Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/2eKMm3FPDZAGmr_SwkQL0RI0aEA.roa
File: 2eKMm3FPDZAGmr_SwkQL0RI0aEA.roa (raw, json)
Hash identifier: r3EyJx2okmzbuHcwwOkDd4DoFYgY4WFo4nw6J4mk80s=
Subject key identifier: D9:E2:8C:9B:71:4F:0D:90:06:9A:BF:D2:C2:44:0B:D1:12:34:68:40
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4739
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/2eKMm3FPDZAGmr_SwkQL0RI0aEA.roa
Signing time: Sat 30 Apr 2022 00:30:09 +0000
ROA not before: Sat 30 Apr 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18233 (0x4739)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 30 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=D9E28C9B714F0D90069ABFD2C2440BD112346840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:97:b7:e7:07:04:d5:dd:a7:bd:76:28:49:ec:
44:84:d0:37:9b:be:ac:1c:5e:60:fd:66:d8:28:48:
b3:d3:34:50:fa:c1:4b:14:fc:e5:6e:7b:6b:4c:cc:
ba:9f:41:44:89:37:94:8f:a5:39:11:b1:0c:b5:cb:
2d:fd:e7:74:3f:b3:1f:18:b7:6b:32:26:c8:b2:9e:
34:a8:35:73:b3:22:a9:0c:ab:62:46:d3:50:2e:69:
2d:9f:7e:82:ff:8f:cc:b9:ad:5e:b7:12:b8:7d:05:
4d:56:75:41:e2:f1:c6:91:27:b0:08:3c:68:60:2e:
55:d9:73:1e:81:ff:cb:e0:ae:9e:3a:e8:a5:23:60:
d8:38:83:fc:b7:98:38:64:af:c4:fc:ae:bc:38:58:
fe:bf:13:64:d5:4f:12:29:65:0a:09:86:bf:10:f5:
96:a2:f3:4f:c1:62:5d:9d:1c:9a:68:b2:b3:37:74:
86:cb:e4:a9:6e:9f:72:ca:3e:b5:c0:59:ca:84:15:
54:22:d2:6e:68:07:da:76:8f:fc:b0:46:1f:05:68:
13:73:04:f9:94:f0:ed:43:a0:97:c6:f8:b6:5f:34:
5b:df:e9:9d:97:01:b2:b2:da:16:10:3f:f5:83:ec:
e1:26:ed:44:c1:c4:a6:43:5e:4a:07:12:45:5a:6f:
d5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E2:8C:9B:71:4F:0D:90:06:9A:BF:D2:C2:44:0B:D1:12:34:68:40
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/2eKMm3FPDZAGmr_SwkQL0RI0aEA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
40:1a:1c:58:08:90:c6:c8:eb:ee:c0:00:ee:91:9a:d7:02:fa:
30:2f:9a:4e:c4:fc:d3:2d:2c:e9:37:a2:f1:48:46:ae:3e:58:
4e:65:b1:15:3e:c9:08:16:28:24:61:32:95:11:da:d8:0b:57:
a2:ff:40:83:6c:9e:98:fc:22:8b:cf:ef:7f:ea:45:52:8e:a1:
3f:ea:93:63:a0:20:79:e2:5a:4c:38:b5:0b:f8:bd:6d:69:e6:
09:9f:81:2a:bc:f4:f7:26:95:f6:1b:7a:19:22:bc:3a:9e:7f:
92:49:57:91:00:f3:71:59:73:04:eb:70:ee:77:98:d6:da:12:
a8:5b:06:e5:a6:d2:f6:39:51:4e:48:43:f7:52:30:cb:bd:2f:
2e:22:41:58:8e:c3:b0:b1:2e:64:41:69:9c:fc:6c:0c:c3:a6:
56:82:be:80:50:e4:5c:a9:e7:f5:3b:89:f7:a1:35:2f:f4:0c:
d7:86:22:b3:44:cd:d8:01:50:35:b1:4a:63:a5:05:14:a6:d9:
32:ac:7a:45:2a:5f:9b:69:e0:73:95:dd:d9:e4:7a:5f:00:4b:
18:08:f7:ab:0e:fb:d1:6f:ea:ae:22:dd:5d:92:99:a8:0c:20:
3a:c8:a3:88:d0:a9:11:7d:d4:4d:0f:38:c7:54:eb:97:46:6e:
e2:7f:4b:d3
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRzkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MzAw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEQ5RTI4QzlCNzE0RjBE
OTAwNjlBQkZEMkMyNDQwQkQxMTIzNDY4NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDll7fnBwTV3ae9dihJ7ESE0DebvqwcXmD9ZtgoSLPTNFD6wUsU
/OVue2tMzLqfQUSJN5SPpTkRsQy1yy3953Q/sx8Yt2syJsiynjSoNXOzIqkMq2JG
01AuaS2ffoL/j8y5rV63Erh9BU1WdUHi8caRJ7AIPGhgLlXZcx6B/8vgrp466KUj
YNg4g/y3mDhkr8T8rrw4WP6/E2TVTxIpZQoJhr8Q9Zai80/BYl2dHJposrM3dIbL
5Klun3LKPrXAWcqEFVQi0m5oB9p2j/ywRh8FaBNzBPmU8O1DoJfG+LZfNFvf6Z2X
AbKy2hYQP/WD7OEm7UTBxKZDXkoHEkVab9WRAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU2eKMm3FPDZAGmr/SwkQL0RI0aEAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS8yZUtNbTNGUERaQUdtcl9Td2tRTDBSSTBhRUEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AEAaHFgIkMbI6+7AAO6RmtcC+jAvmk7E/NMtLOk3ovFIRq4+WE5lsRU+yQgWKCRh
MpUR2tgLV6L/QINsnpj8IovP73/qRVKOoT/qk2OgIHniWkw4tQv4vW1p5gmfgSq8
9PcmlfYbehkivDqef5JJV5EA83FZcwTrcO53mNbaEqhbBuWm0vY5UU5IQ/dSMMu9
Ly4iQViOw7CxLmRBaZz8bAzDplaCvoBQ5Fyp5/U7ifehNS/0DNeGIrNEzdgBUDWx
SmOlBRSm2TKsekUqX5tp4HOV3dnkel8ASxgI96sO+9Fv6q4i3V2SmagMIDrIo4jQ
qRF91E0POMdU65dGbuJ/S9M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org