Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/xKSmJHwb568v5oAdLP32fpwwn3o.roa
File: xKSmJHwb568v5oAdLP32fpwwn3o.roa (raw, json)
Hash identifier: KLeuudSEwcaUtnBYtxqQy1aOao8VbrHVj+ydF1BK/QU=
Subject key identifier: C4:A4:A6:24:7C:1B:E7:AF:2F:E6:80:1D:2C:FD:F6:7E:9C:30:9F:7A
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4531
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/xKSmJHwb568v5oAdLP32fpwwn3o.roa
Signing time: Thu 24 Mar 2022 00:30:05 +0000
ROA not before: Thu 24 Mar 2022 00:30:05 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 45.132.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17713 (0x4531)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 24 00:30:05 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=C4A4A6247C1BE7AF2FE6801D2CFDF67E9C309F7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c7:c9:0c:cf:f9:c9:02:83:1c:d9:2e:15:2c:
90:60:a8:1b:16:81:fb:91:de:97:a0:b8:c6:19:df:
ee:c8:2b:02:2b:80:83:5a:95:e5:03:02:5f:fd:f0:
85:d4:cc:3d:eb:5d:24:07:c6:0a:e3:c0:f7:67:c5:
d1:02:36:7b:92:70:3d:d8:2d:54:0b:2e:03:85:4c:
00:5a:4f:c3:1f:6e:6d:aa:0a:da:9e:99:b2:65:fb:
00:f6:b4:e0:db:32:40:69:01:13:c6:62:e5:70:d8:
1f:c1:f9:0d:1c:e1:87:c1:ac:33:73:84:2f:aa:a6:
8c:61:2d:b7:2a:b9:5a:ec:56:bf:0d:22:5c:f2:f0:
0e:ea:ba:9b:2b:d5:96:ee:2f:e8:f8:e0:db:68:31:
0f:0c:b3:57:2d:f7:56:ad:64:52:c6:9a:f1:fd:cd:
57:dc:62:d8:f7:4a:40:16:87:2d:53:b5:3a:9a:f0:
16:da:8f:7c:a7:fc:aa:81:c9:31:52:80:8d:22:d3:
63:72:ef:60:18:0c:32:88:03:51:78:18:99:9d:e5:
19:53:02:c4:fc:71:68:15:68:42:13:02:99:9f:6e:
67:83:87:f8:f6:12:d5:95:70:89:76:a6:18:29:3a:
4d:28:6c:68:41:1c:d9:8d:c6:5a:4e:94:48:14:43:
22:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A4:A6:24:7C:1B:E7:AF:2F:E6:80:1D:2C:FD:F6:7E:9C:30:9F:7A
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/xKSmJHwb568v5oAdLP32fpwwn3o.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.191.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:85:0b:a9:4a:76:14:58:55:ca:fd:79:b0:97:b3:fa:08:e9:
bf:e0:7b:97:0e:d5:47:e0:5b:82:6d:28:9d:99:3d:6c:78:0a:
ff:6b:e6:bc:52:a8:fe:e2:75:fd:8e:62:85:1c:43:2c:c8:70:
e5:dc:8c:81:8e:60:13:bb:9b:a9:49:df:2e:a5:a8:07:0e:73:
c0:78:76:73:87:e8:0a:6f:54:b7:6a:25:4a:e2:d5:12:37:3f:
56:02:7a:8f:f8:34:d4:07:b7:c1:27:25:0d:38:bc:82:72:65:
75:e6:fe:84:b8:ec:f5:b2:ee:39:3b:78:91:87:6b:b1:c1:e4:
54:32:26:f5:9b:69:7e:4b:05:04:30:1f:19:f4:c1:06:4e:84:
32:90:eb:37:a5:87:aa:6e:83:22:67:ea:62:0a:af:e7:3b:95:
96:b6:bd:4b:6e:44:0c:4d:4d:bc:7c:46:21:1a:c3:4d:9e:87:
a8:2e:0f:df:05:33:09:5c:6e:55:2d:88:78:5f:97:56:32:38:
f8:83:67:6a:30:93:c9:b0:2c:27:94:d2:05:11:32:17:8e:8f:
e9:54:10:14:7d:e4:9b:15:6b:c3:fb:1c:e1:4e:69:74:76:6d:
a2:65:71:f3:24:2c:bf:ed:d9:09:15:8a:f4:e1:7f:2c:b4:ce:
15:4b:b1:8a
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRTEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjQw
MDMwMDVaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEM0QTRBNjI0N0MxQkU3
QUYyRkU2ODAxRDJDRkRGNjdFOUMzMDlGN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwx8kMz/nJAoMc2S4VLJBgqBsWgfuR3peguMYZ3+7IKwIrgINa
leUDAl/98IXUzD3rXSQHxgrjwPdnxdECNnuScD3YLVQLLgOFTABaT8Mfbm2qCtqe
mbJl+wD2tODbMkBpARPGYuVw2B/B+Q0c4YfBrDNzhC+qpoxhLbcquVrsVr8NIlzy
8A7qupsr1ZbuL+j44NtoMQ8Ms1ct91atZFLGmvH9zVfcYtj3SkAWhy1TtTqa8Bba
j3yn/KqByTFSgI0i02Ny72AYDDKIA1F4GJmd5RlTAsT8cWgVaEITApmfbmeDh/j2
EtWVcIl2phgpOk0obGhBHNmNxlpOlEgUQyLrAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUxKSmJHwb568v5oAdLP32fpwwn3owHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS94S1NtSkh3YjU2OHY1b0FkTFAzMmZwd3duM28ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL8wDQYJKoZIhvcNAQELBQADggEB
ALmFC6lKdhRYVcr9ebCXs/oI6b/ge5cO1UfgW4JtKJ2ZPWx4Cv9r5rxSqP7idf2O
YoUcQyzIcOXcjIGOYBO7m6lJ3y6lqAcOc8B4dnOH6ApvVLdqJUri1RI3P1YCeo/4
NNQHt8EnJQ04vIJyZXXm/oS47PWy7jk7eJGHa7HB5FQyJvWbaX5LBQQwHxn0wQZO
hDKQ6zelh6pugyJn6mIKr+c7lZa2vUtuRAxNTbx8RiEaw02eh6guD98FMwlcblUt
iHhfl1YyOPiDZ2owk8mwLCeU0gURMheOj+lUEBR95JsVa8P7HOFOaXR2baJlcfMk
LL/t2QkVivThfyy0zhVLsYo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org