Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/oM8PgF1OX1LRUdQUhyuYWrKlxbs.roa
File: oM8PgF1OX1LRUdQUhyuYWrKlxbs.roa (raw, json)
Hash identifier: 686ei1nUq5jupstD0B0gpO2U7xeSbTEaaQwk7uZdlDM=
Subject key identifier: A0:CF:0F:80:5D:4E:5F:52:D1:51:D4:14:87:2B:98:5A:B2:A5:C5:BB
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4970
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/oM8PgF1OX1LRUdQUhyuYWrKlxbs.roa
Signing time: Mon 06 Jun 2022 00:30:10 +0000
ROA not before: Mon 06 Jun 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18800 (0x4970)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 6 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=A0CF0F805D4E5F52D151D414872B985AB2A5C5BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c5:05:13:8b:79:3f:a0:95:2e:bf:24:ea:58:
56:0f:8f:87:80:f7:2a:e7:b5:2e:39:3b:00:ab:bb:
b5:da:08:5b:34:e2:3c:ab:3d:e6:dc:89:eb:53:5f:
cd:10:45:f9:2f:71:24:73:28:0f:9f:78:c9:aa:46:
e0:5c:d5:47:cc:d5:70:8d:e8:44:01:8b:db:ed:5d:
c2:95:43:2c:1c:1a:a2:5a:a9:ee:17:2c:c2:e8:d3:
aa:b9:ad:b5:e6:1a:5e:79:2a:09:60:0b:a4:dd:25:
ea:3c:dc:5a:0e:21:a8:0c:65:51:67:3d:40:38:3a:
bb:cb:af:52:4c:80:77:1f:09:b3:61:07:56:12:65:
92:af:eb:58:2d:b1:97:2e:3d:13:83:ed:3d:da:1a:
0a:8c:38:b3:bc:4a:ae:6d:bf:c4:aa:0b:2a:af:74:
ee:29:f8:77:a7:c3:07:7d:fd:1b:07:a1:16:d2:b0:
7f:71:5c:ae:83:e2:a2:ab:99:a8:54:08:46:41:99:
9f:39:fe:3e:bc:b9:e1:dd:b0:85:a6:30:d8:61:b4:
25:48:3e:47:7a:11:64:dd:4b:9d:0f:37:28:da:15:
09:0e:6a:9a:c5:3c:ec:56:21:89:1e:b0:8e:9a:f0:
19:68:2c:26:fe:48:d5:8f:13:54:f1:3a:71:d0:87:
d5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:CF:0F:80:5D:4E:5F:52:D1:51:D4:14:87:2B:98:5A:B2:A5:C5:BB
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/oM8PgF1OX1LRUdQUhyuYWrKlxbs.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:32:1c:27:8d:16:96:00:c2:6e:c2:19:a5:23:cf:78:78:f2:
72:f7:f3:9f:08:83:69:d3:1f:78:4e:df:1b:08:fd:a2:5c:ac:
e1:99:f8:6e:53:76:9f:6e:7a:17:89:0a:9a:a9:f2:7a:22:f7:
be:ea:99:31:3d:28:7c:75:cc:17:ba:16:68:3d:93:0f:c0:26:
ad:9a:bf:cc:27:b1:a7:0c:e4:0b:57:95:ff:65:35:f9:1b:11:
44:03:20:e0:da:9e:c3:40:59:10:b5:81:c4:73:e9:1a:f0:14:
b3:4d:84:a4:8f:c7:e2:ef:89:51:f3:a2:5b:01:8f:72:f7:77:
23:af:c8:98:22:1c:46:90:c7:53:d8:47:fa:8a:ca:93:cc:0a:
1e:c5:eb:19:8f:0f:1c:f7:70:88:6e:c8:62:71:a3:3f:67:87:
2e:cb:49:94:b0:33:36:9d:4d:a9:53:3c:4d:26:f9:d3:3b:90:
7e:a2:cc:24:80:8e:46:26:99:d6:3d:88:60:bf:50:83:19:7e:
05:9b:8b:de:1f:3b:23:07:25:a2:0a:90:35:58:76:50:96:a0:
20:cc:4e:ca:41:73:67:42:ed:6c:0e:c6:c4:5e:20:8b:43:f8:
d3:b3:7f:18:fd:20:be:d2:62:f4:80:48:d9:10:08:cf:7a:a8:
c0:69:87:ff
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSXAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDYw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEEwQ0YwRjgwNUQ0RTVG
NTJEMTUxRDQxNDg3MkI5ODVBQjJBNUM1QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKxQUTi3k/oJUuvyTqWFYPj4eA9yrntS45OwCru7XaCFs04jyr
PebcietTX80QRfkvcSRzKA+feMmqRuBc1UfM1XCN6EQBi9vtXcKVQywcGqJaqe4X
LMLo06q5rbXmGl55KglgC6TdJeo83FoOIagMZVFnPUA4OrvLr1JMgHcfCbNhB1YS
ZZKv61gtsZcuPROD7T3aGgqMOLO8Sq5tv8SqCyqvdO4p+Henwwd9/RsHoRbSsH9x
XK6D4qKrmahUCEZBmZ85/j68ueHdsIWmMNhhtCVIPkd6EWTdS50PNyjaFQkOaprF
POxWIYkesI6a8BloLCb+SNWPE1TxOnHQh9W9AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUoM8PgF1OX1LRUdQUhyuYWrKlxbswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9vTThQZ0YxT1gxTFJVZFFVaHl1WVdyS2x4YnMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AC0yHCeNFpYAwm7CGaUjz3h48nL3858Ig2nTH3hO3xsI/aJcrOGZ+G5Tdp9ueheJ
Cpqp8noi977qmTE9KHx1zBe6Fmg9kw/AJq2av8wnsacM5AtXlf9lNfkbEUQDIODa
nsNAWRC1gcRz6RrwFLNNhKSPx+LviVHzolsBj3L3dyOvyJgiHEaQx1PYR/qKypPM
Ch7F6xmPDxz3cIhuyGJxoz9nhy7LSZSwMzadTalTPE0m+dM7kH6izCSAjkYmmdY9
iGC/UIMZfgWbi94fOyMHJaIKkDVYdlCWoCDMTspBc2dC7WwOxsReIItD+NOzfxj9
IL7SYvSASNkQCM96qMBph/8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org