Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/IZMCLh2IdFX1ncaODoTM9fbQL0c.roa
File: IZMCLh2IdFX1ncaODoTM9fbQL0c.roa (raw, json)
Hash identifier: jZ0GKVIUcOpPyxgOpLrsv2TTMWH5BOsB+ZnH+nH6Nu8=
Subject key identifier: 21:93:02:2E:1D:88:74:55:F5:9D:C6:8E:0E:84:CC:F5:F6:D0:2F:47
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 488D
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/IZMCLh2IdFX1ncaODoTM9fbQL0c.roa
Signing time: Tue 24 May 2022 00:30:08 +0000
ROA not before: Tue 24 May 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18573 (0x488d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 24 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=2193022E1D887455F59DC68E0E84CCF5F6D02F47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e5:7b:c9:ae:7f:f6:a1:61:0d:d9:a1:5a:c9:
da:f0:4d:10:c9:c6:ea:1a:66:b7:f1:88:6b:a2:af:
05:5c:c3:0c:be:a0:62:24:a9:52:b6:45:4c:a0:df:
49:00:5c:96:7d:10:54:1a:fd:9d:2d:c8:5d:d0:d3:
66:0c:bc:1a:85:af:91:89:6c:27:51:1a:fe:b4:c0:
07:f7:74:69:94:f0:55:22:a1:9b:fb:98:e3:80:05:
a3:72:48:4c:05:74:5e:60:1f:c0:79:27:09:9f:8b:
8e:a4:ad:a2:13:da:36:46:63:e5:f5:ee:7d:15:af:
fd:fc:ab:67:93:da:44:12:82:94:0f:d2:a7:00:11:
a6:2c:08:89:34:5b:19:72:1f:5b:39:02:19:8f:2c:
a1:0e:83:b6:b3:56:67:86:ff:be:5d:ca:0d:6a:19:
0f:75:d9:40:c6:8b:ce:e9:a8:df:aa:b1:8e:84:d0:
c5:aa:95:41:08:ba:ef:60:40:9d:a3:c2:80:b2:80:
40:cc:d9:50:46:db:d9:29:31:08:2b:81:c0:ae:8e:
35:e1:cb:d6:41:31:0f:28:31:3a:f0:39:f0:4e:ee:
9a:0f:9a:6f:93:a4:ff:d1:b3:32:54:8b:19:15:c9:
ce:d4:91:92:a7:59:6f:79:d7:c1:20:ac:58:3e:e0:
cd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:93:02:2E:1D:88:74:55:F5:9D:C6:8E:0E:84:CC:F5:F6:D0:2F:47
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/IZMCLh2IdFX1ncaODoTM9fbQL0c.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:65:99:76:af:7d:47:83:fa:35:66:82:3d:86:d5:0e:81:e9:
6e:2c:48:14:cc:cb:b5:3f:dc:11:e0:5e:6e:05:d6:0d:a1:2b:
17:8e:09:10:3b:39:64:52:1e:51:cb:af:65:2a:40:db:16:38:
b9:ab:be:e1:6f:e4:b0:c5:99:ef:1a:a2:0a:0c:52:bc:c3:43:
71:75:0e:55:fb:12:36:3b:e0:6f:d6:b5:9e:41:0d:f5:cf:af:
59:bb:39:b7:8a:07:11:fa:c0:5a:5c:67:68:57:be:a1:f3:7f:
00:da:1e:dc:28:be:27:60:e9:3c:45:25:66:16:8e:4f:e9:54:
b9:50:2c:64:7f:52:e6:3c:52:db:5d:3a:df:fa:f1:46:83:1e:
5d:3e:81:b6:45:02:4e:5f:71:13:d5:82:5f:ed:ce:67:26:dc:
da:15:24:d1:ed:93:c0:aa:07:ea:48:6e:35:6e:63:d6:3b:27:
de:e0:ed:db:1a:b2:a9:29:df:20:e2:2a:b7:fc:1c:ed:c3:04:
73:f6:f9:10:a2:93:e3:68:1d:09:f1:7b:e9:5e:46:a5:1b:3a:
3e:a2:db:a5:17:25:cb:d7:80:de:c9:0b:07:cd:d9:15:78:9c:
91:47:83:5c:37:9c:02:77:59:fc:cf:95:e2:e5:62:3f:06:ef:
6c:72:3b:df
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSI0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MjQw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDIxOTMwMjJFMUQ4ODc0
NTVGNTlEQzY4RTBFODRDQ0Y1RjZEMDJGNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC25XvJrn/2oWEN2aFaydrwTRDJxuoaZrfxiGuirwVcwwy+oGIk
qVK2RUyg30kAXJZ9EFQa/Z0tyF3Q02YMvBqFr5GJbCdRGv60wAf3dGmU8FUioZv7
mOOABaNySEwFdF5gH8B5Jwmfi46kraIT2jZGY+X17n0Vr/38q2eT2kQSgpQP0qcA
EaYsCIk0WxlyH1s5AhmPLKEOg7azVmeG/75dyg1qGQ912UDGi87pqN+qsY6E0MWq
lUEIuu9gQJ2jwoCygEDM2VBG29kpMQgrgcCujjXhy9ZBMQ8oMTrwOfBO7poPmm+T
pP/RszJUixkVyc7UkZKnWW9518EgrFg+4M1hAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUIZMCLh2IdFX1ncaODoTM9fbQL0cwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9JWk1DTGgySWRGWDFuY2FPRG9UTTlmYlFMMGMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AFplmXavfUeD+jVmgj2G1Q6B6W4sSBTMy7U/3BHgXm4F1g2hKxeOCRA7OWRSHlHL
r2UqQNsWOLmrvuFv5LDFme8aogoMUrzDQ3F1DlX7EjY74G/WtZ5BDfXPr1m7ObeK
BxH6wFpcZ2hXvqHzfwDaHtwovidg6TxFJWYWjk/pVLlQLGR/UuY8UttdOt/68UaD
Hl0+gbZFAk5fcRPVgl/tzmcm3NoVJNHtk8CqB+pIbjVuY9Y7J97g7dsasqkp3yDi
Krf8HO3DBHP2+RCik+NoHQnxe+leRqUbOj6i26UXJcvXgN7JCwfN2RV4nJFHg1w3
nAJ3WfzPleLlYj8G72xyO98=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org