Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/zXMz8epnrUEZuwRSmAJicVOaAxc.roa
File: zXMz8epnrUEZuwRSmAJicVOaAxc.roa (raw, json)
Hash identifier: B8Ny3tOun4eU/lpaJKuw6UG8A4a0DqIFR5tpRuJuMUc=
Subject key identifier: CD:73:33:F1:EA:67:AD:41:19:BB:04:52:98:02:62:71:53:9A:03:17
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44F0
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/zXMz8epnrUEZuwRSmAJicVOaAxc.roa
Signing time: Sat 19 Mar 2022 00:30:09 +0000
ROA not before: Sat 19 Mar 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17648 (0x44f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 19 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=CD7333F1EA67AD4119BB045298026271539A0317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:80:36:70:85:87:a6:4e:16:25:0e:5b:3e:4d:
ef:f2:2b:51:85:f1:01:c8:86:2e:38:55:71:85:9a:
6e:f2:81:7d:9b:04:45:56:fa:7f:89:19:c9:fe:87:
0f:59:31:25:2d:7d:7a:b2:59:54:28:eb:a6:49:da:
49:56:98:88:bf:59:9f:91:a3:3e:0c:2b:74:32:40:
8d:c3:6d:11:b3:c4:4c:8d:5b:52:63:c9:37:20:7d:
e6:2c:78:e5:c2:90:44:d2:5c:df:ca:04:d8:bf:2b:
0d:43:3e:d2:89:a8:4b:43:5c:f5:40:a5:6b:be:47:
4c:78:4e:d3:14:5b:d8:ed:49:57:59:62:37:b1:61:
0d:1e:e2:e0:3e:be:12:aa:38:1a:73:36:8c:9a:5c:
0a:5d:81:56:33:fb:17:4f:f9:68:1b:63:fc:fc:08:
96:c3:3f:bd:d8:38:76:ff:53:f7:15:cb:eb:95:ca:
52:fa:47:31:df:bc:df:70:ef:d6:8f:80:ee:ee:4a:
fa:3a:74:76:8a:cf:cd:68:49:da:d0:cd:59:25:04:
98:16:bc:f1:f9:5f:ea:62:f2:6e:f4:04:3b:a0:cd:
d6:18:05:6e:b7:8a:df:c1:64:d8:53:90:92:15:52:
36:50:4e:52:e5:8b:96:73:72:08:b5:32:9f:89:7f:
18:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:73:33:F1:EA:67:AD:41:19:BB:04:52:98:02:62:71:53:9A:03:17
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/zXMz8epnrUEZuwRSmAJicVOaAxc.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:29:b3:a7:25:7e:36:ce:a1:fe:7d:15:f4:05:4e:4a:7b:7a:
5e:72:ed:71:3e:d8:7f:b2:e5:5f:bd:79:27:d2:22:f9:27:19:
49:f0:0f:39:2b:c9:7e:7a:7e:aa:d6:d2:08:ba:a6:04:86:32:
3a:f6:2b:ef:a6:d5:24:ad:8d:a2:96:21:57:3e:56:e9:c9:08:
a4:54:c6:73:ee:62:26:f2:53:b1:2f:e5:97:dd:89:8c:7f:cb:
84:72:1e:01:9a:35:2a:fc:41:c5:92:cc:0a:c7:ce:bc:f3:82:
f9:0e:cd:a4:1a:44:b6:be:1e:ec:90:66:8c:9d:0f:42:12:2a:
20:58:a0:09:eb:7b:02:4a:ed:82:1f:6b:d9:84:17:37:bc:fa:
5b:91:15:91:8a:c7:88:11:a2:56:c0:ef:3f:0c:4e:c8:3d:98:
ab:a1:48:cc:57:b1:57:3d:92:16:e7:84:41:b2:fa:9b:f7:48:
96:64:b1:30:16:08:81:a6:d6:69:e9:2a:68:bb:02:bd:7e:d5:
ab:ec:a8:92:fa:b3:e9:c0:9a:f7:c0:75:7b:9a:6d:36:a0:5a:
33:96:be:4c:e6:12:ad:31:8d:6c:63:10:b5:06:f9:3b:38:39:
3c:7c:a9:9b:72:54:11:e9:c3:85:5e:bd:9c:dd:98:79:17:72:
e1:a3:5c:5c
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRPAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTkw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKENENzMzM0YxRUE2N0FE
NDExOUJCMDQ1Mjk4MDI2MjcxNTM5QTAzMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChgDZwhYemThYlDls+Te/yK1GF8QHIhi44VXGFmm7ygX2bBEVW
+n+JGcn+hw9ZMSUtfXqyWVQo66ZJ2klWmIi/WZ+Roz4MK3QyQI3DbRGzxEyNW1Jj
yTcgfeYseOXCkETSXN/KBNi/Kw1DPtKJqEtDXPVApWu+R0x4TtMUW9jtSVdZYjex
YQ0e4uA+vhKqOBpzNoyaXApdgVYz+xdP+WgbY/z8CJbDP73YOHb/U/cVy+uVylL6
RzHfvN9w79aPgO7uSvo6dHaKz81oSdrQzVklBJgWvPH5X+pi8m70BDugzdYYBW63
it/BZNhTkJIVUjZQTlLli5Zzcgi1Mp+JfxjZAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUzXMz8epnrUEZuwRSmAJicVOaAxcwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS96WE16OGVwbnJVRVp1d1JTbUFKaWNWT2FBeGMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
ACwps6clfjbOof59FfQFTkp7el5y7XE+2H+y5V+9eSfSIvknGUnwDzkryX56fqrW
0gi6pgSGMjr2K++m1SStjaKWIVc+VunJCKRUxnPuYibyU7Ev5ZfdiYx/y4RyHgGa
NSr8QcWSzArHzrzzgvkOzaQaRLa+HuyQZoydD0ISKiBYoAnrewJK7YIfa9mEFze8
+luRFZGKx4gRolbA7z8MTsg9mKuhSMxXsVc9khbnhEGy+pv3SJZksTAWCIGm1mnp
Kmi7Ar1+1avsqJL6s+nAmvfAdXuabTagWjOWvkzmEq0xjWxjELUG+Ts4OTx8qZty
VBHpw4VevZzdmHkXcuGjXFw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org