Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/3Ssck62jlih84qPkhzpJFgdnL08.roa
File: 3Ssck62jlih84qPkhzpJFgdnL08.roa (raw, json)
Hash identifier: etF3ohs8IxaXoYWBwrjTyl9XgWLFlmk3vQJmEN93HDg=
Subject key identifier: DD:2B:1C:93:AD:A3:96:28:7C:E2:A3:E4:87:3A:49:16:07:67:2F:4F
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 487F
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/3Ssck62jlih84qPkhzpJFgdnL08.roa
Signing time: Mon 23 May 2022 00:30:07 +0000
ROA not before: Mon 23 May 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18559 (0x487f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 23 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=DD2B1C93ADA396287CE2A3E4873A491607672F4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:70:df:65:21:22:02:40:4b:1c:d7:3b:e9:d4:
2b:67:34:25:c5:e5:91:a0:33:af:3a:5b:b7:dc:29:
a8:68:75:dd:2c:c0:f8:3e:6e:72:b4:d3:51:da:6e:
31:a1:97:9f:27:7d:13:53:7f:aa:58:e9:78:78:68:
7a:6e:31:9c:8c:e6:7b:d9:71:79:ef:92:37:16:4e:
7a:ee:11:bf:8c:63:c1:25:ea:ab:a1:bb:eb:2d:10:
85:26:db:7f:69:2d:f3:0b:32:53:a5:b3:e7:2b:b9:
12:3b:ed:be:a4:08:66:a5:44:ec:74:0b:d7:46:15:
fa:c4:a9:03:e5:20:5e:6d:35:5e:42:41:76:c1:49:
83:a0:a0:68:69:73:49:3d:53:fd:b2:fe:d1:57:97:
42:c9:e2:e2:46:49:ba:ac:02:41:f0:3d:53:28:e6:
e9:2a:51:0a:68:ed:66:76:23:16:6f:24:bf:67:b7:
7f:bd:0d:e3:25:c7:1d:c9:00:e9:13:63:44:aa:81:
0d:78:e1:76:31:da:9f:28:9b:56:48:7d:6f:e0:7d:
1e:6f:6b:0e:62:e6:14:10:fd:ac:38:17:6d:ac:5b:
94:71:66:8a:74:ec:c3:c6:49:3d:5a:23:0a:be:7e:
6a:c0:31:2f:78:3d:96:67:23:64:50:15:8a:10:ae:
13:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2B:1C:93:AD:A3:96:28:7C:E2:A3:E4:87:3A:49:16:07:67:2F:4F
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/3Ssck62jlih84qPkhzpJFgdnL08.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
33:65:fa:a6:b6:35:42:7f:8e:f3:73:25:2f:32:fb:14:13:56:
5b:21:6b:a9:46:97:d5:96:9f:67:41:66:89:20:90:07:ca:9a:
07:3a:c0:7f:f1:f8:27:8f:8d:41:1b:6d:62:6b:d1:44:82:b3:
1e:a0:3f:8f:2f:96:ae:d5:f9:59:7e:1e:54:02:be:93:9e:10:
f3:75:e7:52:72:26:8b:74:5c:de:12:20:14:67:d6:ce:6a:ce:
15:39:26:37:0f:c4:78:2c:b1:77:20:53:3e:26:ac:88:9f:e1:
90:3c:34:cd:f3:63:10:a9:e3:5a:76:33:8f:83:a8:2a:36:49:
b9:80:d9:75:83:0d:26:2d:e0:a9:5d:c5:64:be:fc:6f:cf:9b:
71:8c:fd:14:d7:4b:eb:2a:b8:94:bc:c6:17:78:56:ad:0d:15:
8a:a4:d5:1b:c3:1a:24:c5:e2:1b:4e:a3:2c:1a:b0:06:fa:af:
84:6e:35:3f:30:74:3d:5a:6c:e9:eb:1b:4c:78:e7:9a:b9:3e:
7c:86:0b:8c:44:16:68:0b:e5:9e:5e:86:64:dc:b8:16:5f:24:
36:df:54:e7:b0:ea:5b:3f:48:9e:07:72:f2:2d:2f:cf:85:44:
88:a0:2a:84:8d:3e:2c:76:45:08:e8:3b:e7:3f:91:98:9e:d2:
6f:56:85:45
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSH8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MjMw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEREMkIxQzkzQURBMzk2
Mjg3Q0UyQTNFNDg3M0E0OTE2MDc2NzJGNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCocN9lISICQEsc1zvp1CtnNCXF5ZGgM686W7fcKahodd0swPg+
bnK001HabjGhl58nfRNTf6pY6Xh4aHpuMZyM5nvZcXnvkjcWTnruEb+MY8El6quh
u+stEIUm239pLfMLMlOls+cruRI77b6kCGalROx0C9dGFfrEqQPlIF5tNV5CQXbB
SYOgoGhpc0k9U/2y/tFXl0LJ4uJGSbqsAkHwPVMo5ukqUQpo7WZ2IxZvJL9nt3+9
DeMlxx3JAOkTY0SqgQ144XYx2p8om1ZIfW/gfR5vaw5i5hQQ/aw4F22sW5RxZop0
7MPGST1aIwq+fmrAMS94PZZnI2RQFYoQrhM7AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU3Ssck62jlih84qPkhzpJFgdnL08wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS8zU3NjazYyamxpaDg0cVBraHpwSkZnZG5MMDgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
ADNl+qa2NUJ/jvNzJS8y+xQTVlsha6lGl9WWn2dBZokgkAfKmgc6wH/x+CePjUEb
bWJr0USCsx6gP48vlq7V+Vl+HlQCvpOeEPN151JyJot0XN4SIBRn1s5qzhU5JjcP
xHgssXcgUz4mrIif4ZA8NM3zYxCp41p2M4+DqCo2SbmA2XWDDSYt4KldxWS+/G/P
m3GM/RTXS+squJS8xhd4Vq0NFYqk1RvDGiTF4htOoywasAb6r4RuNT8wdD1abOnr
G0x455q5PnyGC4xEFmgL5Z5ehmTcuBZfJDbfVOew6ls/SJ4HcvItL8+FRIigKoSN
Pix2RQjoO+c/kZie0m9WhUU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org