0.roa
Signing time: Wed 11 May 2022 00:30:13 +0000
ROA not before: Wed 11 May 2022 00:30:13 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18390 (0x47d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 11 00:30:13 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=94691BA4AFCEC9B86846A80E9E40F114CF17549D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:66:85:84:43:69:21:5b:bc:1f:56:87:05:df:
23:74:5a:af:f9:fb:ef:b0:e7:52:34:13:77:97:a1:
01:db:a1:ac:6c:be:db:88:a8:01:6c:7a:d5:99:63:
c5:c7:5d:4e:c4:31:f8:d1:4c:d5:e0:f4:42:00:68:
ac:8e:0f:7f:56:2e:ef:98:f2:e6:f7:95:05:08:0b:
aa:cd:ae:7d:93:bf:ce:a5:af:55:25:fd:72:82:fa:
62:73:22:a0:fa:a8:e9:e0:1a:b8:b2:ce:44:fc:16:
d7:00:87:0d:7a:c8:c1:02:df:8a:6e:5e:b3:0c:ae:
0e:46:9a:28:a5:59:c9:99:ac:9c:ea:a9:69:ee:17:
2a:63:ba:db:f2:87:68:2a:03:71:f6:81:aa:3b:2d:
2d:d6:20:5c:13:ac:d8:78:5f:c2:f4:ce:48:9d:a3:
f9:49:e0:9a:5c:19:6a:5c:8b:77:4e:40:80:e1:97:
b7:dc:24:b6:d9:ea:f1:ea:c6:e5:94:2a:7e:8a:72:
71:97:b8:99:7c:74:48:34:de:ed:09:5b:84:93:0a:
a6:96:88:9e:ba:7f:d0:3d:c1:b7:2e:96:89:5c:ea:
ee:4a:80:b4:31:30:37:2a:32:38:11:f1:5c:70:ea:
68:83:19:f5:1f:82:82:ad:24:95:40:7f:0a:3e:e6:
aa:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:69:1B:A4:AF:CE:C9:B8:68:46:A8:0E:9E:40:F1:14:CF:17:54:9D
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/lGkbpK_OybhoRqgOnkDxFM8XVJ0.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
62:49:96:b9:68:4c:ef:91:e8:dc:4d:60:ec:d3:0f:54:84:2e:
83:bb:28:ac:9c:a0:c8:00:62:6a:4c:dd:45:1a:94:b6:b8:d5:
41:38:7f:20:22:a0:f7:f3:cb:0b:aa:f0:fa:89:8c:27:41:9f:
54:f3:c7:62:19:c3:92:77:86:c0:66:49:88:8f:6d:22:73:7d:
ac:7c:9f:78:49:ff:50:d3:66:48:cc:b8:26:42:b8:fb:83:8f:
1a:be:b2:03:fc:2a:1c:04:62:07:90:ab:98:f8:1f:d7:23:9e:
3b:db:d9:10:72:6b:2f:e4:3b:1c:c8:0e:5b:00:6b:3c:c8:7e:
2a:96:0b:20:b7:cd:41:77:41:a5:43:38:06:23:42:95:f5:00:
3a:d2:f7:c6:b1:7a:ea:eb:51:15:97:52:eb:57:f6:a6:76:8f:
11:26:21:f0:c2:ec:fe:c2:a2:11:ef:16:67:b5:89:d7:6c:5f:
48:c8:6f:dd:b7:49:b2:e4:49:84:e0:de:2c:56:af:29:8a:6a:
ff:66:e7:bc:c5:6e:32:1e:64:33:af:21:02:b6:42:60:e9:2c:
a4:8c:4e:8b:3b:15:4c:eb:78:d3:85:d4:00:03:45:38:91:00:
4e:ea:7d:7e:51:a6:10:66:17:ed:2a:e8:31:9d:83:f0:db:94:
4b:40:20:f9
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR9YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MTEw
MDMwMTNaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDk0NjkxQkE0QUZDRUM5
Qjg2ODQ2QTgwRTlFNDBGMTE0Q0YxNzU0OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCXZoWEQ2khW7wfVocF3yN0Wq/5+++w51I0E3eXoQHboaxsvtuI
qAFsetWZY8XHXU7EMfjRTNXg9EIAaKyOD39WLu+Y8ub3lQUIC6rNrn2Tv86lr1Ul
/XKC+mJzIqD6qOngGriyzkT8FtcAhw16yMEC34puXrMMrg5GmiilWcmZrJzqqWnu
Fypjutvyh2gqA3H2gao7LS3WIFwTrNh4X8L0zkido/lJ4JpcGWpci3dOQIDhl7fc
JLbZ6vHqxuWUKn6KcnGXuJl8dEg03u0JW4STCqaWiJ66f9A9wbculolc6u5KgLQx
MDcqMjgR8Vxw6miDGfUfgoKtJJVAfwo+5qpFAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUlGkbpK/OybhoRqgOnkDxFM8XVJ0wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9sR2ticEtfT3liaG9ScWdPbmtEeEZNOFhWSjAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AGJJlrloTO+R6NxNYOzTD1SELoO7KKycoMgAYmpM3UUalLa41UE4fyAioPfzywuq
8PqJjCdBn1Tzx2IZw5J3hsBmSYiPbSJzfax8n3hJ/1DTZkjMuCZCuPuDjxq+sgP8
KhwEYgeQq5j4H9cjnjvb2RByay/kOxzIDlsAazzIfiqWCyC3zUF3QaVDOAYjQpX1
ADrS98axeurrURWXUutX9qZ2jxEmIfDC7P7CohHvFme1iddsX0jIb923SbLkSYTg
3ixWrymKav9m57zFbjIeZDOvIQK2QmDpLKSMTos7FUzreNOF1AADRTiRAE7qfX5R
phBmF+0q6DGdg/DblEtAIPk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org