Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/E33HVB9QrtIoFG64p2NFmqlj_qQ.roa
File: E33HVB9QrtIoFG64p2NFmqlj_qQ.roa (raw, json)
Hash identifier: jExMw8hYeiYmlrkbHOrvUkh/A4rx184fO4FznOUCwVk=
Subject key identifier: 13:7D:C7:54:1F:50:AE:D2:28:14:6E:B8:A7:63:45:9A:A9:63:FE:A4
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4242
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/E33HVB9QrtIoFG64p2NFmqlj_qQ.roa
Signing time: Sat 29 Jan 2022 00:30:05 +0000
ROA not before: Sat 29 Jan 2022 00:30:05 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16962 (0x4242)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jan 29 00:30:05 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=137DC7541F50AED228146EB8A763459AA963FEA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:ad:67:80:5d:4f:02:ae:b6:f3:ed:4f:c9:1d:
c4:14:60:5d:a4:d3:6a:12:ff:5d:cc:ea:a7:02:f3:
4a:9e:1b:72:f2:2f:70:01:82:58:f9:e0:ad:4e:6c:
ee:a4:85:60:55:ea:96:64:22:36:68:a1:b5:5c:a6:
b7:89:44:6d:ad:3f:2b:e3:21:64:cd:53:53:8b:48:
8a:86:47:31:5e:b6:91:e3:e6:e1:5f:19:31:ce:e2:
d8:43:56:bf:3b:d0:93:c9:72:09:a3:86:08:48:dd:
84:c1:e8:f7:05:20:99:08:a6:84:2d:e2:23:5e:15:
46:da:c4:bf:40:1c:e4:d7:d6:16:00:5a:d2:f9:dd:
66:bb:e6:a7:8f:40:86:f5:24:6e:f4:c9:a9:00:17:
e4:e2:46:8e:d9:de:57:49:13:13:76:fb:d4:8b:82:
1d:aa:ae:b2:b4:8d:dd:1b:e6:fe:85:09:c2:40:cc:
29:11:a7:0d:f3:33:59:60:1d:b5:ae:81:23:db:55:
51:e3:27:89:f8:0a:89:70:69:5e:cd:96:95:6e:d6:
fc:81:02:48:d3:67:c0:a9:5f:72:d9:8f:4b:39:8e:
e8:e1:62:e7:ba:65:8d:1b:1e:10:ba:0f:e1:10:bd:
65:3d:39:ed:9e:92:35:95:1d:84:81:cc:b5:41:15:
63:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:7D:C7:54:1F:50:AE:D2:28:14:6E:B8:A7:63:45:9A:A9:63:FE:A4
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/E33HVB9QrtIoFG64p2NFmqlj_qQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:3e:09:3c:1f:a6:92:b3:80:d2:99:d0:2e:54:a0:ec:65:be:
5c:fa:00:32:d4:27:48:24:0a:32:22:a9:8d:bd:85:da:e4:6c:
ec:59:30:20:5b:17:67:39:cd:23:c0:41:30:db:58:f9:e8:f2:
ad:9f:25:dd:17:85:be:8d:da:e6:f5:e5:56:06:f6:23:4e:1d:
47:8d:8e:f9:5d:57:ac:6d:7d:0d:a3:9a:4d:3d:67:da:48:34:
73:47:ae:27:42:d4:cc:70:4d:79:6c:96:b0:8d:fe:88:52:79:
b3:06:dc:28:84:35:c8:49:f3:4c:40:87:84:b7:5e:2a:d8:d8:
cb:49:0f:30:71:58:e7:24:5b:5c:fc:fc:d3:69:41:25:a1:54:
6f:96:84:92:04:10:1d:71:ad:ef:31:56:5c:f6:5d:56:02:cd:
00:9c:31:5c:e7:89:30:77:d2:cb:db:60:f1:13:4d:01:4b:eb:
9d:f0:92:7c:7c:d1:e9:b5:2b:da:65:5a:a8:da:43:2d:75:10:
a8:50:5c:e8:39:e3:86:cc:33:89:12:9d:23:c4:00:5a:71:50:
5c:80:5e:2c:81:c7:fd:33:e5:14:11:8a:07:bc:85:a6:05:3f:
2c:b1:3d:85:e5:56:28:f9:88:b0:98:7f:8c:be:c7:f4:b8:23:
7d:4f:e2:76
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQkIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAxMjkw
MDMwMDVaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDEzN0RDNzU0MUY1MEFF
RDIyODE0NkVCOEE3NjM0NTlBQTk2M0ZFQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4rWeAXU8Crrbz7U/JHcQUYF2k02oS/13M6qcC80qeG3LyL3AB
glj54K1ObO6khWBV6pZkIjZoobVcpreJRG2tPyvjIWTNU1OLSIqGRzFetpHj5uFf
GTHO4thDVr870JPJcgmjhghI3YTB6PcFIJkIpoQt4iNeFUbaxL9AHOTX1hYAWtL5
3Wa75qePQIb1JG70yakAF+TiRo7Z3ldJExN2+9SLgh2qrrK0jd0b5v6FCcJAzCkR
pw3zM1lgHbWugSPbVVHjJ4n4ColwaV7NlpVu1vyBAkjTZ8CpX3LZj0s5jujhYue6
ZY0bHhC6D+EQvWU9Oe2ekjWVHYSBzLVBFWMzAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUE33HVB9QrtIoFG64p2NFmqlj/qQwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9FMzNIVkI5UXJ0SW9GRzY0cDJORm1xbGpfcVEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AE0+CTwfppKzgNKZ0C5UoOxlvlz6ADLUJ0gkCjIiqY29hdrkbOxZMCBbF2c5zSPA
QTDbWPno8q2fJd0Xhb6N2ub15VYG9iNOHUeNjvldV6xtfQ2jmk09Z9pINHNHridC
1MxwTXlslrCN/ohSebMG3CiENchJ80xAh4S3XirY2MtJDzBxWOckW1z8/NNpQSWh
VG+WhJIEEB1xre8xVlz2XVYCzQCcMVzniTB30svbYPETTQFL653wknx80em1K9pl
WqjaQy11EKhQXOg544bMM4kSnSPEAFpxUFyAXiyBx/0z5RQRige8haYFPyyxPYXl
Vij5iLCYf4y+x/S4I31P4nY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:35 2023 by rpki-client on console-fra.rpki-client.org