Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/04jpe7D9krQz1uauMcDx22GJGeo.roa
File: 04jpe7D9krQz1uauMcDx22GJGeo.roa (raw, json)
Hash identifier: i9L6kY4DwIfHCFlpefF4uV9lZTroTY9mzUeDSiZ0m6c=
Subject key identifier: D3:88:E9:7B:B0:FD:92:B4:33:D6:E6:AE:31:C0:F1:DB:61:89:19:EA
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4701
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/04jpe7D9krQz1uauMcDx22GJGeo.roa
Signing time: Tue 26 Apr 2022 00:30:07 +0000
ROA not before: Tue 26 Apr 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18177 (0x4701)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 26 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=D388E97BB0FD92B433D6E6AE31C0F1DB618919EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:58:5f:60:dd:a2:85:93:bb:57:01:6f:14:3e:
fa:d2:90:53:bb:ed:ad:23:c6:a6:e0:47:5b:5c:74:
bf:32:97:aa:d7:b9:96:07:58:f7:22:ca:77:2c:85:
14:1b:58:16:83:38:f0:b6:15:e1:4d:4c:5f:cf:02:
04:16:a8:32:c5:32:e4:1b:ee:5a:e3:24:a7:fd:76:
f4:62:9d:ec:e8:38:ad:28:fd:b8:7f:a3:35:49:5c:
af:e5:fc:f1:a6:11:f8:85:9b:de:8d:9e:ee:ea:19:
1c:e9:87:1d:56:0f:ff:30:2d:34:63:99:00:8c:6e:
dc:59:7b:e6:db:93:1f:d9:43:f1:fa:cd:ca:bf:48:
78:a0:a4:a6:76:34:f7:0a:fb:4e:1d:35:62:74:b5:
e5:d9:6c:c4:dd:9d:dd:a3:5b:19:61:7c:f0:2b:b8:
70:d8:a9:bd:b6:07:8f:71:03:22:98:87:ea:db:9e:
b0:6e:2b:19:4f:e1:1b:16:89:9a:1b:9c:93:e4:2e:
7e:a9:ca:28:de:7c:a1:93:27:8b:db:5f:95:26:d0:
d0:4d:4b:5d:14:fa:31:4e:d3:4c:d4:55:9e:0c:3c:
79:02:ac:bf:88:8d:69:1c:97:95:d7:d4:6b:2b:68:
dd:03:bc:64:92:f3:63:7e:50:b2:fe:9e:c1:a8:a9:
9e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:88:E9:7B:B0:FD:92:B4:33:D6:E6:AE:31:C0:F1:DB:61:89:19:EA
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/04jpe7D9krQz1uauMcDx22GJGeo.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:4c:22:46:b6:54:78:81:eb:2b:3e:73:3e:48:b3:98:48:08:
c8:ab:b5:6a:63:ce:ef:90:46:4e:bf:be:1c:84:84:d0:15:2d:
45:34:c0:58:fc:b6:c6:76:c7:d0:f1:e4:bb:0b:09:fa:81:d1:
38:a4:e7:32:e8:27:d1:00:f8:90:76:de:6d:20:af:b6:81:eb:
47:c9:0c:57:0f:c4:74:47:4c:a1:80:c7:4c:29:a7:66:50:48:
83:e9:c3:95:5d:55:38:ed:9b:30:13:17:67:9c:d5:ec:8e:5e:
82:63:b8:f5:72:a5:7e:e4:6f:dc:38:8a:80:ec:ea:99:98:22:
ba:66:7c:c3:ea:5a:3c:de:ea:44:05:e0:57:a7:e4:3b:ad:6a:
98:aa:69:ea:ba:c6:40:7b:56:78:f1:77:7f:83:de:d8:ec:17:
72:67:cb:5c:b4:b7:91:bb:a9:28:41:02:d3:16:91:c1:5d:55:
43:75:2a:94:5a:a2:3e:96:03:34:6c:6b:fe:59:fd:4b:e2:35:
0e:96:98:2a:b0:81:26:de:7c:11:e1:82:49:44:47:30:39:9a:
9c:25:44:fb:1f:9b:44:6e:ad:8e:76:8b:12:a8:50:d8:17:26:
a0:98:a9:7a:8f:96:1c:97:70:9a:4d:13:7a:e1:c0:8a:3a:20:
49:ed:48:d0
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRwEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MjYw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEQzODhFOTdCQjBGRDky
QjQzM0Q2RTZBRTMxQzBGMURCNjE4OTE5RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7WF9g3aKFk7tXAW8UPvrSkFO77a0jxqbgR1tcdL8yl6rXuZYH
WPciyncshRQbWBaDOPC2FeFNTF/PAgQWqDLFMuQb7lrjJKf9dvRinezoOK0o/bh/
ozVJXK/l/PGmEfiFm96Nnu7qGRzphx1WD/8wLTRjmQCMbtxZe+bbkx/ZQ/H6zcq/
SHigpKZ2NPcK+04dNWJ0teXZbMTdnd2jWxlhfPAruHDYqb22B49xAyKYh+rbnrBu
KxlP4RsWiZobnJPkLn6pyijefKGTJ4vbX5Um0NBNS10U+jFO00zUVZ4MPHkCrL+I
jWkcl5XX1GsraN0DvGSS82N+ULL+nsGoqZ5TAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU04jpe7D9krQz1uauMcDx22GJGeowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS8wNGpwZTdEOWtyUXoxdWF1TWNEeDIyR0pHZW8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AGtMIka2VHiB6ys+cz5Is5hICMirtWpjzu+QRk6/vhyEhNAVLUU0wFj8tsZ2x9Dx
5LsLCfqB0Tik5zLoJ9EA+JB23m0gr7aB60fJDFcPxHRHTKGAx0wpp2ZQSIPpw5Vd
VTjtmzATF2ec1eyOXoJjuPVypX7kb9w4ioDs6pmYIrpmfMPqWjze6kQF4Fen5Dut
apiqaeq6xkB7Vnjxd3+D3tjsF3Jny1y0t5G7qShBAtMWkcFdVUN1KpRaoj6WAzRs
a/5Z/UviNQ6WmCqwgSbefBHhgklERzA5mpwlRPsfm0RurY52ixKoUNgXJqCYqXqP
lhyXcJpNE3rhwIo6IEntSNA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org