Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/qKbnmu1FIE8K1WJXhDJoGTPkJro.roa
File: qKbnmu1FIE8K1WJXhDJoGTPkJro.roa (raw, json)
Hash identifier: 2vEKQDvxRAX7ldE0qvuSra8oSC8Y8P+RgJ99uVwzjBY=
Subject key identifier: A8:A6:E7:9A:ED:45:20:4F:0A:D5:62:57:84:32:68:19:33:E4:26:BA
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 485E
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/qKbnmu1FIE8K1WJXhDJoGTPkJro.roa
Signing time: Sat 21 May 2022 00:30:06 +0000
ROA not before: Sat 21 May 2022 00:30:06 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 45.132.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18526 (0x485e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 21 00:30:06 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=A8A6E79AED45204F0AD562578432681933E426BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:31:60:69:05:b4:38:4c:ff:60:d5:29:0f:c7:
07:bf:2b:62:18:0e:53:57:6a:37:00:aa:ff:ed:f6:
f4:be:bf:c9:23:8c:e7:74:13:5e:ee:e8:35:d0:0c:
5f:66:5b:0d:e5:b5:5b:73:13:f5:d8:b4:aa:65:68:
1f:6d:dc:26:69:59:5c:6d:6b:22:b7:51:67:94:9b:
7f:26:94:a7:12:bc:c3:4e:c3:ea:1e:e6:cf:e8:98:
07:a1:a6:c6:fd:e4:b1:0c:74:07:d4:52:c2:d8:5d:
2b:b8:22:8d:b2:50:64:1a:bc:4b:54:79:de:71:0b:
94:44:53:aa:69:b8:79:86:da:b7:0f:d5:b6:f3:50:
3b:3c:57:f4:0a:14:c9:70:15:de:3b:bf:7d:01:21:
54:38:a6:4b:85:3d:e6:90:4a:7f:ad:c8:05:14:c7:
7a:24:98:34:98:a9:14:93:7a:e8:c1:5e:58:93:cc:
9a:a2:4d:a3:fc:bd:ac:cc:c2:41:d7:d6:7d:40:98:
6f:d0:d0:f1:3d:36:56:ec:f3:ba:a4:7e:49:f3:cf:
73:17:31:df:23:52:f8:0a:10:1e:b2:4d:28:c8:b1:
57:4e:f8:1b:95:ea:11:f7:16:bf:32:cd:76:95:18:
00:ca:f8:6a:f4:ce:bf:75:f5:ec:e3:d7:a5:22:25:
d1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A6:E7:9A:ED:45:20:4F:0A:D5:62:57:84:32:68:19:33:E4:26:BA
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/qKbnmu1FIE8K1WJXhDJoGTPkJro.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.191.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:ff:2d:a4:2e:a6:c6:80:fe:35:28:59:95:d5:44:5b:57:77:
f2:8e:c2:2e:7f:0e:25:49:d1:da:68:a9:df:b4:08:69:61:c4:
57:cc:7d:e9:06:06:e2:71:f5:9d:1d:7a:de:5a:05:a1:6b:72:
06:e4:56:f7:c2:96:3b:37:1b:b6:e1:38:bf:9b:d3:0d:20:22:
72:80:2e:da:b3:f7:ac:89:97:71:fd:7d:ad:55:92:e3:20:90:
8d:38:ab:6e:f1:d0:3c:e7:b4:77:19:1a:06:8c:f6:95:8d:2f:
77:b9:95:9d:dd:26:e0:1f:3a:e2:39:10:04:d5:67:f5:ad:da:
cd:49:76:32:81:4d:49:b4:e5:cb:49:1e:bb:1b:50:22:f3:9a:
a3:a1:2c:69:55:92:bb:57:a6:b8:87:84:a5:40:4c:7d:cb:30:
08:f8:87:ee:c9:d2:17:cd:4e:32:f6:d5:c6:86:8d:27:d9:0d:
fb:5c:37:d0:e2:ca:e3:56:48:b9:47:af:e8:1d:01:74:b9:2c:
59:0b:7a:17:34:04:f7:04:7b:b3:6b:75:0e:f9:f9:4e:71:38:
69:b2:fa:c8:c6:79:2c:a5:ec:6c:af:21:9f:3f:a9:7e:05:39:
ff:d9:49:f3:d1:8d:0a:67:e1:34:01:00:2e:43:4b:d0:b9:c1:
6b:b1:26:91
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MjEw
MDMwMDZaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEE4QTZFNzlBRUQ0NTIw
NEYwQUQ1NjI1Nzg0MzI2ODE5MzNFNDI2QkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXMWBpBbQ4TP9g1SkPxwe/K2IYDlNXajcAqv/t9vS+v8kjjOd0
E17u6DXQDF9mWw3ltVtzE/XYtKplaB9t3CZpWVxtayK3UWeUm38mlKcSvMNOw+oe
5s/omAehpsb95LEMdAfUUsLYXSu4Io2yUGQavEtUed5xC5REU6ppuHmG2rcP1bbz
UDs8V/QKFMlwFd47v30BIVQ4pkuFPeaQSn+tyAUUx3okmDSYqRSTeujBXliTzJqi
TaP8vazMwkHX1n1AmG/Q0PE9Nlbs87qkfknzz3MXMd8jUvgKEB6yTSjIsVdO+BuV
6hH3Fr8yzXaVGADK+Gr0zr919ezj16UiJdHrAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUqKbnmu1FIE8K1WJXhDJoGTPkJrowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9xS2JubXUxRklFOEsxV0pYaERKb0dUUGtKcm8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL8wDQYJKoZIhvcNAQELBQADggEB
ALz/LaQupsaA/jUoWZXVRFtXd/KOwi5/DiVJ0dpoqd+0CGlhxFfMfekGBuJx9Z0d
et5aBaFrcgbkVvfCljs3G7bhOL+b0w0gInKALtqz96yJl3H9fa1VkuMgkI04q27x
0DzntHcZGgaM9pWNL3e5lZ3dJuAfOuI5EATVZ/Wt2s1JdjKBTUm05ctJHrsbUCLz
mqOhLGlVkrtXpriHhKVATH3LMAj4h+7J0hfNTjL21caGjSfZDftcN9DiyuNWSLlH
r+gdAXS5LFkLehc0BPcEe7NrdQ75+U5xOGmy+sjGeSyl7GyvIZ8/qX4FOf/ZSfPR
jQpn4TQBAC5DS9C5wWuxJpE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org