Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/tADRHpvVl1B3-EiWTEq6v_nk4rM.roa
File: tADRHpvVl1B3-EiWTEq6v_nk4rM.roa (raw, json)
Hash identifier: 5uC5MkIzX4e6mB/gH0jc2FNly21k9Xcgz6uH27q1k+s=
Subject key identifier: B4:00:D1:1E:9B:D5:97:50:77:F8:48:96:4C:4A:BA:BF:F9:E4:E2:B3
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 457A
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/tADRHpvVl1B3-EiWTEq6v_nk4rM.roa
Signing time: Tue 29 Mar 2022 00:30:09 +0000
ROA not before: Tue 29 Mar 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17786 (0x457a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 29 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=B400D11E9BD5975077F848964C4ABABFF9E4E2B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f2:cb:3e:92:1b:11:ba:46:0e:38:17:fd:d5:
77:b1:a4:fd:bf:02:ac:d4:e9:c3:53:a7:48:c0:00:
54:d1:69:47:3f:bc:04:25:f5:71:94:4d:bd:bd:d4:
01:91:9e:11:fa:c9:d0:0f:9c:5f:ee:ef:52:02:af:
be:d9:9b:58:e6:ce:5f:1e:be:23:46:ce:5a:c2:7f:
5f:da:98:f0:ba:cd:89:cb:9f:65:a5:50:e3:12:80:
cc:b8:84:27:91:b7:aa:75:bf:a0:56:15:a5:6b:65:
97:3f:99:c7:48:58:fe:af:87:96:d6:41:ae:01:db:
58:79:be:d0:9e:63:34:b2:ea:fd:1b:0b:78:97:0a:
d0:80:54:ab:a7:a0:10:ed:8b:6f:f6:4a:41:92:3c:
0b:37:07:14:e5:8b:a6:1e:42:e8:fc:ef:4d:6c:d8:
2a:4d:bd:20:fe:69:ca:c9:2b:eb:72:09:10:34:75:
dd:ee:50:bd:ce:7d:b2:8d:be:f7:21:56:7a:9c:9f:
15:57:b4:43:24:0b:d0:76:66:67:f8:24:39:ac:51:
5f:45:ad:98:7b:af:a7:4c:59:79:df:03:c9:93:3f:
b3:53:ee:3d:b0:74:00:66:e1:3c:b0:c2:af:01:6e:
82:7e:3f:33:82:83:62:d9:7a:0b:2a:71:df:2e:6a:
93:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:00:D1:1E:9B:D5:97:50:77:F8:48:96:4C:4A:BA:BF:F9:E4:E2:B3
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/tADRHpvVl1B3-EiWTEq6v_nk4rM.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:81:0b:7b:62:d7:d5:66:c9:04:3c:9e:ab:36:cf:b1:73:8f:
65:64:bc:4c:39:4b:c0:97:5c:0f:08:63:c1:ff:af:b9:4e:ec:
41:e3:11:3f:99:97:09:5a:1a:dd:c3:ac:b5:d1:1d:d9:7c:97:
2a:22:c3:eb:48:fc:a5:48:5f:1c:38:09:7e:ac:29:52:af:d3:
28:79:9a:c6:4e:e7:91:ba:2c:bd:8f:5b:80:31:6e:cd:ba:8d:
48:f8:4e:44:f2:79:5c:77:58:a5:98:80:1f:e5:93:52:61:ff:
9b:8c:2c:09:71:8c:aa:6a:62:45:21:2e:a4:8c:ce:c7:31:eb:
96:3b:ea:00:22:ef:33:2c:d4:49:9d:90:e3:d9:54:ee:7e:f2:
26:02:92:e4:1a:13:62:a3:6f:c5:c3:fc:e3:bb:36:41:55:91:
e7:97:fe:72:d4:33:fd:b0:28:e9:4d:22:35:bf:5e:d6:66:84:
d6:18:d8:aa:7d:b0:b2:18:da:0f:69:75:19:aa:c0:74:79:8d:
49:61:61:29:b8:a0:84:b6:f7:d4:28:6e:ca:19:70:ef:1f:07:
83:2f:14:f9:61:61:8c:79:8b:b0:13:18:0b:5b:a5:92:61:b1:
6c:17:58:ac:b4:a7:42:b8:a2:38:a6:a6:de:10:28:a0:4e:02:
7c:8a:ba:fd
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRXowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjkw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEI0MDBEMTFFOUJENTk3
NTA3N0Y4NDg5NjRDNEFCQUJGRjlFNEUyQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCm8ss+khsRukYOOBf91XexpP2/AqzU6cNTp0jAAFTRaUc/vAQl
9XGUTb291AGRnhH6ydAPnF/u71ICr77Zm1jmzl8eviNGzlrCf1/amPC6zYnLn2Wl
UOMSgMy4hCeRt6p1v6BWFaVrZZc/mcdIWP6vh5bWQa4B21h5vtCeYzSy6v0bC3iX
CtCAVKunoBDti2/2SkGSPAs3BxTli6YeQuj8701s2CpNvSD+acrJK+tyCRA0dd3u
UL3OfbKNvvchVnqcnxVXtEMkC9B2Zmf4JDmsUV9FrZh7r6dMWXnfA8mTP7NT7j2w
dABm4Tywwq8BboJ+PzOCg2LZegsqcd8uapM9AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUtADRHpvVl1B3+EiWTEq6v/nk4rMwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS90QURSSHB2VmwxQjMtRWlXVEVxNnZfbms0ck0ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AF2BC3ti19VmyQQ8nqs2z7Fzj2VkvEw5S8CXXA8IY8H/r7lO7EHjET+ZlwlaGt3D
rLXRHdl8lyoiw+tI/KVIXxw4CX6sKVKv0yh5msZO55G6LL2PW4Axbs26jUj4TkTy
eVx3WKWYgB/lk1Jh/5uMLAlxjKpqYkUhLqSMzscx65Y76gAi7zMs1EmdkOPZVO5+
8iYCkuQaE2Kjb8XD/OO7NkFVkeeX/nLUM/2wKOlNIjW/XtZmhNYY2Kp9sLIY2g9p
dRmqwHR5jUlhYSm4oIS299QobsoZcO8fB4MvFPlhYYx5i7ATGAtbpZJhsWwXWKy0
p0K4ojimpt4QKKBOAnyKuv0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org