Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/nsbWIfWcES7pjRZjf92rkFCMsOg.roa
File: nsbWIfWcES7pjRZjf92rkFCMsOg.roa (raw, json)
Hash identifier: idtMHBmbw96CprVPdS3lqiU72jdo1V1iE976K/ewY1I=
Subject key identifier: 9E:C6:D6:21:F5:9C:11:2E:E9:8D:16:63:7F:DD:AB:90:50:8C:B0:E8
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 434E
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/nsbWIfWcES7pjRZjf92rkFCMsOg.roa
Signing time: Thu 17 Feb 2022 00:30:05 +0000
ROA not before: Thu 17 Feb 2022 00:30:05 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 45.132.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17230 (0x434e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 17 00:30:05 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=9EC6D621F59C112EE98D16637FDDAB90508CB0E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:82:80:28:e5:9d:3c:71:6f:f9:a4:0e:87:b5:
e1:64:2e:11:7b:bf:28:61:e8:d1:86:da:a8:1f:71:
32:7d:6e:7c:a7:cf:30:86:c0:fa:7b:91:af:d8:20:
8e:03:d0:7a:96:af:85:16:ed:9b:24:95:89:d0:c2:
40:61:c2:50:f8:45:f2:25:9e:e4:68:61:c7:4f:b3:
95:ca:5c:74:f2:2c:5c:f2:0f:82:99:0e:46:7d:f2:
93:de:9a:9b:d9:c4:cd:f6:4c:49:92:51:41:64:ac:
6f:c0:61:66:15:f7:0c:d7:12:af:e1:79:86:a5:0c:
9e:7a:a0:35:ee:14:01:b3:b2:25:b8:8c:fe:f1:c6:
fd:a2:01:11:7e:3b:65:40:b6:ec:e2:1b:93:48:38:
69:85:d1:e9:c1:31:1f:cb:fd:b5:54:27:da:79:03:
a4:81:d8:19:24:87:c9:f5:c2:98:ec:cc:ef:42:6a:
7d:f8:72:6e:d1:4d:6d:ca:a6:4b:67:79:b0:2e:bd:
21:30:8c:57:c2:cf:75:16:14:31:d9:df:3f:d3:5b:
91:a5:c8:86:15:c3:95:3f:ff:99:56:77:e1:94:45:
88:75:e2:04:38:c5:c4:5a:34:8c:f2:d7:06:0a:94:
34:51:67:cf:f7:ca:99:b2:58:03:9b:2f:5b:43:a9:
85:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C6:D6:21:F5:9C:11:2E:E9:8D:16:63:7F:DD:AB:90:50:8C:B0:E8
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/nsbWIfWcES7pjRZjf92rkFCMsOg.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.191.0/24
Signature Algorithm: sha256WithRSAEncryption
13:7b:2d:86:2e:68:f3:fb:66:42:00:7f:25:c9:5a:c3:e4:cc:
bf:31:5d:46:2b:7b:33:df:bb:1f:8a:9d:c7:15:d7:5b:3d:09:
b9:2e:57:0e:0b:56:3e:3c:64:0b:f1:49:24:3b:e4:fc:59:81:
49:68:b7:ce:cb:ee:14:b9:4c:42:24:ad:4f:04:b6:2a:81:c0:
a8:e0:aa:51:76:86:09:60:41:3a:60:e6:4c:ee:b9:b1:23:a0:
89:f5:f0:c4:d3:af:d3:c8:7e:17:30:39:7e:e7:59:5a:d5:26:
b0:6a:f3:cc:07:e2:59:3f:a1:3b:1a:49:68:46:db:77:82:a7:
1b:64:4c:9b:16:cf:64:9f:a2:07:16:25:e6:3d:eb:04:f9:9b:
4a:cf:f3:dc:55:ef:fe:30:4e:61:92:5a:8d:13:28:c9:ab:82:
6f:a6:0d:c6:20:75:60:2a:35:e6:ba:1b:83:d7:5d:af:84:88:
0f:02:f8:f2:0c:41:cf:92:fc:cc:6e:d0:0d:1a:24:eb:40:26:
bb:cd:2f:48:c7:fa:61:4b:33:0f:13:e9:d6:b8:72:56:e6:72:
d4:d5:c5:b1:a3:85:c9:4c:2f:92:42:82:85:e5:fc:f1:bf:30:
33:59:da:db:1c:5f:8f:26:4d:dd:ee:29:1b:6d:c6:ee:97:9d:
22:23:75:41
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ04wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTcw
MDMwMDVaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDlFQzZENjIxRjU5QzEx
MkVFOThEMTY2MzdGRERBQjkwNTA4Q0IwRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrgoAo5Z08cW/5pA6HteFkLhF7vyhh6NGG2qgfcTJ9bnynzzCG
wPp7ka/YII4D0HqWr4UW7ZsklYnQwkBhwlD4RfIlnuRoYcdPs5XKXHTyLFzyD4KZ
DkZ98pPempvZxM32TEmSUUFkrG/AYWYV9wzXEq/heYalDJ56oDXuFAGzsiW4jP7x
xv2iARF+O2VAtuziG5NIOGmF0enBMR/L/bVUJ9p5A6SB2Bkkh8n1wpjszO9Can34
cm7RTW3KpktnebAuvSEwjFfCz3UWFDHZ3z/TW5GlyIYVw5U//5lWd+GURYh14gQ4
xcRaNIzy1wYKlDRRZ8/3ypmyWAObL1tDqYVbAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUnsbWIfWcES7pjRZjf92rkFCMsOgwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9uc2JXSWZXY0VTN3BqUlpqZjkycmtGQ01zT2cucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL8wDQYJKoZIhvcNAQELBQADggEB
ABN7LYYuaPP7ZkIAfyXJWsPkzL8xXUYrezPfux+KnccV11s9CbkuVw4LVj48ZAvx
SSQ75PxZgUlot87L7hS5TEIkrU8EtiqBwKjgqlF2hglgQTpg5kzuubEjoIn18MTT
r9PIfhcwOX7nWVrVJrBq88wH4lk/oTsaSWhG23eCpxtkTJsWz2SfogcWJeY96wT5
m0rP89xV7/4wTmGSWo0TKMmrgm+mDcYgdWAqNea6G4PXXa+EiA8C+PIMQc+S/Mxu
0A0aJOtAJrvNL0jH+mFLMw8T6da4clbmctTVxbGjhclML5JCgoXl/PG/MDNZ2tsc
X48mTd3uKRttxu6XnSIjdUE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org