Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/4Cu5hLp_nFyERrHq-PoK7L-0Qds.roa
File: 4Cu5hLp_nFyERrHq-PoK7L-0Qds.roa (raw, json)
Hash identifier: aTn5wFdTuNpy3AJVXWSn5vuyk2cY9oqrv8UEevV9P3Y=
Subject key identifier: E0:2B:B9:84:BA:7F:9C:5C:84:46:B1:EA:F8:FA:0A:EC:BF:B4:41:DB
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4351
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/4Cu5hLp_nFyERrHq-PoK7L-0Qds.roa
Signing time: Thu 17 Feb 2022 00:30:07 +0000
ROA not before: Thu 17 Feb 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17233 (0x4351)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 17 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=E02BB984BA7F9C5C8446B1EAF8FA0AECBFB441DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7d:7d:96:03:bc:2a:6e:4d:59:49:1d:d9:96:
4f:c7:b6:3f:29:f4:0e:94:3f:c9:82:7f:90:f1:26:
52:d4:15:a7:ad:a7:25:a4:c6:21:00:22:be:36:45:
49:ac:93:dd:67:aa:e0:9a:bb:e2:40:6b:d2:4b:fa:
52:0d:ce:5f:2e:3a:aa:71:93:a3:26:ee:f3:c9:07:
3c:7f:e5:f4:2b:7e:60:7e:67:55:65:de:f6:5d:0c:
ee:0a:83:22:40:d5:0b:6c:73:76:2c:c6:98:77:3b:
1d:27:60:d0:02:df:8c:9f:74:4f:0f:39:bf:70:44:
55:08:75:b4:28:0f:5d:b4:be:eb:e8:79:e0:5b:c1:
c5:c6:39:b9:78:bb:9d:7c:71:06:4d:72:d5:ec:7e:
dd:53:a6:b9:d7:eb:8f:5a:7c:ea:36:43:36:83:50:
3e:20:c6:8c:e8:fc:3a:a2:95:3a:3c:71:04:2b:d6:
75:fb:0f:bf:29:5b:b4:bb:ee:f8:86:ca:dd:e3:55:
49:e3:be:03:51:a1:8c:20:14:ea:8d:76:39:42:aa:
b2:2a:eb:2e:f9:05:90:c0:8e:54:d2:e3:93:b6:43:
6b:89:60:f1:00:9d:fc:b7:18:8f:6d:b3:fc:80:67:
77:40:c0:fd:6e:42:ab:69:e8:74:1e:f8:49:32:41:
c3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2B:B9:84:BA:7F:9C:5C:84:46:B1:EA:F8:FA:0A:EC:BF:B4:41:DB
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/4Cu5hLp_nFyERrHq-PoK7L-0Qds.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:41:a5:f9:84:fd:26:70:45:cc:45:a2:8f:28:40:f6:52:86:
ef:6a:17:3c:09:cb:b4:27:f1:fd:0b:b6:21:75:a1:1f:67:c7:
6b:40:c0:50:80:d3:b7:b1:d4:c4:d9:ca:15:d4:60:9e:84:b9:
d7:58:e4:81:87:ec:69:59:45:32:35:2c:46:82:2c:07:fc:f5:
18:0f:c0:50:07:42:38:22:5b:46:68:48:1e:70:91:6b:10:96:
20:e3:68:a3:74:d0:10:4b:50:49:70:a5:d4:b0:b5:4c:4a:e1:
1c:9e:e7:0f:ca:b9:00:bf:3e:07:4a:a0:f2:ab:3d:5a:f7:7a:
c6:d7:4b:b6:07:cd:0c:6b:08:fc:29:01:2c:bc:7a:65:3f:4d:
d3:a3:89:bb:30:51:21:d1:15:21:48:1d:b4:d2:42:14:d0:a0:
03:58:7a:8a:5e:da:59:3f:b4:3f:22:30:be:e4:a1:b4:95:d8:
7f:60:b5:b2:ec:c6:30:73:ce:70:4e:a8:fa:57:82:e5:2f:2b:
fd:38:9b:10:8c:34:62:f8:db:01:ef:26:9b:70:cc:93:f8:48:
48:70:11:52:1b:a0:77:0f:8a:b3:15:d8:bb:69:78:f3:8d:07:
23:c9:da:78:87:48:62:b3:22:b2:1a:bb:31:e6:a1:37:18:eb:
2c:52:c3:bd
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ1EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTcw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEUwMkJCOTg0QkE3RjlD
NUM4NDQ2QjFFQUY4RkEwQUVDQkZCNDQxREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+fX2WA7wqbk1ZSR3Zlk/Htj8p9A6UP8mCf5DxJlLUFaetpyWk
xiEAIr42RUmsk91nquCau+JAa9JL+lINzl8uOqpxk6Mm7vPJBzx/5fQrfmB+Z1Vl
3vZdDO4KgyJA1Qtsc3Ysxph3Ox0nYNAC34yfdE8POb9wRFUIdbQoD120vuvoeeBb
wcXGObl4u518cQZNctXsft1TprnX649afOo2QzaDUD4gxozo/DqilTo8cQQr1nX7
D78pW7S77viGyt3jVUnjvgNRoYwgFOqNdjlCqrIq6y75BZDAjlTS45O2Q2uJYPEA
nfy3GI9ts/yAZ3dAwP1uQqtp6HQe+EkyQcPrAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU4Cu5hLp/nFyERrHq+PoK7L+0QdswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS80Q3U1aExwX25GeUVSckhxLVBvSzdMLTBRZHMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AL1BpfmE/SZwRcxFoo8oQPZShu9qFzwJy7Qn8f0LtiF1oR9nx2tAwFCA07ex1MTZ
yhXUYJ6EuddY5IGH7GlZRTI1LEaCLAf89RgPwFAHQjgiW0ZoSB5wkWsQliDjaKN0
0BBLUElwpdSwtUxK4Rye5w/KuQC/PgdKoPKrPVr3esbXS7YHzQxrCPwpASy8emU/
TdOjibswUSHRFSFIHbTSQhTQoANYeope2lk/tD8iML7kobSV2H9gtbLsxjBzznBO
qPpXguUvK/04mxCMNGL42wHvJptwzJP4SEhwEVIboHcPirMV2LtpePONByPJ2niH
SGKzIrIauzHmoTcY6yxSw70=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org