Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/oxWI9P57KPL-9IKBtojynIrGqEU.roa
File: oxWI9P57KPL-9IKBtojynIrGqEU.roa (raw, json)
Hash identifier: alT8dAgJz+pVlrZQCZTehFh1z4XAAaZlHShp/Gthowg=
Subject key identifier: A3:15:88:F4:FE:7B:28:F2:FE:F4:82:81:B6:88:F2:9C:8A:C6:A8:45
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44FD
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/oxWI9P57KPL-9IKBtojynIrGqEU.roa
Signing time: Sun 20 Mar 2022 00:30:21 +0000
ROA not before: Sun 20 Mar 2022 00:30:21 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17661 (0x44fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 20 00:30:21 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=A31588F4FE7B28F2FEF48281B688F29C8AC6A845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:15:f8:e7:92:dd:a1:ca:95:eb:bc:89:79:c9:
52:71:2c:c1:d8:d1:d5:12:c9:96:51:f0:02:eb:53:
cd:df:68:11:15:df:b3:3c:ec:e7:c4:fa:61:bf:95:
b2:d0:97:17:3d:95:0e:04:f7:85:32:89:b5:3a:d2:
d5:17:88:68:7c:53:86:13:70:b5:fb:4d:f7:10:7f:
44:1d:92:2b:c8:a5:4d:a3:c6:93:6b:c5:48:90:fe:
dc:31:4e:34:27:94:0e:08:d6:d2:e6:92:5d:c3:22:
fa:28:38:46:2b:a6:32:65:dc:d9:0e:30:7a:d0:12:
86:9d:b2:79:05:9c:be:80:a7:68:9c:9f:1f:22:8a:
d6:0f:ae:bb:dc:f0:4e:e1:57:e4:3c:97:9f:17:b2:
b0:2c:25:5b:31:2b:3f:3a:04:c3:ab:86:b6:f3:69:
f6:a7:e4:75:62:57:88:f7:e9:eb:7d:83:15:36:e6:
94:17:cc:7d:ed:3d:e0:53:25:00:9a:12:ce:fa:24:
72:ba:56:40:19:f3:41:99:cb:ff:45:07:1c:ff:1c:
84:44:6a:5d:ef:59:ee:25:ac:ea:64:b0:d6:86:a2:
37:12:20:5d:bb:28:85:55:da:3b:ba:34:0b:39:66:
66:8c:7e:64:8a:6a:c3:78:af:39:35:84:41:df:80:
f0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:15:88:F4:FE:7B:28:F2:FE:F4:82:81:B6:88:F2:9C:8A:C6:A8:45
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/oxWI9P57KPL-9IKBtojynIrGqEU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:6d:8c:5c:2f:e0:63:9d:a5:fa:c2:8d:1e:b8:01:7c:66:02:
a5:cb:59:c4:49:0a:0d:53:e3:f0:9c:ef:8c:f6:c1:94:e9:db:
c0:1b:d7:ff:d4:12:98:5c:4d:6c:72:16:66:aa:ef:bc:b8:af:
62:9f:53:70:4c:45:6d:2b:25:fa:80:7b:88:12:3e:b8:ff:6c:
24:13:12:6b:07:cb:e8:d3:26:a2:c0:cb:d8:73:19:c3:2c:45:
b6:7e:87:7f:cd:36:d3:c2:71:9c:04:29:90:9c:8e:6c:9c:1c:
79:26:f5:c9:0d:f1:6c:cb:55:79:4f:fa:b1:d1:b7:54:86:32:
f7:33:93:dc:d1:f3:59:82:d0:ad:20:ca:01:10:f6:a1:6c:41:
46:66:0d:3a:3a:c2:a6:14:f3:11:c4:23:6f:75:39:fc:a0:82:
a0:5d:0c:c8:ab:e4:40:f9:51:da:9e:b4:dc:cb:34:27:3d:93:
5b:3f:b0:b4:b8:f2:88:47:95:f8:29:bb:6e:ed:ac:df:64:ac:
30:44:dc:2e:06:96:fa:1d:a4:39:be:a2:a3:39:4c:a4:aa:08:
96:cb:a1:eb:7c:86:0f:77:86:22:aa:7a:9b:0f:9d:54:c5:bc:
6d:24:3a:5f:18:2c:5a:31:39:89:e4:eb:65:1c:61:15:0b:7a:
03:f9:38:f0
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjAw
MDMwMjFaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEEzMTU4OEY0RkU3QjI4
RjJGRUY0ODI4MUI2ODhGMjlDOEFDNkE4NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3Ffjnkt2hypXrvIl5yVJxLMHY0dUSyZZR8ALrU83faBEV37M8
7OfE+mG/lbLQlxc9lQ4E94UyibU60tUXiGh8U4YTcLX7TfcQf0QdkivIpU2jxpNr
xUiQ/twxTjQnlA4I1tLmkl3DIvooOEYrpjJl3NkOMHrQEoadsnkFnL6Ap2icnx8i
itYPrrvc8E7hV+Q8l58XsrAsJVsxKz86BMOrhrbzafan5HViV4j36et9gxU25pQX
zH3tPeBTJQCaEs76JHK6VkAZ80GZy/9FBxz/HIREal3vWe4lrOpksNaGojcSIF27
KIVV2ju6NAs5ZmaMfmSKasN4rzk1hEHfgPALAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUoxWI9P57KPL+9IKBtojynIrGqEUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9veFdJOVA1N0tQTC05SUtCdG9qeW5JckdxRVUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AIttjFwv4GOdpfrCjR64AXxmAqXLWcRJCg1T4/Cc74z2wZTp28Ab1//UEphcTWxy
Fmaq77y4r2KfU3BMRW0rJfqAe4gSPrj/bCQTEmsHy+jTJqLAy9hzGcMsRbZ+h3/N
NtPCcZwEKZCcjmycHHkm9ckN8WzLVXlP+rHRt1SGMvczk9zR81mC0K0gygEQ9qFs
QUZmDTo6wqYU8xHEI291OfyggqBdDMir5ED5UdqetNzLNCc9k1s/sLS48ohHlfgp
u27trN9krDBE3C4GlvodpDm+oqM5TKSqCJbLoet8hg93hiKqepsPnVTFvG0kOl8Y
LFoxOYnk62UcYRULegP5OPA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org