Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/zwTL5swBEA9OhxLtXe38j-kUbJw.roa
File: zwTL5swBEA9OhxLtXe38j-kUbJw.roa (raw, json)
Hash identifier: sOdLcvN2AYWbAjo7eU7JFeSGzWLpJR/ySOhEn0dyx6E=
Subject key identifier: CF:04:CB:E6:CC:01:10:0F:4E:87:12:ED:5D:ED:FC:8F:E9:14:6C:9C
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4248
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/zwTL5swBEA9OhxLtXe38j-kUbJw.roa
Signing time: Sat 29 Jan 2022 00:30:08 +0000
ROA not before: Sat 29 Jan 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16968 (0x4248)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jan 29 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=CF04CBE6CC01100F4E8712ED5DEDFC8FE9146C9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:93:e3:ae:fb:7d:ad:7a:df:98:fa:1c:3f:aa:
53:42:70:af:a1:91:54:26:c3:f6:be:f5:4a:8f:b4:
34:2c:69:90:aa:10:60:72:75:7a:4a:5b:70:e6:4f:
85:2a:f4:50:f1:ca:de:73:c0:f0:d3:99:87:21:5b:
75:44:58:c6:4e:03:a1:96:ef:09:2b:f3:a5:f2:a8:
60:57:1d:17:22:ef:69:4c:fb:76:17:a6:fc:17:57:
a6:58:40:c0:8b:2a:3f:04:ee:d4:b6:1c:bf:91:3f:
b6:31:7b:cd:c0:b0:74:58:a5:e9:c2:03:01:4d:ca:
33:54:f4:31:b1:67:31:81:c0:8d:55:86:0d:e9:a3:
03:cc:41:64:ee:b5:23:7f:68:69:61:16:28:ee:d2:
7b:80:ba:c8:75:42:9a:02:f1:48:a9:21:46:5a:ed:
f2:48:d2:58:11:e2:c9:f6:d3:52:7d:9b:6f:10:4f:
9e:0e:16:1b:05:25:4a:fa:90:cb:25:63:ef:72:bc:
58:8f:79:ce:40:b1:67:49:97:57:9b:d0:ae:7e:98:
1f:80:d6:7e:ba:da:2f:31:e5:62:46:39:29:6b:4f:
6b:d1:47:77:d1:27:cb:cc:ef:2f:a8:79:8b:07:4f:
77:3a:76:8a:67:1c:55:59:b8:9c:dd:4b:84:90:8e:
7a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:04:CB:E6:CC:01:10:0F:4E:87:12:ED:5D:ED:FC:8F:E9:14:6C:9C
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/zwTL5swBEA9OhxLtXe38j-kUbJw.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:52:dc:d3:69:03:cf:e8:fc:7a:75:5f:6d:45:cd:5e:dc:55:
dd:b1:83:70:00:2d:4c:b2:c9:1a:b9:a5:59:7b:69:84:6b:a0:
15:56:c7:9f:de:3c:be:7c:6e:06:8a:63:f0:17:4a:c2:95:4c:
af:cf:3e:f6:ec:f9:19:b3:b6:76:95:b8:a6:24:08:a3:46:11:
cb:54:e9:5c:fb:43:ae:8a:d2:c5:cb:a7:5a:c4:89:e8:a8:13:
3c:78:e4:0c:00:8d:ef:09:e3:e0:b0:cd:71:79:63:bc:14:42:
e5:23:b5:9a:82:90:a7:7d:7e:f1:b3:85:fc:f4:3f:d5:bd:fb:
d6:0a:95:84:db:99:23:ef:b8:40:1e:93:40:4a:cb:d4:7c:30:
fb:2e:36:10:e6:c5:42:34:35:8f:e9:92:2b:d6:bb:9c:e7:5d:
19:7d:89:af:77:9f:8b:c1:3a:96:6b:be:74:ff:03:01:14:d2:
8c:8d:d1:bc:8d:88:83:f7:f4:21:e5:4e:76:0b:8a:e7:3e:aa:
5a:76:fc:b1:66:34:59:8e:2b:86:37:de:72:2d:07:a6:16:e7:
d2:b6:e1:a6:ba:ac:16:23:04:53:fb:d3:8f:34:cd:d1:58:19:
8d:49:ce:db:64:93:d2:21:14:db:85:26:da:c9:61:36:fd:3a:
75:b9:e3:c8
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQkgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAxMjkw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKENGMDRDQkU2Q0MwMTEw
MEY0RTg3MTJFRDVERURGQzhGRTkxNDZDOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJk+Ou+32tet+Y+hw/qlNCcK+hkVQmw/a+9UqPtDQsaZCqEGBy
dXpKW3DmT4Uq9FDxyt5zwPDTmYchW3VEWMZOA6GW7wkr86XyqGBXHRci72lM+3YX
pvwXV6ZYQMCLKj8E7tS2HL+RP7Yxe83AsHRYpenCAwFNyjNU9DGxZzGBwI1Vhg3p
owPMQWTutSN/aGlhFiju0nuAush1QpoC8UipIUZa7fJI0lgR4sn201J9m28QT54O
FhsFJUr6kMslY+9yvFiPec5AsWdJl1eb0K5+mB+A1n662i8x5WJGOSlrT2vRR3fR
J8vM7y+oeYsHT3c6dopnHFVZuJzdS4SQjnqRAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUzwTL5swBEA9OhxLtXe38j+kUbJwwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS96d1RMNXN3QkVBOU9oeEx0WGUzOGota1ViSncucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AI5S3NNpA8/o/Hp1X21FzV7cVd2xg3AALUyyyRq5pVl7aYRroBVWx5/ePL58bgaK
Y/AXSsKVTK/PPvbs+RmztnaVuKYkCKNGEctU6Vz7Q66K0sXLp1rEieioEzx45AwA
je8J4+CwzXF5Y7wUQuUjtZqCkKd9fvGzhfz0P9W9+9YKlYTbmSPvuEAek0BKy9R8
MPsuNhDmxUI0NY/pkivWu5znXRl9ia93n4vBOpZrvnT/AwEU0oyN0byNiIP39CHl
TnYLiuc+qlp2/LFmNFmOK4Y33nItB6YW59K24aa6rBYjBFP70480zdFYGY1Jzttk
k9IhFNuFJtrJYTb9OnW548g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org