Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/pX-2BlTEoYmw7MEBXmF7yKxhWLE.roa
File: pX-2BlTEoYmw7MEBXmF7yKxhWLE.roa (raw, json)
Hash identifier: 1adLGWNYGaKCC4zy2ua5niA6FsWzfmrGi02zCxYFm3k=
Subject key identifier: A5:7F:B6:06:54:C4:A1:89:B0:EC:C1:01:5E:61:7B:C8:AC:61:58:B1
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 491E
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/pX-2BlTEoYmw7MEBXmF7yKxhWLE.roa
Signing time: Thu 02 Jun 2022 00:30:10 +0000
ROA not before: Thu 02 Jun 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 45.132.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18718 (0x491e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 2 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=A57FB60654C4A189B0ECC1015E617BC8AC6158B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b6:4e:59:13:93:38:3f:b3:a7:1a:e9:e0:4c:
d3:8f:cb:e0:f7:01:c3:bd:7f:cd:40:5b:a5:75:18:
79:f9:f7:b2:f1:4d:bf:16:79:62:bc:05:e1:95:a3:
71:2c:1e:28:e5:0e:02:48:3b:5f:bf:40:36:3f:9f:
e1:93:c0:c0:55:43:ab:cd:eb:54:47:98:da:f6:46:
96:20:cb:49:08:cf:2a:f5:7e:b4:32:3d:27:6f:de:
76:47:1c:95:e0:0d:13:3e:b8:c9:73:c1:b1:66:57:
1b:7d:97:f8:f3:f6:d7:a1:d6:2c:e7:7b:cb:8b:8c:
27:e4:f4:2f:7b:93:f0:46:13:9d:58:b1:d0:19:cf:
99:12:a9:8b:1b:c6:c7:8c:5a:ea:71:3f:d6:39:3f:
f8:c9:b4:9b:7b:0b:51:c8:2f:40:3f:97:6f:08:ea:
7c:2f:3f:d2:df:de:8c:4f:c0:6b:bf:ca:32:6c:06:
1d:73:fa:aa:f6:ec:53:ce:77:06:36:8d:c6:37:c7:
13:14:6e:5b:f5:2a:af:16:70:e7:c5:93:e8:46:0f:
5f:b9:10:8a:28:06:15:a2:a6:26:b6:fa:95:6e:96:
49:b8:d3:29:54:05:c7:1a:d9:e1:94:bd:88:f1:0c:
57:b2:ff:e9:27:0f:60:99:47:cf:b7:2f:5b:3c:ed:
78:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:7F:B6:06:54:C4:A1:89:B0:EC:C1:01:5E:61:7B:C8:AC:61:58:B1
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/pX-2BlTEoYmw7MEBXmF7yKxhWLE.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.188.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:92:79:8d:83:74:ff:1c:e4:de:ad:8a:84:4d:5a:af:0c:d3:
17:39:e0:27:a1:bd:8f:13:e1:0b:0b:d4:5e:fb:d0:b3:f6:4c:
65:0b:bc:89:4e:13:44:d5:62:a2:6f:59:19:68:bd:ba:e7:10:
31:74:4e:27:92:03:9e:04:00:f1:41:20:41:e5:21:d7:87:b0:
c8:bd:21:1d:9c:a4:cf:97:10:c3:61:a5:e3:0f:5e:43:4e:da:
d0:cf:e7:ad:cc:62:ac:ba:3b:4b:91:72:ad:e6:f4:16:48:ec:
48:ec:94:30:f7:06:1f:d8:6c:c1:66:ad:94:b7:16:52:d2:05:
c7:ef:6f:75:3a:84:1c:d9:c5:df:d3:58:bf:7d:88:88:b1:86:
00:e9:cf:3b:05:ac:8d:a9:66:94:a6:37:74:9e:0d:30:3e:52:
3a:23:10:ed:79:8b:c2:7b:a2:00:90:21:0b:83:7a:44:fe:40:
3d:35:c7:c0:6a:8b:f0:5e:ee:89:79:4f:cf:dd:79:4a:a8:28:
3f:8f:48:aa:91:a1:2c:dc:ba:0e:0d:f2:87:08:b8:bc:95:98:
7c:99:60:df:df:8c:27:7b:e8:14:89:76:36:d5:ab:ed:05:94:
5b:fb:91:8b:10:18:e5:31:45:62:b4:68:44:f0:dc:65:0d:74:
ef:80:a0:e4
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSR4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDIw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEE1N0ZCNjA2NTRDNEEx
ODlCMEVDQzEwMTVFNjE3QkM4QUM2MTU4QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZtk5ZE5M4P7OnGungTNOPy+D3AcO9f81AW6V1GHn597LxTb8W
eWK8BeGVo3EsHijlDgJIO1+/QDY/n+GTwMBVQ6vN61RHmNr2RpYgy0kIzyr1frQy
PSdv3nZHHJXgDRM+uMlzwbFmVxt9l/jz9teh1izne8uLjCfk9C97k/BGE51YsdAZ
z5kSqYsbxseMWupxP9Y5P/jJtJt7C1HIL0A/l28I6nwvP9Lf3oxPwGu/yjJsBh1z
+qr27FPOdwY2jcY3xxMUblv1Kq8WcOfFk+hGD1+5EIooBhWipia2+pVulkm40ylU
Bcca2eGUvYjxDFey/+knD2CZR8+3L1s87XjrAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUpX+2BlTEoYmw7MEBXmF7yKxhWLEwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9wWC0yQmxURW9ZbXc3TUVCWG1GN3lLeGhXTEUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthLwwDQYJKoZIhvcNAQELBQADggEB
AHqSeY2DdP8c5N6tioRNWq8M0xc54CehvY8T4QsL1F770LP2TGULvIlOE0TVYqJv
WRlovbrnEDF0TieSA54EAPFBIEHlIdeHsMi9IR2cpM+XEMNhpeMPXkNO2tDP563M
Yqy6O0uRcq3m9BZI7EjslDD3Bh/YbMFmrZS3FlLSBcfvb3U6hBzZxd/TWL99iIix
hgDpzzsFrI2pZpSmN3SeDTA+UjojEO15i8J7ogCQIQuDekT+QD01x8Bqi/Be7ol5
T8/deUqoKD+PSKqRoSzcug4N8ocIuLyVmHyZYN/fjCd76BSJdjbVq+0FlFv7kYsQ
GOUxRWK0aETw3GUNdO+AoOQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org