Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/1zkz4GS_-UEUZ5W8Da6PVYl4od8.roa
File: 1zkz4GS_-UEUZ5W8Da6PVYl4od8.roa (raw, json)
Hash identifier: mflFaPY9jA9sInkNzXsDj+ZsnqE8FijmeoSr6MzK82w=
Subject key identifier: D7:39:33:E0:64:BF:F9:41:14:67:95:BC:0D:AE:8F:55:89:78:A1:DF
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4728
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/1zkz4GS_-UEUZ5W8Da6PVYl4od8.roa
Signing time: Fri 29 Apr 2022 00:30:07 +0000
ROA not before: Fri 29 Apr 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18216 (0x4728)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 29 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=D73933E064BFF941146795BC0DAE8F558978A1DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:11:00:2a:1b:0b:49:84:b1:10:a0:2b:d2:73:
a9:33:2b:bd:93:a8:3d:95:a9:cb:c8:74:9f:d4:d2:
7e:c9:1c:26:f8:84:b0:a3:4a:bf:af:af:b7:74:b9:
55:fe:6c:5d:c6:bf:10:fb:bd:d2:89:51:ec:07:fd:
1e:3d:86:aa:75:61:70:a3:6f:f1:fb:c4:92:37:62:
29:c0:f8:2e:2c:12:70:67:ed:c1:b3:68:a4:27:f0:
c8:b4:4f:fd:20:eb:21:2f:ba:f9:b4:04:e3:7e:19:
9f:41:6b:05:76:d1:c9:96:d5:27:a8:66:eb:2f:13:
5d:a4:a0:bd:20:6b:7d:c3:f9:2a:66:14:16:4a:89:
b8:a2:63:fa:05:44:e7:b5:a4:25:ca:fd:43:b5:c7:
17:86:ae:6d:5b:8b:c9:cc:83:29:e9:18:b7:69:f6:
23:3b:3c:20:e5:ea:ee:6b:64:9e:4d:69:d2:7a:45:
fa:ea:af:54:44:16:56:62:a6:bd:0b:49:70:32:b3:
36:8e:51:07:d3:35:bf:c7:ec:1d:b1:58:be:c4:bd:
96:94:40:72:8e:9c:70:b7:20:b9:59:09:06:06:c9:
1a:56:0e:c2:6e:0d:87:1e:44:1e:5e:b6:c0:f5:a7:
79:62:1a:52:dc:e8:f7:05:38:c6:bf:e3:ce:2a:e7:
a2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:39:33:E0:64:BF:F9:41:14:67:95:BC:0D:AE:8F:55:89:78:A1:DF
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/1zkz4GS_-UEUZ5W8Da6PVYl4od8.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
95:27:d7:51:5b:c2:72:e6:97:8d:d1:82:ed:dc:36:d0:cf:c9:
f8:e6:f9:9d:77:ce:e1:8e:16:9d:ae:f0:5f:b8:4b:98:7e:e6:
aa:8c:cd:41:4e:e2:51:82:31:fc:7a:5b:06:cf:70:4e:7b:55:
69:83:8c:6f:a5:06:86:47:1f:6f:bc:fd:4c:a2:41:d2:aa:a2:
6d:dc:30:c0:7c:4f:3f:4a:02:05:e7:a7:b4:73:ae:91:54:25:
b5:57:43:10:52:75:f9:cf:57:30:04:39:b0:e2:76:69:e1:25:
73:38:99:a7:ec:ca:6b:d1:da:f6:38:77:b7:fb:9c:f7:2e:5d:
12:ce:73:bb:f1:0b:b0:12:6b:e9:5a:fe:a2:d3:b7:31:ac:f1:
36:be:bd:9d:da:52:46:79:51:e4:e4:59:60:1c:a2:40:35:df:
d0:8d:c2:9d:be:b7:a6:b4:a3:5c:f6:ba:4b:84:c0:01:08:3f:
76:21:61:95:6b:8c:73:ff:91:cc:16:58:19:1f:95:ea:b3:5a:
07:f4:6b:77:ab:eb:14:76:2b:be:e3:fd:9d:ec:91:a2:43:85:
45:8c:72:7a:9b:6e:94:4c:a5:88:55:20:f7:66:a9:a2:bf:81:
ae:3b:21:52:4e:fe:2c:2d:db:c7:83:c6:11:68:10:69:c8:ba:
8a:1c:b0:00
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRygwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0Mjkw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEQ3MzkzM0UwNjRCRkY5
NDExNDY3OTVCQzBEQUU4RjU1ODk3OEExREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZEQAqGwtJhLEQoCvSc6kzK72TqD2VqcvIdJ/U0n7JHCb4hLCj
Sr+vr7d0uVX+bF3GvxD7vdKJUewH/R49hqp1YXCjb/H7xJI3YinA+C4sEnBn7cGz
aKQn8Mi0T/0g6yEvuvm0BON+GZ9BawV20cmW1SeoZusvE12koL0ga33D+SpmFBZK
ibiiY/oFROe1pCXK/UO1xxeGrm1bi8nMgynpGLdp9iM7PCDl6u5rZJ5NadJ6Rfrq
r1REFlZipr0LSXAyszaOUQfTNb/H7B2xWL7EvZaUQHKOnHC3ILlZCQYGyRpWDsJu
DYceRB5etsD1p3liGlLc6PcFOMa/484q56LBAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU1zkz4GS/+UEUZ5W8Da6PVYl4od8wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS8xemt6NEdTXy1VRVVaNVc4RGE2UFZZbDRvZDgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AJUn11FbwnLml43Rgu3cNtDPyfjm+Z13zuGOFp2u8F+4S5h+5qqMzUFO4lGCMfx6
WwbPcE57VWmDjG+lBoZHH2+8/UyiQdKqom3cMMB8Tz9KAgXnp7RzrpFUJbVXQxBS
dfnPVzAEObDidmnhJXM4mafsymvR2vY4d7f7nPcuXRLOc7vxC7ASa+la/qLTtzGs
8Ta+vZ3aUkZ5UeTkWWAcokA139CNwp2+t6a0o1z2ukuEwAEIP3YhYZVrjHP/kcwW
WBkfleqzWgf0a3er6xR2K77j/Z3skaJDhUWMcnqbbpRMpYhVIPdmqaK/ga47IVJO
/iwt28eDxhFoEGnIuoocsAA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org