Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/2ah4Ew7w2k7JHySUe4zbLCohWnI.roa
File: 2ah4Ew7w2k7JHySUe4zbLCohWnI.roa (raw, json)
Hash identifier: i4pNFbvJnDUAfpPf2qdw+16Lus3MW6S3QwqaQHYJmGc=
Subject key identifier: D9:A8:78:13:0E:F0:DA:4E:C9:1F:24:94:7B:8C:DB:2C:2A:21:5A:72
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 428D
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/2ah4Ew7w2k7JHySUe4zbLCohWnI.roa
Signing time: Thu 03 Feb 2022 00:30:08 +0000
ROA not before: Thu 03 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17037 (0x428d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 3 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=D9A878130EF0DA4EC91F24947B8CDB2C2A215A72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e2:c2:71:e2:73:b1:26:06:ba:03:3a:c1:dd:
5a:c2:d3:1f:8c:74:64:23:71:91:fb:e0:aa:35:e4:
6f:fd:40:e3:53:3c:f0:1d:f5:4c:e6:e1:c2:f4:c7:
ee:97:94:29:08:45:d9:0b:a5:20:49:29:14:e0:a1:
1e:33:47:0f:7b:03:2b:ac:48:de:ae:3e:bc:b2:6e:
d0:2c:f6:78:27:1f:91:20:1e:47:3f:fb:3c:fd:84:
22:cf:90:71:e2:c2:0f:22:10:10:1f:c5:d4:59:31:
e2:e0:7e:c8:e8:f1:a2:cf:19:74:78:b8:83:69:02:
c0:1c:4f:58:ce:27:ab:31:f2:55:a2:17:ec:1a:41:
16:d6:c3:d9:f8:7e:b5:01:77:1a:d4:1d:a6:2f:5a:
c8:0b:ff:0d:56:e0:f7:1b:f7:07:60:a5:88:d1:eb:
04:11:ea:b9:51:7b:2b:7f:04:c7:ac:16:a8:40:d7:
43:f4:48:c8:c5:4e:ab:f9:43:6f:5d:c9:55:d2:e8:
35:8e:c7:1c:a8:ca:70:d1:c2:23:e4:a4:2a:6e:3c:
80:5f:3b:0b:29:79:6a:c1:46:ae:cb:19:7b:cb:ba:
05:c6:71:07:f3:76:ac:d1:8f:32:c3:ab:d4:d4:8c:
46:54:91:13:1d:e5:64:23:c6:59:c2:6f:c4:ff:eb:
3c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A8:78:13:0E:F0:DA:4E:C9:1F:24:94:7B:8C:DB:2C:2A:21:5A:72
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/2ah4Ew7w2k7JHySUe4zbLCohWnI.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
14:ca:89:9b:df:bd:30:35:38:7b:c6:75:56:96:e1:d3:47:a1:
81:26:cb:d1:bf:92:0e:a5:1e:6f:eb:d3:e4:28:e6:5b:c7:45:
a5:52:13:f2:09:4e:c0:0d:ec:3c:29:95:cc:56:86:da:c7:f7:
51:de:bf:c1:01:f5:c9:2d:52:68:31:b1:0f:ed:3f:5e:00:07:
75:a5:bb:83:c3:f1:20:ee:3d:14:7d:42:03:5d:60:c9:59:8e:
63:d1:90:54:c5:6e:02:31:15:12:c4:25:19:2c:6c:b2:e0:fe:
57:70:e1:db:bd:bc:e6:23:8a:6b:b7:6b:9e:c9:09:8c:c6:1e:
b1:94:17:24:54:33:11:b4:de:47:0d:a7:4e:ce:54:46:3d:fc:
27:d5:7c:16:c7:28:d4:ef:2b:ac:ff:e4:8c:d4:9d:51:3a:ee:
a2:e0:62:e2:01:76:d8:e7:c8:a2:b3:95:b5:5c:0a:a0:20:65:
ff:c0:f0:44:4c:ec:ad:89:f4:ea:03:37:37:e7:39:ea:9d:7f:
a0:53:da:45:43:cc:d7:80:e7:f9:d5:6c:99:d4:34:04:e3:f7:
c9:0c:36:4b:ac:e5:12:2f:88:72:51:5b:f3:e6:ce:01:53:b7:
a9:f5:12:d2:4b:21:5c:45:49:d5:0c:30:17:a9:e4:2f:80:3a:
77:b1:a0:dd
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQo0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDMw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEQ5QTg3ODEzMEVGMERB
NEVDOTFGMjQ5NDdCOENEQjJDMkEyMTVBNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp4sJx4nOxJga6AzrB3VrC0x+MdGQjcZH74Ko15G/9QONTPPAd
9Uzm4cL0x+6XlCkIRdkLpSBJKRTgoR4zRw97AyusSN6uPryybtAs9ngnH5EgHkc/
+zz9hCLPkHHiwg8iEBAfxdRZMeLgfsjo8aLPGXR4uINpAsAcT1jOJ6sx8lWiF+wa
QRbWw9n4frUBdxrUHaYvWsgL/w1W4Pcb9wdgpYjR6wQR6rlReyt/BMesFqhA10P0
SMjFTqv5Q29dyVXS6DWOxxyoynDRwiPkpCpuPIBfOwspeWrBRq7LGXvLugXGcQfz
dqzRjzLDq9TUjEZUkRMd5WQjxlnCb8T/6zypAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU2ah4Ew7w2k7JHySUe4zbLCohWnIwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS8yYWg0RXc3dzJrN0pIeVNVZTR6YkxDb2hXbkkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ABTKiZvfvTA1OHvGdVaW4dNHoYEmy9G/kg6lHm/r0+Qo5lvHRaVSE/IJTsAN7Dwp
lcxWhtrH91Hev8EB9cktUmgxsQ/tP14AB3Wlu4PD8SDuPRR9QgNdYMlZjmPRkFTF
bgIxFRLEJRksbLLg/ldw4du9vOYjimu3a57JCYzGHrGUFyRUMxG03kcNp07OVEY9
/CfVfBbHKNTvK6z/5IzUnVE67qLgYuIBdtjnyKKzlbVcCqAgZf/A8ERM7K2J9OoD
NzfnOeqdf6BT2kVDzNeA5/nVbJnUNATj98kMNkus5RIviHJRW/PmzgFTt6n1EtJL
IVxFSdUMMBep5C+AOnexoN0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org