Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/op0ypKppNQJMfgrcq8opZ5V6JAY.roa
File: op0ypKppNQJMfgrcq8opZ5V6JAY.roa (raw, json)
Hash identifier: 6gQrSvqxfsLHqDTFVEXVQ+MTZ/ShcEsFhBopTDVmSSM=
Subject key identifier: A2:9D:32:A4:AA:69:35:02:4C:7E:0A:DC:AB:CA:29:67:95:7A:24:06
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43D8
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/op0ypKppNQJMfgrcq8opZ5V6JAY.roa
Signing time: Sun 27 Feb 2022 00:30:13 +0000
ROA not before: Sun 27 Feb 2022 00:30:13 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17368 (0x43d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 27 00:30:13 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=A29D32A4AA6935024C7E0ADCABCA2967957A2406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d2:be:2d:38:c6:53:4c:d6:fc:26:8a:2b:f7:
18:a8:0c:a9:69:92:87:a3:ef:aa:c7:18:bc:3b:96:
fc:02:38:b7:9a:19:11:25:8b:07:b8:34:a9:c2:2a:
22:66:ce:0a:8f:5f:b5:ff:ac:56:c1:b7:c8:28:d9:
c7:60:40:d8:40:24:33:fe:fd:4d:cd:06:16:55:bd:
ef:27:21:11:ae:88:1d:92:cf:b1:09:90:53:4e:a5:
bd:aa:96:c6:ee:40:3d:10:12:a5:d9:d3:69:47:c5:
50:b0:88:30:0a:ca:4c:da:0b:fd:c6:1b:b1:74:48:
15:ca:15:dd:2f:a1:ab:b0:f2:d9:3c:ce:58:e1:b6:
e2:f4:a4:0e:7c:bd:79:de:52:ae:e1:64:19:18:ed:
d7:ef:80:14:ca:38:55:96:ec:c1:df:22:12:f9:ee:
2c:92:52:7b:ea:48:cf:5c:d8:79:15:50:8c:ec:4f:
1f:1a:d9:ac:eb:cc:9d:55:e7:89:2d:f7:ff:f3:ce:
38:93:79:65:92:79:28:14:aa:0d:0a:47:75:39:66:
ba:4c:2c:d3:7f:32:78:e9:e9:d9:e6:a2:22:93:71:
03:b3:19:74:fc:ee:d7:21:2e:3c:01:11:87:0a:84:
39:e4:5d:44:8a:e6:01:7a:85:11:4c:10:55:8a:ae:
cf:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9D:32:A4:AA:69:35:02:4C:7E:0A:DC:AB:CA:29:67:95:7A:24:06
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/op0ypKppNQJMfgrcq8opZ5V6JAY.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
13:4f:a8:85:24:51:27:48:b0:89:b3:02:d5:a0:cb:e7:df:da:
3f:5e:97:b3:f4:a7:b3:d3:9d:99:19:92:70:bc:3f:1e:56:b6:
4a:0c:4d:56:62:b4:69:e7:96:40:05:76:c3:18:c0:7b:2d:18:
fc:6f:07:d2:f0:68:57:96:26:46:bf:f7:b1:6e:9b:69:3f:fa:
eb:8a:c9:57:06:34:f4:aa:68:d3:25:45:2b:6b:bc:3f:52:19:
a7:33:a6:c5:8d:b9:0e:aa:5f:33:ac:c0:61:a0:29:99:57:00:
6a:ea:51:07:21:0e:52:46:e0:b5:89:d8:a7:3f:52:af:2b:b0:
e3:f9:e6:22:fb:53:1b:3e:01:90:ba:cf:ae:e5:43:0f:07:cf:
d2:db:f6:ac:2a:75:2b:da:64:2b:d6:9a:7c:db:2b:e3:b7:c9:
55:ae:26:06:3f:06:b2:87:83:0f:25:7e:66:8f:7b:43:76:bc:
6d:38:2d:a6:6b:67:77:34:bb:08:25:73:38:c0:a4:65:89:0e:
19:d9:cb:b9:a0:70:39:fd:f9:2c:c4:b2:0e:51:4a:9d:90:7e:
ef:3b:ed:c2:0d:28:0d:2a:9b:32:44:c6:de:71:ec:35:79:31:
fc:e2:ac:f4:4e:9b:af:9f:e4:52:7b:f5:1c:7e:5d:c9:ab:42:
a8:29:5c:ba
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjcw
MDMwMTNaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEEyOUQzMkE0QUE2OTM1
MDI0QzdFMEFEQ0FCQ0EyOTY3OTU3QTI0MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCR0r4tOMZTTNb8Joor9xioDKlpkoej76rHGLw7lvwCOLeaGREl
iwe4NKnCKiJmzgqPX7X/rFbBt8go2cdgQNhAJDP+/U3NBhZVve8nIRGuiB2Sz7EJ
kFNOpb2qlsbuQD0QEqXZ02lHxVCwiDAKykzaC/3GG7F0SBXKFd0voauw8tk8zljh
tuL0pA58vXneUq7hZBkY7dfvgBTKOFWW7MHfIhL57iySUnvqSM9c2HkVUIzsTx8a
2azrzJ1V54kt9//zzjiTeWWSeSgUqg0KR3U5ZrpMLNN/Mnjp6dnmoiKTcQOzGXT8
7tchLjwBEYcKhDnkXUSK5gF6hRFMEFWKrs8DAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUop0ypKppNQJMfgrcq8opZ5V6JAYwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9vcDB5cEtwcE5RSk1mZ3JjcThvcFo1VjZKQVkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
ABNPqIUkUSdIsImzAtWgy+ff2j9el7P0p7PTnZkZknC8Px5WtkoMTVZitGnnlkAF
dsMYwHstGPxvB9LwaFeWJka/97Fum2k/+uuKyVcGNPSqaNMlRStrvD9SGaczpsWN
uQ6qXzOswGGgKZlXAGrqUQchDlJG4LWJ2Kc/Uq8rsOP55iL7Uxs+AZC6z67lQw8H
z9Lb9qwqdSvaZCvWmnzbK+O3yVWuJgY/BrKHgw8lfmaPe0N2vG04LaZrZ3c0uwgl
czjApGWJDhnZy7mgcDn9+SzEsg5RSp2Qfu877cINKA0qmzJExt5x7DV5MfzirPRO
m6+f5FJ79Rx+XcmrQqgpXLo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:37 2023 by rpki-client on console-fra.rpki-client.org