Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/mcgPla1bzq7mIIENsx0pC7-0fo0.roa
File: mcgPla1bzq7mIIENsx0pC7-0fo0.roa (raw, json)
Hash identifier: kGHylynoW4BsGppAFxfCRsI+AYy1s4oV6Z5qG7nLV34=
Subject key identifier: 99:C8:0F:95:AD:5B:CE:AE:E6:20:81:0D:B3:1D:29:0B:BF:B4:7E:8D
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 494E
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/mcgPla1bzq7mIIENsx0pC7-0fo0.roa
Signing time: Sat 04 Jun 2022 00:30:09 +0000
ROA not before: Sat 04 Jun 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18766 (0x494e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 4 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=99C80F95AD5BCEAEE620810DB31D290BBFB47E8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:74:7f:76:2d:1f:49:88:94:00:45:87:15:23:
e2:77:45:4b:fe:4b:70:29:e5:d0:85:34:fe:3c:d8:
a6:ab:22:a3:e6:68:c3:03:31:61:cc:c7:ce:9e:3d:
e8:a4:17:53:43:1b:a6:5c:ff:9a:b3:aa:fa:e7:a9:
cc:f5:1b:69:ec:a5:35:d6:a2:96:14:8c:9b:33:94:
05:68:19:97:78:a8:40:07:50:93:98:d4:73:3d:47:
a5:bd:99:ee:bf:b3:ed:11:e5:c9:03:12:e5:b6:90:
3e:f9:c4:19:07:c1:c3:61:8e:63:41:51:48:9c:1d:
b8:93:a7:ae:fb:78:fc:59:ff:a9:29:5d:42:95:04:
3c:ad:6a:8d:e6:0a:76:48:ea:ec:db:03:d5:b1:7b:
7c:f5:4f:fd:4a:f5:53:c3:b4:05:be:c6:71:10:fa:
23:72:c8:1c:25:91:9b:a9:6d:e0:9f:b8:6e:07:4b:
07:c0:c7:31:bc:08:d6:7c:03:af:4b:e4:c1:46:05:
4e:77:e3:12:f2:9b:b4:3f:ac:ac:3c:3e:7c:47:62:
53:b6:6f:15:a8:50:10:d8:b9:99:3d:b6:af:ed:b3:
3c:80:e5:d9:2b:9c:e8:d1:30:b9:ce:0b:37:5e:50:
57:14:37:dd:e9:22:a0:61:40:4d:60:95:fb:bf:4c:
0b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C8:0F:95:AD:5B:CE:AE:E6:20:81:0D:B3:1D:29:0B:BF:B4:7E:8D
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/mcgPla1bzq7mIIENsx0pC7-0fo0.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
83:33:8a:73:6c:61:c9:85:f2:f7:3b:a7:c3:31:fd:ab:21:d8:
d6:4d:0f:fa:67:4a:38:4c:0b:79:1d:0d:4a:68:2b:fd:b0:9f:
b7:fd:36:a5:b7:e5:ef:08:e7:0f:74:46:39:85:ee:b7:87:01:
6e:8b:09:34:da:df:85:51:0b:b2:39:3b:e2:cd:9f:ae:2b:80:
78:15:cc:9d:6f:fe:ae:63:45:0d:25:84:8e:eb:5f:1b:56:79:
16:fd:07:6c:b1:0e:0f:b4:7c:dd:5a:1e:ad:31:4e:c3:7d:e4:
e6:15:b6:22:17:9c:29:dd:47:16:e8:86:ef:bf:6f:83:7a:4f:
cd:9f:2d:7f:14:62:a8:c3:b4:55:12:31:16:56:94:c1:91:d7:
62:f6:b6:31:61:c7:0d:27:b3:97:4f:6d:6b:cc:b3:3d:09:47:
36:7f:b9:02:a2:4a:2c:98:8f:c0:af:c4:b2:1f:46:79:a2:25:
87:18:f4:88:3e:c9:55:97:76:e9:86:dd:79:79:d6:33:d3:0c:
18:e6:11:80:7a:4f:e7:e0:fe:2b:55:17:da:ba:dd:7c:4b:9b:
22:c2:bf:9a:67:21:3e:20:9c:01:f1:b0:e6:2d:38:eb:d2:8b:
05:b7:4a:8d:69:e9:04:0e:3c:d5:9d:3a:cb:51:26:65:8b:be:
9c:38:ae:8c
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSU4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDQw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDk5QzgwRjk1QUQ1QkNF
QUVFNjIwODEwREIzMUQyOTBCQkZCNDdFOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7dH92LR9JiJQARYcVI+J3RUv+S3Ap5dCFNP482KarIqPmaMMD
MWHMx86ePeikF1NDG6Zc/5qzqvrnqcz1G2nspTXWopYUjJszlAVoGZd4qEAHUJOY
1HM9R6W9me6/s+0R5ckDEuW2kD75xBkHwcNhjmNBUUicHbiTp677ePxZ/6kpXUKV
BDytao3mCnZI6uzbA9Wxe3z1T/1K9VPDtAW+xnEQ+iNyyBwlkZupbeCfuG4HSwfA
xzG8CNZ8A69L5MFGBU534xLym7Q/rKw8PnxHYlO2bxWoUBDYuZk9tq/tszyA5dkr
nOjRMLnOCzdeUFcUN93pIqBhQE1glfu/TAt7AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUmcgPla1bzq7mIIENsx0pC7+0fo0wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9tY2dQbGExYnpxN21JSUVOc3gwcEM3LTBmbzAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AIMzinNsYcmF8vc7p8Mx/ash2NZND/pnSjhMC3kdDUpoK/2wn7f9NqW35e8I5w90
RjmF7reHAW6LCTTa34VRC7I5O+LNn64rgHgVzJ1v/q5jRQ0lhI7rXxtWeRb9B2yx
Dg+0fN1aHq0xTsN95OYVtiIXnCndRxbohu+/b4N6T82fLX8UYqjDtFUSMRZWlMGR
12L2tjFhxw0ns5dPbWvMsz0JRzZ/uQKiSiyYj8CvxLIfRnmiJYcY9Ig+yVWXdumG
3Xl51jPTDBjmEYB6T+fg/itVF9q63XxLmyLCv5pnIT4gnAHxsOYtOOvSiwW3So1p
6QQOPNWdOstRJmWLvpw4row=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org