Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/x03r4ZL5sESpZBexOc7-oCIltwY.roa
File: x03r4ZL5sESpZBexOc7-oCIltwY.roa (raw, json)
Hash identifier: IXSDumkkGrj1pq4PYJptAGF/Ukg/QP45SRZeTczN+9E=
Subject key identifier: C7:4D:EB:E1:92:F9:B0:44:A9:64:17:B1:39:CE:FE:A0:22:25:B7:06
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 45C1
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/x03r4ZL5sESpZBexOc7-oCIltwY.roa
Signing time: Sun 03 Apr 2022 00:30:10 +0000
ROA not before: Sun 03 Apr 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17857 (0x45c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 3 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=C74DEBE192F9B044A96417B139CEFEA02225B706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9a:dc:8d:06:51:52:80:95:bd:99:ed:18:8f:
0c:6a:57:e4:5b:ed:26:5a:e9:f3:1a:e1:54:b4:7b:
3b:a6:31:84:ed:86:3e:f5:66:8e:fd:9a:9b:0e:1a:
dd:7e:da:d2:41:b1:01:0a:86:02:cb:27:be:47:54:
ab:ad:e2:4f:95:07:b2:5c:b7:4d:77:d7:e3:df:5e:
f8:55:39:c8:62:0f:4b:55:32:24:7d:3b:41:7b:b0:
94:0f:c3:60:60:82:40:c6:0b:29:d2:cc:90:6d:3b:
ba:de:88:dd:da:8b:e4:ca:2b:c5:48:1a:6e:b4:d9:
fc:26:6b:99:3c:c1:e1:38:68:ae:75:cf:81:74:c6:
21:16:c3:55:22:9a:bc:f3:c1:d1:07:62:e1:f1:2e:
18:3b:42:1e:c0:a2:b1:ba:6e:62:03:9a:d3:dd:e9:
3a:6e:8f:3b:5f:cd:16:e0:a6:bc:ad:06:a3:b2:24:
fe:9e:05:30:d3:03:bd:e0:00:a0:67:90:34:f6:5d:
d5:71:ea:79:99:2a:c2:ab:30:80:9e:83:40:a9:2c:
19:47:cd:9f:60:ea:8d:32:eb:de:b7:39:67:58:e1:
a4:db:90:7c:e8:5c:52:8f:51:f0:1d:ac:5a:21:5d:
e1:c6:3b:6b:8a:2a:29:7c:8d:b9:83:0e:e8:8a:67:
0d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:4D:EB:E1:92:F9:B0:44:A9:64:17:B1:39:CE:FE:A0:22:25:B7:06
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/x03r4ZL5sESpZBexOc7-oCIltwY.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:6a:4e:e9:de:77:0e:30:e4:47:12:53:9f:86:0d:3c:29:77:
80:1c:5d:df:4c:e8:b3:fe:f8:fc:85:17:08:ab:1c:04:1c:00:
3b:c5:3d:a2:e5:c5:51:86:bd:ac:4e:cc:68:7c:01:5f:66:76:
77:27:1f:c2:90:1f:5a:51:23:6c:b9:77:74:db:9d:e7:31:29:
60:b0:5b:c1:1b:70:c2:ad:b4:ee:5c:a8:07:ed:ed:9a:70:75:
37:06:06:e4:f1:fe:3a:e0:32:2e:a7:46:5e:8f:62:63:f3:25:
a8:42:99:45:9f:c4:e0:65:99:de:1e:ad:eb:60:e5:f0:af:60:
fc:59:9a:e4:71:8f:ef:9b:e7:92:e5:6e:07:59:59:32:f0:b0:
11:3a:54:38:02:2a:80:9e:f6:a3:4b:5c:f7:2d:90:31:81:c4:
54:74:e3:c0:e5:2f:3e:50:c8:cf:4e:9b:b4:f9:a3:fd:1b:51:
c4:d5:f1:61:b5:30:b7:4f:20:c7:38:59:26:f2:bc:28:46:37:
32:4d:39:6c:a7:e6:08:d6:5d:50:dc:a2:63:ed:20:08:29:82:
85:b9:4d:7e:13:28:20:1a:0a:d9:15:c1:4b:24:d9:63:5c:55:
64:a5:c1:fd:01:d0:f0:ca:a1:7d:1f:93:a4:bf:c5:4a:68:63:
5c:e4:28:85
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRcEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MDMw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEM3NERFQkUxOTJGOUIw
NDRBOTY0MTdCMTM5Q0VGRUEwMjIyNUI3MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPmtyNBlFSgJW9me0YjwxqV+Rb7SZa6fMa4VS0ezumMYTthj71
Zo79mpsOGt1+2tJBsQEKhgLLJ75HVKut4k+VB7Jct0131+PfXvhVOchiD0tVMiR9
O0F7sJQPw2BggkDGCynSzJBtO7reiN3ai+TKK8VIGm602fwma5k8weE4aK51z4F0
xiEWw1UimrzzwdEHYuHxLhg7Qh7AorG6bmIDmtPd6TpujztfzRbgprytBqOyJP6e
BTDTA73gAKBnkDT2XdVx6nmZKsKrMICeg0CpLBlHzZ9g6o0y6963OWdY4aTbkHzo
XFKPUfAdrFohXeHGO2uKKil8jbmDDuiKZw0BAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUx03r4ZL5sESpZBexOc7+oCIltwYwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS94MDNyNFpMNXNFU3BaQmV4T2M3LW9DSWx0d1kucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AD9qTunedw4w5EcSU5+GDTwpd4AcXd9M6LP++PyFFwirHAQcADvFPaLlxVGGvaxO
zGh8AV9mdncnH8KQH1pRI2y5d3TbnecxKWCwW8EbcMKttO5cqAft7ZpwdTcGBuTx
/jrgMi6nRl6PYmPzJahCmUWfxOBlmd4eretg5fCvYPxZmuRxj++b55LlbgdZWTLw
sBE6VDgCKoCe9qNLXPctkDGBxFR048DlLz5QyM9Om7T5o/0bUcTV8WG1MLdPIMc4
WSbyvChGNzJNOWyn5gjWXVDcomPtIAgpgoW5TX4TKCAaCtkVwUsk2WNcVWSlwf0B
0PDKoX0fk6S/xUpoY1zkKIU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org