Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/tfvOwwJco2nLS1YhnHPvAZzkct8.roa
File: tfvOwwJco2nLS1YhnHPvAZzkct8.roa (raw, json)
Hash identifier: JU2Efk9IckDdIBs4jMuVbQNicyblshqWaF5Ij3pJnvs=
Subject key identifier: B5:FB:CE:C3:02:5C:A3:69:CB:4B:56:21:9C:73:EF:01:9C:E4:72:DF
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43F6
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/tfvOwwJco2nLS1YhnHPvAZzkct8.roa
Signing time: Tue 01 Mar 2022 00:30:10 +0000
ROA not before: Tue 01 Mar 2022 00:30:10 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17398 (0x43f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 1 00:30:10 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=B5FBCEC3025CA369CB4B56219C73EF019CE472DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6b:0b:f9:aa:05:17:e4:87:4d:c5:ca:5b:33:
21:90:bd:28:a2:c7:02:43:a8:23:25:1b:7a:be:d3:
29:60:9d:41:93:5f:86:f0:d2:e9:58:9c:34:0b:e5:
68:f3:dd:e0:07:85:a3:40:30:f8:5d:44:6b:39:fc:
d1:0e:10:c1:95:cd:d2:00:f4:f6:44:57:9a:b6:25:
a3:82:8b:8d:67:c7:71:8f:66:0d:2b:58:30:60:b0:
d5:bf:98:04:09:e7:c3:2e:c9:ec:04:42:81:d5:84:
15:c9:c9:d5:74:40:13:80:cc:ba:74:60:94:e1:7d:
fc:dc:27:3a:75:c0:c9:fa:e9:af:03:dc:83:b7:63:
4d:9a:8f:eb:ef:6d:a1:28:c8:42:02:ad:0f:0b:66:
4f:21:12:2b:70:a6:a0:60:23:d5:f9:a6:65:f3:12:
48:36:f4:73:e8:a6:60:86:8e:9b:be:24:68:79:51:
f5:d8:29:a3:71:15:4f:ec:61:83:ee:bb:1b:ac:f2:
87:29:45:62:92:5b:2b:a5:f2:23:41:ea:e0:9a:db:
93:2a:eb:71:42:f2:1b:17:0e:a6:ad:36:4f:69:32:
29:30:a0:6a:e5:f6:a1:16:bb:47:b0:c0:9d:b2:4d:
a9:99:3d:05:49:d8:8f:60:a3:43:79:f7:28:3a:41:
78:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:FB:CE:C3:02:5C:A3:69:CB:4B:56:21:9C:73:EF:01:9C:E4:72:DF
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/tfvOwwJco2nLS1YhnHPvAZzkct8.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
34:77:31:b9:c3:0f:e9:b5:d9:5a:65:cb:9c:a9:a7:fb:40:90:
4f:90:a3:65:86:9a:1f:0f:18:bb:63:60:9a:33:62:2f:70:23:
37:2c:a5:78:de:0d:ba:a0:d6:a5:18:8b:19:b5:03:e6:9a:25:
d6:ab:97:79:59:b3:4f:2c:1d:ed:44:bc:70:a8:ea:a5:3c:8b:
f9:8b:e4:86:95:7a:6b:5e:53:ac:88:4c:f0:c8:46:59:47:97:
81:b6:2c:aa:55:c6:ba:11:50:c7:28:25:71:14:c0:19:f3:c0:
79:21:6c:d6:b2:c2:9e:f7:c7:f4:d3:23:1c:0d:14:c7:67:3e:
76:a2:5d:79:43:40:85:71:02:e3:3a:1d:14:77:d2:55:cb:99:
3b:0f:89:f2:58:bd:a3:77:88:fc:04:91:78:60:51:d3:9a:d4:
7b:03:dc:e6:da:47:de:4f:cb:63:9f:e7:95:31:62:12:ff:fe:
57:63:ba:e3:0d:e9:37:e1:f0:b5:91:e6:e7:0b:51:de:27:68:
84:03:f2:b9:59:6a:dd:9f:7f:70:b5:51:93:58:01:b0:0a:07:
27:6c:68:41:5d:2d:97:51:87:4b:86:fb:5c:a3:76:83:c2:c6:
ae:ae:c9:3b:62:48:88:f5:f8:3f:db:43:08:7d:39:b4:d5:3b:
45:64:4a:c1
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ/YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDEw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEI1RkJDRUMzMDI1Q0Ez
NjlDQjRCNTYyMTlDNzNFRjAxOUNFNDcyREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHawv5qgUX5IdNxcpbMyGQvSiixwJDqCMlG3q+0ylgnUGTX4bw
0ulYnDQL5Wjz3eAHhaNAMPhdRGs5/NEOEMGVzdIA9PZEV5q2JaOCi41nx3GPZg0r
WDBgsNW/mAQJ58MuyewEQoHVhBXJydV0QBOAzLp0YJThffzcJzp1wMn66a8D3IO3
Y02aj+vvbaEoyEICrQ8LZk8hEitwpqBgI9X5pmXzEkg29HPopmCGjpu+JGh5UfXY
KaNxFU/sYYPuuxus8ocpRWKSWyul8iNB6uCa25Mq63FC8hsXDqatNk9pMikwoGrl
9qEWu0ewwJ2yTamZPQVJ2I9go0N59yg6QXi/AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUtfvOwwJco2nLS1YhnHPvAZzkct8wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS90ZnZPd3dKY28ybkxTMVlobkhQdkFaemtjdDgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
ADR3MbnDD+m12Vply5ypp/tAkE+Qo2WGmh8PGLtjYJozYi9wIzcspXjeDbqg1qUY
ixm1A+aaJdarl3lZs08sHe1EvHCo6qU8i/mL5IaVemteU6yITPDIRllHl4G2LKpV
xroRUMcoJXEUwBnzwHkhbNaywp73x/TTIxwNFMdnPnaiXXlDQIVxAuM6HRR30lXL
mTsPifJYvaN3iPwEkXhgUdOa1HsD3ObaR95Py2Of55UxYhL//ldjuuMN6Tfh8LWR
5ucLUd4naIQD8rlZat2ff3C1UZNYAbAKBydsaEFdLZdRh0uG+1yjdoPCxq6uyTti
SIj1+D/bQwh9ObTVO0VkSsE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org