Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/MCJALEAYdLoT2TXMb1dYhKXC1Lo.roa
File: MCJALEAYdLoT2TXMb1dYhKXC1Lo.roa (raw, json)
Hash identifier: rBnWC+TMw5sMLeEMmghxwqzQhPG+alz3781RiV/I5pI=
Subject key identifier: 30:22:40:2C:40:18:74:BA:13:D9:35:CC:6F:57:58:84:A5:C2:D4:BA
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4631
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/MCJALEAYdLoT2TXMb1dYhKXC1Lo.roa
Signing time: Mon 11 Apr 2022 00:30:08 +0000
ROA not before: Mon 11 Apr 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17969 (0x4631)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 11 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=3022402C401874BA13D935CC6F575884A5C2D4BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1e:a6:b1:1b:63:44:3e:94:2c:72:3d:41:b7:
72:b0:da:c7:6e:26:58:24:48:80:f0:ff:d6:53:c7:
97:01:92:97:82:64:c4:16:28:82:e2:60:d3:03:b8:
37:54:ac:3d:d7:e7:6a:ff:c2:b0:2d:c1:ad:7d:b5:
9b:56:2b:f7:e1:42:d0:a6:53:82:f3:80:b0:10:dd:
3b:55:80:2f:8d:9e:ca:b9:44:aa:7f:31:cc:08:fc:
16:e5:43:dc:31:f8:76:f9:35:c7:bf:2e:7f:9b:bf:
d6:71:c7:5d:9f:38:d0:37:d5:07:71:b1:f8:a3:4d:
6a:b1:df:d3:89:28:0a:4c:f2:92:b6:38:ec:1c:5b:
31:e4:37:cb:90:07:17:ed:26:45:2d:d1:4b:c0:7c:
b6:dc:5a:34:5c:49:66:1a:af:7e:95:4b:97:94:3d:
82:99:d5:34:9c:0a:67:7b:96:ed:bd:80:2e:4f:74:
61:99:ef:0c:7f:f4:51:f5:14:40:6d:f8:4b:54:68:
60:31:9e:4d:f8:20:77:a6:c2:5a:55:14:a2:4c:1c:
10:76:9d:3b:dd:0b:df:50:7a:64:d6:67:3a:09:1f:
38:30:3b:17:ec:63:7d:99:7f:30:f6:77:68:91:26:
0b:8d:da:cf:ab:28:6d:6f:64:d6:59:ab:dd:d0:df:
2d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:22:40:2C:40:18:74:BA:13:D9:35:CC:6F:57:58:84:A5:C2:D4:BA
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/MCJALEAYdLoT2TXMb1dYhKXC1Lo.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:b8:a0:80:35:50:53:c6:b2:74:9e:06:b1:e9:fc:a7:87:67:
3c:c0:5f:4e:11:d9:3a:a5:d5:f4:6d:75:4b:82:84:20:0f:5e:
1d:44:c3:27:1e:78:dd:53:ea:f2:2d:54:f4:e0:63:27:74:01:
e0:df:19:ec:b9:2b:cf:3d:4b:fd:47:2e:60:ba:52:7f:1d:40:
2f:d4:c7:a3:d2:90:f8:91:af:df:de:9b:80:cc:19:3b:32:ad:
fc:f3:ca:30:56:de:29:06:b2:6d:d0:ed:33:1c:d1:9f:e2:55:
29:3b:5a:42:7b:03:77:58:e8:20:c7:dd:1d:ac:af:7a:c0:d0:
9e:ae:78:ef:32:b0:0c:57:3f:63:a7:9f:9e:5b:83:15:6a:8d:
58:b3:0d:7d:3a:6b:24:b3:2d:7a:66:ed:8e:46:5e:b7:aa:c6:
cc:ea:76:79:22:66:a0:65:b5:1f:21:d4:19:50:61:58:87:2c:
30:8f:d3:84:fe:46:05:74:1c:58:20:8a:35:75:97:7a:68:52:
e2:14:8b:03:05:1a:df:70:bc:a2:7b:80:23:c5:6e:bd:1b:7f:
cb:61:33:10:71:19:32:20:02:36:98:a8:bf:52:fe:b1:a6:4c:
d6:70:9f:0a:f0:02:6f:1c:4d:a5:92:e3:3a:d6:40:b7:82:45:
96:f4:4b:68
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRjEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MTEw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDMwMjI0MDJDNDAxODc0
QkExM0Q5MzVDQzZGNTc1ODg0QTVDMkQ0QkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIHqaxG2NEPpQscj1Bt3Kw2sduJlgkSIDw/9ZTx5cBkpeCZMQW
KILiYNMDuDdUrD3X52r/wrAtwa19tZtWK/fhQtCmU4LzgLAQ3TtVgC+Nnsq5RKp/
McwI/BblQ9wx+Hb5Nce/Ln+bv9Zxx12fONA31QdxsfijTWqx39OJKApM8pK2OOwc
WzHkN8uQBxftJkUt0UvAfLbcWjRcSWYar36VS5eUPYKZ1TScCmd7lu29gC5PdGGZ
7wx/9FH1FEBt+EtUaGAxnk34IHemwlpVFKJMHBB2nTvdC99QemTWZzoJHzgwOxfs
Y32ZfzD2d2iRJguN2s+rKG1vZNZZq93Q3y29AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUMCJALEAYdLoT2TXMb1dYhKXC1LowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9NQ0pBTEVBWWRMb1QyVFhNYjFkWWhLWEMxTG8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AI24oIA1UFPGsnSeBrHp/KeHZzzAX04R2Tql1fRtdUuChCAPXh1EwyceeN1T6vIt
VPTgYyd0AeDfGey5K889S/1HLmC6Un8dQC/Ux6PSkPiRr9/em4DMGTsyrfzzyjBW
3ikGsm3Q7TMc0Z/iVSk7WkJ7A3dY6CDH3R2sr3rA0J6ueO8ysAxXP2Onn55bgxVq
jVizDX06aySzLXpm7Y5GXreqxszqdnkiZqBltR8h1BlQYViHLDCP04T+RgV0HFgg
ijV1l3poUuIUiwMFGt9wvKJ7gCPFbr0bf8thMxBxGTIgAjaYqL9S/rGmTNZwnwrw
Am8cTaWS4zrWQLeCRZb0S2g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org