Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/OFuOppj1G0FQqOza07Zhn_QRM4c.roa
File: OFuOppj1G0FQqOza07Zhn_QRM4c.roa (raw, json)
Hash identifier: wfUNYYIOsy6WnBbp1PLFic5T8xFzZ+nsBGs0mQf1WPU=
Subject key identifier: 38:5B:8E:A6:98:F5:1B:41:50:A8:EC:DA:D3:B6:61:9F:F4:11:33:87
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 446E
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/OFuOppj1G0FQqOza07Zhn_QRM4c.roa
Signing time: Thu 10 Mar 2022 00:36:50 +0000
ROA not before: Thu 10 Mar 2022 00:36:50 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 45.132.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17518 (0x446e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 10 00:36:50 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=385B8EA698F51B4150A8ECDAD3B6619FF4113387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c8:a8:87:5c:8f:70:ad:59:03:3a:e9:a9:5c:
e6:a8:42:e6:65:03:70:be:6f:ef:e9:15:47:de:84:
47:53:f7:7f:b1:7e:03:4a:39:b2:99:bc:9c:50:89:
84:9d:ba:3a:06:c5:f3:ed:eb:d1:e7:e4:0b:c4:ac:
a2:0c:58:ec:46:64:ee:ea:29:d2:85:bc:2c:2a:99:
cc:91:60:76:5f:d8:e6:48:e8:d6:c9:b7:f2:6e:1c:
ca:a3:e3:54:36:39:c2:e8:53:ca:6c:e3:8a:d9:68:
cc:a8:d0:0b:ff:45:04:e7:f5:1f:c0:d8:d0:a6:7d:
61:82:97:8b:e7:81:54:a4:bb:84:aa:83:59:cf:d2:
ae:4a:28:d7:05:20:fc:55:03:a3:78:a8:d3:c5:f4:
96:e0:dd:74:7a:07:c1:32:65:f0:b7:e7:27:a4:64:
8d:b7:47:4e:64:60:8a:9e:65:53:d5:d5:62:80:c4:
72:42:2f:bf:42:cb:14:04:c0:3a:57:5d:d5:23:db:
9e:8f:dc:e6:a0:57:98:20:94:35:7e:cb:c7:e8:e6:
6b:69:d3:d7:af:fb:4f:05:8a:c5:41:e4:88:06:cf:
42:1f:08:e3:13:fe:df:ac:2a:05:ae:06:53:bb:01:
53:76:33:b5:09:b6:43:d0:d2:66:d2:8d:a7:0f:22:
62:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:5B:8E:A6:98:F5:1B:41:50:A8:EC:DA:D3:B6:61:9F:F4:11:33:87
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/OFuOppj1G0FQqOza07Zhn_QRM4c.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.191.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:4c:8b:19:13:6d:41:7f:25:0a:de:5e:5b:e3:b3:84:41:d9:
b3:82:ee:3e:a2:5f:54:cc:af:e2:cd:06:91:4d:06:b6:e4:ca:
b1:ae:6e:cd:7a:3f:47:17:00:04:45:86:41:14:02:07:9d:a1:
e2:07:8b:27:98:cf:f1:45:d1:9f:5e:04:c4:c0:6e:67:22:7c:
c3:17:61:43:e2:58:72:a0:64:56:46:e2:07:72:fd:db:c1:a5:
92:5d:05:7a:16:87:21:3a:7c:63:c8:c9:b7:3f:7d:63:13:59:
16:d5:42:67:e9:81:7d:9f:3b:b2:9c:a3:5b:3e:dc:45:df:5c:
12:fe:9f:8e:69:08:d0:29:ea:f5:00:ed:43:01:8d:52:5c:8a:
67:d2:b2:84:4c:6a:7d:12:b4:08:bf:d8:f0:62:2c:fd:1b:a1:
a1:d9:59:5f:e9:db:e1:10:e0:ac:80:12:d9:36:99:49:0f:8b:
04:f7:ec:1d:9d:82:b6:8a:98:a4:ef:27:25:48:4a:a5:d7:f2:
ca:cf:81:2d:87:62:e6:ab:19:40:c2:90:93:11:56:f4:52:d5:
2f:d2:fd:19:d7:53:48:8f:3e:15:46:68:3e:fd:58:9b:c3:f3:
bc:9a:e5:e0:8d:0b:bf:0c:25:60:6a:f9:bf:68:04:b7:c7:02:
d8:58:b9:34
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRG4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTAw
MDM2NTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDM4NUI4RUE2OThGNTFC
NDE1MEE4RUNEQUQzQjY2MTlGRjQxMTMzODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCryKiHXI9wrVkDOumpXOaoQuZlA3C+b+/pFUfehEdT93+xfgNK
ObKZvJxQiYSdujoGxfPt69Hn5AvErKIMWOxGZO7qKdKFvCwqmcyRYHZf2OZI6NbJ
t/JuHMqj41Q2OcLoU8ps44rZaMyo0Av/RQTn9R/A2NCmfWGCl4vngVSku4Sqg1nP
0q5KKNcFIPxVA6N4qNPF9Jbg3XR6B8EyZfC35yekZI23R05kYIqeZVPV1WKAxHJC
L79CyxQEwDpXXdUj256P3OagV5gglDV+y8fo5mtp09ev+08FisVB5IgGz0IfCOMT
/t+sKgWuBlO7AVN2M7UJtkPQ0mbSjacPImLrAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUOFuOppj1G0FQqOza07Zhn/QRM4cwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9PRnVPcHBqMUcwRlFxT3phMDdaaG5fUVJNNGMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL8wDQYJKoZIhvcNAQELBQADggEB
AJ9MixkTbUF/JQreXlvjs4RB2bOC7j6iX1TMr+LNBpFNBrbkyrGubs16P0cXAARF
hkEUAgedoeIHiyeYz/FF0Z9eBMTAbmcifMMXYUPiWHKgZFZG4gdy/dvBpZJdBXoW
hyE6fGPIybc/fWMTWRbVQmfpgX2fO7Kco1s+3EXfXBL+n45pCNAp6vUA7UMBjVJc
imfSsoRMan0StAi/2PBiLP0boaHZWV/p2+EQ4KyAEtk2mUkPiwT37B2dgraKmKTv
JyVISqXX8srPgS2HYuarGUDCkJMRVvRS1S/S/RnXU0iPPhVGaD79WJvD87ya5eCN
C78MJWBq+b9oBLfHAthYuTQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org