Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/q56hoiVn1qbs-k7BzC5E729-BdQ.roa
File: q56hoiVn1qbs-k7BzC5E729-BdQ.roa (raw, json)
Hash identifier: lH3nSUZxRzUTozzkJWDL5ZRuXCa2VudzJvisdltUNy0=
Subject key identifier: AB:9E:A1:A2:25:67:D6:A6:EC:FA:4E:C1:CC:2E:44:EF:6F:7E:05:D4
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4896
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/q56hoiVn1qbs-k7BzC5E729-BdQ.roa
Signing time: Wed 25 May 2022 00:30:07 +0000
ROA not before: Wed 25 May 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 45.132.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18582 (0x4896)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 25 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=AB9EA1A22567D6A6ECFA4EC1CC2E44EF6F7E05D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:71:5f:8f:d3:df:8a:89:8f:12:f5:4b:82:04:
c5:d0:2e:9b:06:d7:75:dd:99:81:45:71:ec:d2:bc:
49:4b:1a:4f:8e:1d:27:30:a3:a6:e5:2b:53:e2:8e:
ef:91:02:16:7d:09:4b:8e:c9:c0:9a:e4:37:5e:3b:
95:81:75:f4:30:d7:4f:aa:f8:d1:33:05:24:54:3c:
f8:7d:6a:45:47:76:62:72:96:f7:37:c7:14:7b:ab:
29:a1:5f:d1:cf:20:c8:28:14:e1:f9:ef:fb:67:c5:
2a:5c:81:19:a5:5d:47:d5:37:32:36:87:ac:70:c5:
ff:e6:39:99:31:7d:1f:6f:db:9f:49:bf:86:af:d6:
cb:78:c0:4e:95:6b:08:73:be:09:2b:80:c0:f9:9e:
1d:d0:02:3e:36:12:1d:b4:67:a7:fd:8e:73:8c:fb:
fb:05:ae:bb:0a:87:88:12:e2:ed:05:76:cd:dd:8e:
bc:b5:f7:76:b0:85:eb:f7:ba:5d:02:bf:f1:9d:3c:
86:6f:0a:98:2a:11:57:77:8b:a7:17:14:dd:2e:56:
17:a5:15:0b:f3:ee:fc:86:44:62:2c:9a:16:e3:d8:
f3:31:d9:02:18:72:64:7a:7d:c8:22:57:06:7f:ed:
54:a0:85:45:6a:79:b4:55:25:3a:ff:65:26:85:49:
43:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:9E:A1:A2:25:67:D6:A6:EC:FA:4E:C1:CC:2E:44:EF:6F:7E:05:D4
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/q56hoiVn1qbs-k7BzC5E729-BdQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.191.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:4f:60:a3:d0:e5:1e:9a:3d:e3:89:73:05:7c:32:15:73:b7:
28:62:41:57:c0:41:31:6a:6d:49:b9:d5:74:20:cf:1e:2d:ac:
98:0c:b8:70:58:f5:27:19:78:f4:8f:e7:03:b3:e1:86:ea:7e:
32:c4:be:17:4a:2e:a9:3c:d5:ca:b0:9b:ab:5d:78:ac:a6:ce:
60:11:1f:49:45:c6:b5:84:57:93:00:54:40:e7:17:51:29:83:
82:a2:78:16:bb:f8:14:e0:7c:2a:24:b1:26:a7:97:73:ba:b7:
e4:c8:40:7d:3e:dc:86:48:3e:b3:e6:47:be:b4:a9:05:17:c9:
61:a3:27:91:42:e9:bc:ab:5a:29:04:4c:45:15:52:85:69:55:
a0:89:67:64:18:f3:91:30:a4:c5:d2:6f:9b:76:cd:99:28:e0:
90:b1:66:b7:cb:1a:c4:56:5a:ca:68:08:d7:82:97:4c:30:99:
ce:06:30:a0:27:a8:e9:06:1f:4a:73:3c:ea:68:59:29:80:77:
35:28:71:9e:b2:1c:89:bc:24:34:dd:4b:a6:67:e0:1c:79:c9:
b6:ce:5e:f2:d8:d1:d6:a1:3f:5e:4c:35:7f:5e:3c:e2:2a:5b:
b6:fd:9d:65:fa:91:53:15:5f:34:3d:5f:4b:c9:eb:6e:07:92:
66:2a:b6:7f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSJYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MjUw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEFCOUVBMUEyMjU2N0Q2
QTZFQ0ZBNEVDMUNDMkU0NEVGNkY3RTA1RDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtcV+P09+KiY8S9UuCBMXQLpsG13XdmYFFcezSvElLGk+OHScw
o6blK1Piju+RAhZ9CUuOycCa5DdeO5WBdfQw10+q+NEzBSRUPPh9akVHdmJylvc3
xxR7qymhX9HPIMgoFOH57/tnxSpcgRmlXUfVNzI2h6xwxf/mOZkxfR9v259Jv4av
1st4wE6VawhzvgkrgMD5nh3QAj42Eh20Z6f9jnOM+/sFrrsKh4gS4u0Fds3djry1
93awhev3ul0Cv/GdPIZvCpgqEVd3i6cXFN0uVhelFQvz7vyGRGIsmhbj2PMx2QIY
cmR6fcgiVwZ/7VSghUVqebRVJTr/ZSaFSUMvAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUq56hoiVn1qbs+k7BzC5E729+BdQwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9xNTZob2lWbjFxYnMtazdCekM1RTcyOS1CZFEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL8wDQYJKoZIhvcNAQELBQADggEB
AFpPYKPQ5R6aPeOJcwV8MhVztyhiQVfAQTFqbUm51XQgzx4trJgMuHBY9ScZePSP
5wOz4YbqfjLEvhdKLqk81cqwm6tdeKymzmARH0lFxrWEV5MAVEDnF1Epg4KieBa7
+BTgfCoksSanl3O6t+TIQH0+3IZIPrPmR760qQUXyWGjJ5FC6byrWikETEUVUoVp
VaCJZ2QY85EwpMXSb5t2zZko4JCxZrfLGsRWWspoCNeCl0wwmc4GMKAnqOkGH0pz
POpoWSmAdzUocZ6yHIm8JDTdS6Zn4Bx5ybbOXvLY0dahP15MNX9ePOIqW7b9nWX6
kVMVXzQ9X0vJ624HkmYqtn8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org