Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/MxzlNCMUdkaH530TkKkJujgAauw.roa
File: MxzlNCMUdkaH530TkKkJujgAauw.roa (raw, json)
Hash identifier: 6586jIruAPL+D7jbdz0XLdF2WwpZJj9mBQvNz6DsrPk=
Subject key identifier: 33:1C:E5:34:23:14:76:46:87:E7:7D:13:90:A9:09:BA:38:00:6A:EC
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 465B
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/MxzlNCMUdkaH530TkKkJujgAauw.roa
Signing time: Thu 14 Apr 2022 00:30:12 +0000
ROA not before: Thu 14 Apr 2022 00:30:12 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18011 (0x465b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 14 00:30:12 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=331CE5342314764687E77D1390A909BA38006AEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:93:30:21:21:80:47:64:08:50:a5:4d:a7:bf:
94:31:6c:36:5b:f9:70:96:47:65:da:86:83:12:40:
55:1b:8e:a8:0b:15:27:43:3d:5a:0d:d5:f9:80:e0:
b9:03:f8:de:3c:69:0b:87:15:0e:36:63:d9:21:83:
2d:86:cc:2a:71:04:c4:b6:5e:4c:2c:dd:45:cf:a2:
05:0e:dd:53:3e:c6:4e:b8:b6:55:6e:60:a4:22:e8:
eb:2c:71:ff:8d:5c:a6:f3:37:63:dd:4e:4e:ae:e6:
7f:86:43:e1:26:c0:c1:a6:1e:be:4a:2d:bd:fb:01:
39:c8:44:c6:e4:73:e2:c5:bf:2d:a5:f3:5b:e6:8d:
86:12:13:a1:8a:7b:84:cd:f7:3c:c8:e1:bb:2c:7f:
85:b3:43:76:da:44:21:81:96:e2:54:24:d0:cb:f1:
ef:37:eb:b0:d3:28:d8:7a:99:94:3d:be:fc:98:b1:
06:3f:86:58:b8:6d:cd:07:82:10:f5:4b:a6:d6:25:
e8:b4:15:b0:d0:aa:d8:e7:d5:56:dc:b8:49:3d:3e:
6f:c5:9e:c8:6e:3b:cc:8c:fa:81:a0:dd:f0:42:53:
ac:1e:01:13:6c:0c:4e:71:48:7f:ae:ca:17:31:cd:
15:b8:66:2b:52:fe:37:aa:1a:99:d8:99:47:f8:ef:
72:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:1C:E5:34:23:14:76:46:87:E7:7D:13:90:A9:09:BA:38:00:6A:EC
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/MxzlNCMUdkaH530TkKkJujgAauw.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
23:25:00:33:ba:f9:43:84:ef:09:b3:be:6c:ff:86:70:da:bc:
26:90:26:f2:cd:04:8e:65:ad:a9:8e:94:ce:fd:ea:77:35:ff:
3f:bb:96:73:fe:89:17:b6:bc:63:8f:63:85:82:f6:0f:3a:d6:
67:47:3a:ae:a8:60:66:eb:1a:29:35:9f:14:12:77:ae:26:97:
d9:c5:e9:50:79:c3:1a:9a:d6:1a:c6:15:1c:85:7e:77:c1:55:
cd:e0:cd:19:69:eb:9e:91:88:bf:b1:85:c8:e8:04:87:d6:aa:
7d:63:5a:fb:c2:4b:48:f7:c7:81:79:75:6a:a9:63:e1:42:e8:
26:af:89:05:07:58:fd:26:9b:29:15:64:59:fc:5e:25:c6:7c:
f6:e4:06:e7:c9:39:dc:41:5a:4b:9b:ff:01:57:ab:8b:b0:65:
b8:7f:b4:1e:17:5a:9b:78:ef:7e:09:26:14:91:e9:aa:b8:a0:
b6:01:88:0f:02:d6:56:9f:b7:f9:99:b0:dc:ae:b4:1a:0a:a9:
52:f8:81:88:9c:d6:c4:ce:5f:8d:49:7c:cb:cb:c3:79:0b:3b:
04:2c:07:41:4d:a6:f7:a2:4f:5c:c8:78:07:ff:b6:5e:ad:cd:
78:29:56:b6:76:46:33:01:67:54:1d:d4:ec:83:7f:3d:6c:c5:
d2:5d:23:8d
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRlswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MTQw
MDMwMTJaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDMzMUNFNTM0MjMxNDc2
NDY4N0U3N0QxMzkwQTkwOUJBMzgwMDZBRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrkzAhIYBHZAhQpU2nv5QxbDZb+XCWR2XahoMSQFUbjqgLFSdD
PVoN1fmA4LkD+N48aQuHFQ42Y9khgy2GzCpxBMS2Xkws3UXPogUO3VM+xk64tlVu
YKQi6Osscf+NXKbzN2PdTk6u5n+GQ+EmwMGmHr5KLb37ATnIRMbkc+LFvy2l81vm
jYYSE6GKe4TN9zzI4bssf4WzQ3baRCGBluJUJNDL8e8367DTKNh6mZQ9vvyYsQY/
hli4bc0HghD1S6bWJei0FbDQqtjn1VbcuEk9Pm/FnshuO8yM+oGg3fBCU6weARNs
DE5xSH+uyhcxzRW4ZitS/jeqGpnYmUf473KzAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUMxzlNCMUdkaH530TkKkJujgAauwwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9NeHpsTkNNVWRrYUg1MzBUa0trSnVqZ0FhdXcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ACMlADO6+UOE7wmzvmz/hnDavCaQJvLNBI5lramOlM796nc1/z+7lnP+iRe2vGOP
Y4WC9g861mdHOq6oYGbrGik1nxQSd64ml9nF6VB5wxqa1hrGFRyFfnfBVc3gzRlp
656RiL+xhcjoBIfWqn1jWvvCS0j3x4F5dWqpY+FC6CaviQUHWP0mmykVZFn8XiXG
fPbkBufJOdxBWkub/wFXq4uwZbh/tB4XWpt4734JJhSR6aq4oLYBiA8C1laft/mZ
sNyutBoKqVL4gYic1sTOX41JfMvLw3kLOwQsB0FNpveiT1zIeAf/tl6tzXgpVrZ2
RjMBZ1Qd1OyDfz1sxdJdI40=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:36 2023 by rpki-client on console-fra.rpki-client.org