Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/cPotrfwLSBuyGkGGwYXWvFT8PQY.roa
File: cPotrfwLSBuyGkGGwYXWvFT8PQY.roa (raw, json)
Hash identifier: r0nIMyJHhLuvjyau8L4rVGluG5uV23BCvaNMfYxW5KY=
Subject key identifier: 70:FA:2D:AD:FC:0B:48:1B:B2:1A:41:86:C1:85:D6:BC:54:FC:3D:06
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4465
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/cPotrfwLSBuyGkGGwYXWvFT8PQY.roa
Signing time: Wed 09 Mar 2022 00:36:48 +0000
ROA not before: Wed 09 Mar 2022 00:36:48 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17509 (0x4465)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 9 00:36:48 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=70FA2DADFC0B481BB21A4186C185D6BC54FC3D06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e7:5b:e0:e1:cb:e9:61:4d:af:89:a4:b1:0d:
6b:16:1e:07:39:24:a5:76:78:c5:0b:6f:70:f9:ab:
f8:95:b9:5f:36:0e:c3:8a:6e:05:ed:bd:4b:9a:8c:
ba:48:0b:70:57:d2:ea:db:0b:2b:b7:79:6c:10:ed:
48:d2:b5:2e:86:32:2f:23:80:44:7c:d1:18:0d:9b:
03:5c:b8:48:9c:09:bc:c6:eb:79:bc:9b:cd:fe:dc:
06:88:26:a0:17:e4:3b:d3:76:ee:b8:ad:48:cd:c3:
f7:6f:e6:52:7e:93:3c:e9:83:15:bc:92:28:c6:42:
80:8f:aa:25:fe:50:75:7f:f9:5c:75:81:a2:7e:55:
25:0b:16:00:15:78:7e:4f:c9:f1:c9:75:00:7c:9d:
8b:8d:82:c0:34:a4:ef:d6:f6:e4:df:e1:fa:b9:cd:
b5:33:62:a1:f2:f6:62:ad:bf:3e:88:f1:3a:02:88:
3f:94:9f:14:68:0c:71:53:49:51:2b:da:fb:77:e9:
17:29:0f:47:1c:dc:f3:30:0c:8c:3a:42:e4:01:b0:
a5:f5:4a:27:9a:8c:2a:4d:e6:c7:b9:16:73:5b:27:
0e:91:ac:4e:05:50:49:00:79:8e:4c:b2:fc:69:f2:
04:96:1c:80:de:3f:13:ee:ce:38:ef:81:b2:d3:d1:
fe:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:FA:2D:AD:FC:0B:48:1B:B2:1A:41:86:C1:85:D6:BC:54:FC:3D:06
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/cPotrfwLSBuyGkGGwYXWvFT8PQY.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
96:4b:f8:73:84:35:c7:d5:4c:d6:4e:89:80:51:9d:06:f5:a3:
7d:ee:65:7e:96:c4:54:cc:81:97:59:dc:94:f9:13:3f:0a:dc:
dc:aa:e5:75:d5:88:1d:c3:67:91:8b:e8:6d:18:14:bb:de:cc:
94:70:d0:4a:6e:e1:d4:2d:27:f4:9c:b6:f1:1b:83:8f:0f:ce:
14:38:b2:d9:c5:70:de:e8:da:c7:30:ef:a5:c8:15:e3:d8:14:
f4:57:d8:6b:db:62:f8:f8:c6:0d:dd:16:68:1b:a7:ce:1a:5e:
64:58:53:e4:c8:91:a8:5f:31:42:17:c7:82:8a:6f:40:9f:c1:
a7:5e:43:f6:39:74:54:ac:70:6e:fe:d0:8b:22:c5:22:17:4d:
98:f6:63:95:c1:a7:a7:23:85:6f:a3:c6:5f:c5:22:f9:03:8a:
2b:66:e3:d6:ba:61:c9:49:1e:0f:59:56:d1:51:33:7d:48:15:
04:cf:c3:2e:17:b7:72:b1:bc:18:ba:59:27:18:b6:54:48:32:
35:c3:62:3e:34:32:ab:b3:e4:30:98:3e:f1:0d:66:c2:cd:ff:
79:7d:76:7b:78:2f:e0:84:2f:7a:38:a5:b6:d4:79:19:68:70:
11:2d:c9:2d:11:4e:83:01:de:9a:65:ff:71:e3:18:be:1c:40:
2c:ed:0b:bb
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRGUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDkw
MDM2NDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDcwRkEyREFERkMwQjQ4
MUJCMjFBNDE4NkMxODVENkJDNTRGQzNEMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCR51vg4cvpYU2viaSxDWsWHgc5JKV2eMULb3D5q/iVuV82DsOK
bgXtvUuajLpIC3BX0urbCyu3eWwQ7UjStS6GMi8jgER80RgNmwNcuEicCbzG63m8
m83+3AaIJqAX5DvTdu64rUjNw/dv5lJ+kzzpgxW8kijGQoCPqiX+UHV/+Vx1gaJ+
VSULFgAVeH5PyfHJdQB8nYuNgsA0pO/W9uTf4fq5zbUzYqHy9mKtvz6I8ToCiD+U
nxRoDHFTSVEr2vt36RcpD0cc3PMwDIw6QuQBsKX1SieajCpN5se5FnNbJw6RrE4F
UEkAeY5Msvxp8gSWHIDePxPuzjjvgbLT0f43AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUcPotrfwLSBuyGkGGwYXWvFT8PQYwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9jUG90cmZ3TFNCdXlHa0dHd1lYV3ZGVDhQUVkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AJZL+HOENcfVTNZOiYBRnQb1o33uZX6WxFTMgZdZ3JT5Ez8K3Nyq5XXViB3DZ5GL
6G0YFLvezJRw0Epu4dQtJ/SctvEbg48PzhQ4stnFcN7o2scw76XIFePYFPRX2Gvb
Yvj4xg3dFmgbp84aXmRYU+TIkahfMUIXx4KKb0CfwadeQ/Y5dFSscG7+0IsixSIX
TZj2Y5XBp6cjhW+jxl/FIvkDiitm49a6YclJHg9ZVtFRM31IFQTPwy4Xt3KxvBi6
WScYtlRIMjXDYj40Mquz5DCYPvENZsLN/3l9dnt4L+CEL3o4pbbUeRlocBEtyS0R
ToMB3ppl/3HjGL4cQCztC7s=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:37 2023 by rpki-client on console-fra.rpki-client.org