Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/zPVE5HFlI34E9GFRss0wQaOIu00.roa
File: zPVE5HFlI34E9GFRss0wQaOIu00.roa (raw, json)
Hash identifier: vfsgcIz7YYlcMzH+Fs8t8d2Ga8jXIvYYMvEAefffAjQ=
Subject key identifier: CC:F5:44:E4:71:65:23:7E:04:F4:61:51:B2:CD:30:41:A3:88:BB:4D
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 42C6
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/zPVE5HFlI34E9GFRss0wQaOIu00.roa
Signing time: Mon 07 Feb 2022 00:30:09 +0000
ROA not before: Mon 07 Feb 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17094 (0x42c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 7 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=CCF544E47165237E04F46151B2CD3041A388BB4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cb:aa:d0:56:a4:df:4a:de:50:0c:60:7c:8b:
30:3c:24:7e:3e:0e:52:90:ab:91:16:63:da:98:46:
0e:25:da:25:80:ee:92:52:9c:b5:f6:e5:da:de:eb:
ca:50:ab:68:cf:fc:48:73:90:87:c8:76:8a:8d:a1:
15:c7:86:db:00:ba:f9:5a:a4:52:eb:11:7d:08:47:
b1:fc:b0:45:88:d5:16:e5:b5:7d:cf:b1:9d:17:fd:
8f:f3:d9:a7:65:a7:a4:e8:c3:e3:33:57:6b:4c:98:
be:ca:a2:a4:91:a8:d0:f6:9c:5f:41:cd:29:12:f4:
d4:20:0c:5e:e5:ab:5c:b0:9f:4d:86:4b:e3:11:73:
b3:0b:88:12:21:2d:4d:4a:0f:8c:aa:e2:56:08:f4:
a5:85:2e:0b:09:67:f5:d3:15:a8:3a:4a:c9:be:55:
fd:bf:44:10:17:a3:6f:be:9b:9a:7f:dc:93:25:90:
16:84:5a:3d:4e:7f:c7:02:70:a0:8e:84:83:9c:82:
3f:54:3a:6d:7a:99:0f:e5:92:e6:d8:42:9e:e4:52:
5b:fb:5b:7e:8b:79:ad:28:c7:db:8a:8c:65:76:f0:
ef:2a:d8:de:02:70:33:54:86:85:bb:b5:32:3b:73:
ae:59:da:05:4f:00:05:f4:2a:b4:32:23:0e:60:6c:
b2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:F5:44:E4:71:65:23:7E:04:F4:61:51:B2:CD:30:41:A3:88:BB:4D
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/zPVE5HFlI34E9GFRss0wQaOIu00.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:13:2e:b6:2a:8b:63:6c:5a:b9:0c:45:c1:c9:9c:52:b5:86:
31:5f:1f:68:33:df:8b:09:26:bb:d4:bd:f9:06:d8:d9:af:a1:
d6:67:cd:14:32:b2:e9:e8:91:e0:ee:36:8c:98:6f:b9:f5:6e:
95:67:73:b5:7a:a7:49:a9:c8:d5:ec:55:c7:02:09:98:40:b9:
df:39:e5:cd:ce:e2:f3:dd:68:c0:cc:e0:5e:d4:d1:19:1a:9e:
11:d4:82:12:f8:3d:a0:ce:bd:56:78:30:dd:ef:c9:53:9d:b2:
b4:37:d2:66:91:cd:1f:a8:ea:31:4c:1f:0a:7a:3e:63:91:21:
89:e5:a8:95:be:9d:c6:a9:e8:fb:a4:62:c4:49:5e:e9:eb:42:
61:22:00:dd:4a:19:ed:af:b6:ea:2f:96:0b:26:1f:1c:61:51:
9d:26:5a:bc:87:01:88:e1:8f:83:66:2f:d5:a0:08:a7:7a:0f:
f7:28:c5:a2:d1:a3:62:3c:33:9b:e6:f1:01:de:75:ef:c1:a0:
0c:65:ab:16:b1:4e:a8:5c:cf:a8:fd:cb:10:f9:a6:88:b9:22:
57:5d:fc:bb:82:a4:59:7c:5c:65:a8:ed:cb:35:fa:8a:cc:ce:
32:4f:ca:ca:97:7f:69:b7:63:fa:6f:13:e6:72:03:b4:1f:99:
05:52:78:5b
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQsYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDcw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKENDRjU0NEU0NzE2NTIz
N0UwNEY0NjE1MUIyQ0QzMDQxQTM4OEJCNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCly6rQVqTfSt5QDGB8izA8JH4+DlKQq5EWY9qYRg4l2iWA7pJS
nLX25dre68pQq2jP/EhzkIfIdoqNoRXHhtsAuvlapFLrEX0IR7H8sEWI1RbltX3P
sZ0X/Y/z2adlp6Tow+MzV2tMmL7KoqSRqND2nF9BzSkS9NQgDF7lq1ywn02GS+MR
c7MLiBIhLU1KD4yq4lYI9KWFLgsJZ/XTFag6Ssm+Vf2/RBAXo2++m5p/3JMlkBaE
Wj1Of8cCcKCOhIOcgj9UOm16mQ/lkubYQp7kUlv7W36Lea0ox9uKjGV28O8q2N4C
cDNUhoW7tTI7c65Z2gVPAAX0KrQyIw5gbLLpAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUzPVE5HFlI34E9GFRss0wQaOIu00wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS96UFZFNUhGbEkzNEU5R0ZSc3Mwd1FhT0l1MDAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AHwTLrYqi2NsWrkMRcHJnFK1hjFfH2gz34sJJrvUvfkG2NmvodZnzRQysunokeDu
NoyYb7n1bpVnc7V6p0mpyNXsVccCCZhAud855c3O4vPdaMDM4F7U0RkanhHUghL4
PaDOvVZ4MN3vyVOdsrQ30maRzR+o6jFMHwp6PmORIYnlqJW+ncap6PukYsRJXunr
QmEiAN1KGe2vtuovlgsmHxxhUZ0mWryHAYjhj4NmL9WgCKd6D/coxaLRo2I8M5vm
8QHede/BoAxlqxaxTqhcz6j9yxD5poi5Ildd/LuCpFl8XGWo7cs1+orMzjJPysqX
f2m3Y/pvE+ZyA7QfmQVSeFs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org