Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/xTH7K7IwU8iX7GqHfc14I8nA5lQ.roa
File: xTH7K7IwU8iX7GqHfc14I8nA5lQ.roa (raw, json)
Hash identifier: qba1n7xVHVQGmn88Dcm0PcOmlF+a14l/DKNbCMkcVgk=
Subject key identifier: C5:31:FB:2B:B2:30:53:C8:97:EC:6A:87:7D:CD:78:23:C9:C0:E6:54
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 48F4
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/xTH7K7IwU8iX7GqHfc14I8nA5lQ.roa
Signing time: Tue 31 May 2022 00:30:12 +0000
ROA not before: Tue 31 May 2022 00:30:12 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 45.132.190.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18676 (0x48f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 31 00:30:12 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=C531FB2BB23053C897EC6A877DCD7823C9C0E654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f7:cb:14:06:15:85:33:84:d3:7a:38:a3:7a:
7b:5d:70:d7:24:81:86:a1:28:55:ef:4c:47:10:ed:
06:94:e6:68:3c:9d:45:a0:25:f5:13:51:3a:cb:fb:
1f:a2:bc:83:31:9d:81:c3:b5:9a:61:77:3b:15:b4:
bf:79:d0:6c:16:5f:b0:0e:80:63:8c:52:77:77:84:
bc:12:ac:38:00:90:13:10:2c:7d:cd:4e:e5:54:82:
fc:3a:60:0b:89:5e:c9:f5:8f:4b:bb:24:72:ee:1c:
87:ea:9e:14:97:a7:66:30:ba:c4:fa:fa:ff:7f:89:
ce:48:e2:7a:9b:5a:27:e1:c6:11:19:87:22:f8:1e:
3d:8a:cb:c4:c4:e9:cb:0a:79:51:b1:aa:a1:35:32:
eb:c4:7c:85:08:84:05:5b:f3:b2:0a:2f:92:9e:a8:
87:53:74:d5:03:7a:b6:86:52:d9:0f:1e:46:e2:1e:
c9:62:09:4e:d1:93:53:c9:7d:8c:d7:5e:a9:a6:c0:
c1:e4:25:9f:23:ef:ed:07:54:aa:37:49:ef:42:cc:
35:aa:98:b0:2e:0e:42:76:33:47:05:16:bc:4c:60:
bd:11:19:92:15:f3:05:aa:81:76:c0:88:db:d2:be:
02:68:05:d6:d7:32:62:45:be:71:97:55:cc:1d:56:
c5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:31:FB:2B:B2:30:53:C8:97:EC:6A:87:7D:CD:78:23:C9:C0:E6:54
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/xTH7K7IwU8iX7GqHfc14I8nA5lQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.190.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:55:30:e3:c1:a2:34:71:9d:d1:d1:31:75:74:2f:7a:b3:d0:
e6:e6:69:16:45:9d:a5:20:10:01:fd:c6:c5:fd:88:4f:38:23:
77:3b:62:e8:b2:19:30:bd:b1:ef:fc:4b:15:19:da:f5:32:3c:
c3:3d:da:a2:1d:f0:08:6f:dd:bf:64:05:ec:88:7a:9d:fb:2d:
11:28:27:e3:2e:6a:48:3a:78:b1:20:56:a8:95:fa:28:a0:f5:
fd:be:a2:d8:8b:d6:b3:eb:b8:05:38:c9:54:8c:3f:b9:ee:da:
66:89:66:c8:d3:41:9b:12:f1:68:42:a9:bf:71:b2:a2:1f:bd:
2e:1e:06:8a:f9:6a:62:72:96:79:fc:55:d6:a0:16:df:27:b2:
06:21:cf:b4:85:c4:9a:62:43:a4:11:83:8a:5f:24:09:5b:ac:
71:d6:cb:64:36:c1:af:4d:04:f3:c4:3b:d4:91:76:f3:cd:3d:
8f:aa:be:4d:64:d1:01:4d:0a:75:3f:42:c5:29:68:63:02:cb:
9e:20:ff:72:91:6c:e9:57:2e:a5:21:3e:58:f4:37:f0:3c:47:
7d:50:c9:26:f3:19:7a:30:1e:3f:c8:95:16:71:5d:25:13:38:
c1:13:1b:2b:bb:86:01:11:32:85:29:50:2a:f5:b4:13:40:09:
34:36:ba:ba
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSPQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MzEw
MDMwMTJaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEM1MzFGQjJCQjIzMDUz
Qzg5N0VDNkE4NzdEQ0Q3ODIzQzlDMEU2NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy98sUBhWFM4TTejijentdcNckgYahKFXvTEcQ7QaU5mg8nUWg
JfUTUTrL+x+ivIMxnYHDtZphdzsVtL950GwWX7AOgGOMUnd3hLwSrDgAkBMQLH3N
TuVUgvw6YAuJXsn1j0u7JHLuHIfqnhSXp2YwusT6+v9/ic5I4nqbWifhxhEZhyL4
Hj2Ky8TE6csKeVGxqqE1MuvEfIUIhAVb87IKL5KeqIdTdNUDeraGUtkPHkbiHsli
CU7Rk1PJfYzXXqmmwMHkJZ8j7+0HVKo3Se9CzDWqmLAuDkJ2M0cFFrxMYL0RGZIV
8wWqgXbAiNvSvgJoBdbXMmJFvnGXVcwdVsWvAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUxTH7K7IwU8iX7GqHfc14I8nA5lQwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS94VEg3SzdJd1U4aVg3R3FIZmMxNEk4bkE1bFEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL4wDQYJKoZIhvcNAQELBQADggEB
AL1VMOPBojRxndHRMXV0L3qz0ObmaRZFnaUgEAH9xsX9iE84I3c7YuiyGTC9se/8
SxUZ2vUyPMM92qId8Ahv3b9kBeyIep37LREoJ+Muakg6eLEgVqiV+iig9f2+otiL
1rPruAU4yVSMP7nu2maJZsjTQZsS8WhCqb9xsqIfvS4eBor5amJylnn8VdagFt8n
sgYhz7SFxJpiQ6QRg4pfJAlbrHHWy2Q2wa9NBPPEO9SRdvPNPY+qvk1k0QFNCnU/
QsUpaGMCy54g/3KRbOlXLqUhPlj0N/A8R31QySbzGXowHj/IlRZxXSUTOMETGyu7
hgERMoUpUCr1tBNACTQ2uro=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org