Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/htvIZz3VmMu-2adlvAc0Osmy070.roa
File: htvIZz3VmMu-2adlvAc0Osmy070.roa (raw, json)
Hash identifier: yRB0NZuAGK/O/gY+W2eL54lb649czF6pS2OqzIsgx8s=
Subject key identifier: 86:DB:C8:67:3D:D5:98:CB:BE:D9:A7:65:BC:07:34:3A:C9:B2:D3:BD
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43A4
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/htvIZz3VmMu-2adlvAc0Osmy070.roa
Signing time: Wed 23 Feb 2022 00:30:10 +0000
ROA not before: Wed 23 Feb 2022 00:30:10 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17316 (0x43a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 23 00:30:10 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=86DBC8673DD598CBBED9A765BC07343AC9B2D3BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9a:11:d1:fd:10:51:e7:02:9c:13:c5:3f:b1:
aa:bb:c8:fa:b3:9e:8f:06:84:8f:d8:09:2e:ef:bd:
7c:db:48:5d:c2:27:ec:86:db:88:f6:e3:ef:56:62:
4f:49:fa:dc:c1:0f:5e:e7:52:a0:9a:6b:fb:7f:08:
09:8f:a5:e9:af:e4:19:8c:21:a3:3d:fa:a0:90:9d:
16:09:0b:08:b0:9b:28:ea:c2:c4:2e:72:42:76:74:
07:6e:36:17:04:3d:41:c0:4b:ac:2a:38:5d:2c:19:
bc:d9:70:ea:ac:8a:a4:e0:93:2a:e8:3f:39:78:4f:
bd:fc:87:8d:0e:81:40:cd:9b:d3:49:95:a9:ef:05:
ac:40:8c:67:26:2d:fc:f9:83:a9:85:d5:55:25:6c:
7c:d8:86:a5:1a:a6:c4:fa:8f:fd:50:f1:31:f4:c3:
50:07:d7:5f:08:e8:03:17:a0:13:24:de:32:4c:38:
14:61:29:a0:a1:29:89:7e:e4:92:ca:04:1a:54:00:
4f:5a:64:96:80:7e:35:71:61:bc:f2:d5:40:71:9c:
2f:d5:08:f9:25:bf:b5:48:e9:35:22:7d:67:c7:61:
08:80:da:6e:36:5b:4c:df:be:6a:b9:99:46:c5:2a:
84:b3:b1:71:3d:59:ab:20:cd:4d:b1:cb:49:a5:8e:
cb:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:DB:C8:67:3D:D5:98:CB:BE:D9:A7:65:BC:07:34:3A:C9:B2:D3:BD
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/htvIZz3VmMu-2adlvAc0Osmy070.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
67:e0:59:b1:8c:5b:c4:2c:5a:82:3a:45:dc:79:8d:35:8e:ef:
6e:06:2b:43:3f:22:fd:0e:b0:ae:fd:a4:60:c7:ea:2b:2e:ff:
a5:e9:2d:97:98:1c:d2:1e:2b:3e:4b:15:19:77:4f:06:c7:60:
9f:08:9d:c9:d9:7f:26:59:02:28:6e:6f:1f:31:ca:f7:d0:47:
c7:5b:a9:98:7d:b3:d8:b2:d5:41:9f:db:f0:e2:55:af:73:1a:
fb:3d:06:b6:57:a4:de:d0:01:a9:3c:56:f8:b5:a2:6c:33:d0:
e5:bd:17:7f:23:09:44:87:3d:c0:b7:ff:40:47:d7:e8:9d:56:
a6:7c:ba:b2:17:5a:11:0e:43:d6:20:9b:51:75:af:b4:46:54:
9d:94:2e:db:ce:24:18:21:ff:66:26:ce:95:9b:07:61:89:3b:
90:df:0e:cc:f5:44:8c:ad:0e:71:2e:80:5c:b3:b1:9f:75:41:
b0:6a:8e:c0:a5:97:2c:e6:4c:3a:46:c8:45:b8:ee:9a:72:88:
7b:0a:4b:98:2f:57:ac:77:7d:b9:c2:f3:f0:90:b3:f0:80:7f:
7c:a6:11:f8:d8:a3:44:60:4f:66:4e:e8:cc:ea:18:92:b3:96:
3d:8f:c7:e8:a1:e9:37:0d:dc:a4:a4:a6:6d:81:1e:4a:94:71:
60:f3:53:ba
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ6QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjMw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDg2REJDODY3M0RENTk4
Q0JCRUQ5QTc2NUJDMDczNDNBQzlCMkQzQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7mhHR/RBR5wKcE8U/saq7yPqzno8GhI/YCS7vvXzbSF3CJ+yG
24j24+9WYk9J+tzBD17nUqCaa/t/CAmPpemv5BmMIaM9+qCQnRYJCwiwmyjqwsQu
ckJ2dAduNhcEPUHAS6wqOF0sGbzZcOqsiqTgkyroPzl4T738h40OgUDNm9NJlanv
BaxAjGcmLfz5g6mF1VUlbHzYhqUapsT6j/1Q8TH0w1AH118I6AMXoBMk3jJMOBRh
KaChKYl+5JLKBBpUAE9aZJaAfjVxYbzy1UBxnC/VCPklv7VI6TUifWfHYQiA2m42
W0zfvmq5mUbFKoSzsXE9WasgzU2xy0mljsubAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUhtvIZz3VmMu+2adlvAc0Osmy070wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9odHZJWnozVm1NdS0yYWRsdkFjME9zbXkwNzAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AGfgWbGMW8QsWoI6Rdx5jTWO724GK0M/Iv0OsK79pGDH6isu/6XpLZeYHNIeKz5L
FRl3TwbHYJ8IncnZfyZZAihubx8xyvfQR8dbqZh9s9iy1UGf2/DiVa9zGvs9BrZX
pN7QAak8Vvi1omwz0OW9F38jCUSHPcC3/0BH1+idVqZ8urIXWhEOQ9Ygm1F1r7RG
VJ2ULtvOJBgh/2YmzpWbB2GJO5DfDsz1RIytDnEugFyzsZ91QbBqjsCllyzmTDpG
yEW47ppyiHsKS5gvV6x3fbnC8/CQs/CAf3ymEfjYo0RgT2ZO6MzqGJKzlj2Px+ih
6TcN3KSkpm2BHkqUcWDzU7o=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:37 2023 by rpki-client on console-fra.rpki-client.org