Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/4I_F_hDm8nED-c8ySjrSFD4n9u0.roa
File: 4I_F_hDm8nED-c8ySjrSFD4n9u0.roa (raw, json)
Hash identifier: UvAlhV8+TQislzOhqAglEVCo48eKOm+BdWkCeu+fjEc=
Subject key identifier: E0:8F:C5:FE:10:E6:F2:71:03:F9:CF:32:4A:3A:D2:14:3E:27:F6:ED
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 447F
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/4I_F_hDm8nED-c8ySjrSFD4n9u0.roa
Signing time: Fri 11 Mar 2022 00:36:56 +0000
ROA not before: Fri 11 Mar 2022 00:36:56 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17535 (0x447f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 11 00:36:56 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=E08FC5FE10E6F27103F9CF324A3AD2143E27F6ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d2:7e:ee:2d:64:0a:9f:a6:de:e9:ce:71:5d:
98:dc:7f:ba:dd:ba:ec:65:35:86:f2:aa:e3:fb:60:
b3:ef:39:e7:4f:46:9d:c0:a1:0a:d3:fd:d6:51:10:
2e:88:e7:5f:91:0b:0e:e4:9c:df:f2:02:66:97:ab:
23:a1:9a:5e:b4:9d:d9:1f:8e:70:d7:d0:92:1e:bb:
17:bd:ac:eb:30:95:6a:be:1b:ed:10:ee:bf:56:0c:
fc:29:02:10:ec:ba:da:f3:fd:75:17:4f:1f:9a:60:
75:dd:99:2e:d8:c4:30:db:83:34:5e:7b:09:79:7f:
57:ab:e0:9b:96:af:9e:fd:ed:74:f1:00:6e:3f:3e:
36:9f:49:2d:23:5c:2b:b2:01:9f:76:a3:33:2c:6a:
a5:26:b2:8a:0d:b6:df:97:24:27:04:83:0d:12:3f:
dd:35:28:73:79:43:40:27:3d:a9:2d:6f:0e:20:13:
43:5f:6f:33:17:db:95:05:22:c2:f6:92:a5:2d:46:
48:1a:dc:1f:18:b0:ae:8f:c0:5d:8a:10:38:11:2e:
9c:51:58:10:04:cd:95:b9:c9:b4:dc:d7:31:7b:b4:
43:15:16:4f:43:89:95:ca:68:69:71:e4:9a:64:72:
0d:a2:0b:a2:36:c3:82:72:7c:43:f5:c0:4e:31:97:
7e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:8F:C5:FE:10:E6:F2:71:03:F9:CF:32:4A:3A:D2:14:3E:27:F6:ED
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/4I_F_hDm8nED-c8ySjrSFD4n9u0.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
68:5e:4d:c8:fd:55:c6:61:3b:b1:ac:19:47:47:e3:aa:23:a6:
90:46:7e:55:91:99:3f:e4:22:0f:54:af:e5:c9:75:bb:f6:f7:
8b:5f:dc:c6:4d:11:28:81:30:ef:46:f2:fc:75:83:bc:80:bc:
a8:ff:73:b5:3a:b5:bd:29:c9:0a:a1:3a:aa:8d:0f:3b:e1:90:
b8:ee:e4:b8:ec:70:37:27:22:68:f7:ec:df:2e:09:e4:65:3b:
fd:a7:d3:22:31:91:9c:37:68:9c:da:1e:8d:ba:ec:f5:f5:ba:
2f:ec:4a:5d:ec:86:f6:c2:49:d4:5b:01:11:3a:1e:56:42:3f:
d4:1b:25:63:85:d1:94:38:48:d7:04:fc:25:35:38:b6:96:57:
21:4e:6f:4a:4c:ef:f5:02:91:6f:f2:b5:2b:af:41:bc:fa:1c:
6c:09:c2:13:a1:2c:99:a8:5f:05:1d:2c:b7:6a:1d:a9:ed:2b:
a7:f9:30:2a:cb:52:84:67:f0:46:c4:be:3e:d5:55:5b:f1:ae:
94:e2:07:7c:46:c3:a1:59:26:a1:30:22:68:13:ee:de:34:95:
49:e2:7f:68:d4:84:0e:05:17:6c:a2:0c:f8:dd:86:63:44:0e:
e4:77:f3:5a:c0:4d:47:0e:98:d2:08:fa:ed:ce:b8:d5:4e:32:
43:63:3f:13
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRH8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTEw
MDM2NTZaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEUwOEZDNUZFMTBFNkYy
NzEwM0Y5Q0YzMjRBM0FEMjE0M0UyN0Y2RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC40n7uLWQKn6be6c5xXZjcf7rduuxlNYbyquP7YLPvOedPRp3A
oQrT/dZREC6I51+RCw7knN/yAmaXqyOhml60ndkfjnDX0JIeuxe9rOswlWq+G+0Q
7r9WDPwpAhDsutrz/XUXTx+aYHXdmS7YxDDbgzReewl5f1er4JuWr5797XTxAG4/
PjafSS0jXCuyAZ92ozMsaqUmsooNtt+XJCcEgw0SP901KHN5Q0AnPaktbw4gE0Nf
bzMX25UFIsL2kqUtRkga3B8YsK6PwF2KEDgRLpxRWBAEzZW5ybTc1zF7tEMVFk9D
iZXKaGlx5Jpkcg2iC6I2w4JyfEP1wE4xl35/AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU4I/F/hDm8nED+c8ySjrSFD4n9u0wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS80SV9GX2hEbThuRUQtYzh5U2pyU0ZENG45dTAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AGheTcj9VcZhO7GsGUdH46ojppBGflWRmT/kIg9Ur+XJdbv294tf3MZNESiBMO9G
8vx1g7yAvKj/c7U6tb0pyQqhOqqNDzvhkLju5LjscDcnImj37N8uCeRlO/2n0yIx
kZw3aJzaHo267PX1ui/sSl3shvbCSdRbARE6HlZCP9QbJWOF0ZQ4SNcE/CU1OLaW
VyFOb0pM7/UCkW/ytSuvQbz6HGwJwhOhLJmoXwUdLLdqHantK6f5MCrLUoRn8EbE
vj7VVVvxrpTiB3xGw6FZJqEwImgT7t40lUnif2jUhA4FF2yiDPjdhmNEDuR381rA
TUcOmNII+u3OuNVOMkNjPxM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org