Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/3UVH-r7i7ukkc0kWQ6dcrP_koX4.roa
File: 3UVH-r7i7ukkc0kWQ6dcrP_koX4.roa (raw, json)
Hash identifier: 2H3CU/jAMjvF8h7RBn3IF8ul7GPJCk7mGnt99bDbEyg=
Subject key identifier: DD:45:47:FA:BE:E2:EE:E9:24:73:49:16:43:A7:5C:AC:FF:E4:A1:7E
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4375
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/3UVH-r7i7ukkc0kWQ6dcrP_koX4.roa
Signing time: Sun 20 Feb 2022 00:30:05 +0000
ROA not before: Sun 20 Feb 2022 00:30:05 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17269 (0x4375)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 20 00:30:05 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=DD4547FABEE2EEE92473491643A75CACFFE4A17E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:19:0f:1e:6c:aa:cb:67:5e:49:b9:61:17:16:
22:0c:7f:18:cc:4c:e5:4c:5d:52:e8:5f:09:6d:04:
ab:6a:77:c3:01:92:a5:6b:5b:b1:46:bf:46:ff:9c:
0c:48:35:e8:8a:cd:26:27:d2:e2:ec:82:85:0f:a4:
68:f8:a8:75:eb:51:cf:81:45:ec:af:15:f3:a2:76:
9e:6a:26:72:fc:ca:17:50:1d:f3:b2:f5:77:e3:bf:
1e:ba:41:83:a6:6d:b2:d2:28:f4:c5:45:f8:07:fc:
03:5a:10:e7:1f:3a:10:11:f2:f7:4b:85:da:d5:a8:
1f:35:82:bb:9f:02:38:92:24:e7:77:8a:17:cf:44:
aa:25:1c:2b:23:cb:7a:31:a4:0d:a5:7e:7b:a9:77:
d6:7d:78:b1:a9:f6:c4:da:98:e4:4c:07:40:3c:ac:
46:5d:d6:4f:33:76:92:df:2c:5b:d2:06:97:b3:2f:
0f:88:a3:9a:68:17:f0:00:53:69:29:69:d0:63:b1:
a0:3c:b8:7c:90:3d:c0:9a:20:40:8d:77:9e:19:27:
f5:f1:a0:07:14:46:e3:85:6f:d8:96:8b:04:3f:cf:
ab:28:f2:36:55:38:44:6c:fb:70:5e:f5:9d:7a:9c:
4d:2b:c5:cb:72:04:d1:f1:43:dd:54:bb:fe:70:7f:
2a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:45:47:FA:BE:E2:EE:E9:24:73:49:16:43:A7:5C:AC:FF:E4:A1:7E
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/3UVH-r7i7ukkc0kWQ6dcrP_koX4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:d4:93:35:41:86:f7:0a:db:b5:2d:4d:68:f7:4e:d2:dc:3c:
35:ae:6b:bd:3d:9a:6c:8d:4d:9b:e0:6b:86:fe:04:71:14:0a:
fb:c2:b8:ba:a0:71:02:86:c2:63:a1:8d:d7:1d:e7:9b:c7:71:
9b:da:86:d3:9b:23:0c:2f:87:cc:68:f3:ec:59:d1:89:ca:ec:
3f:63:f0:7b:a1:4e:ae:b7:74:ca:d3:5f:6f:04:7c:92:77:fc:
27:c0:44:cd:05:a5:59:25:94:7b:5d:78:9c:20:39:66:50:6a:
a1:b7:2d:3d:b3:61:3b:d5:14:6e:da:3a:ba:cd:5a:54:d7:51:
26:c5:0e:72:88:f8:dc:cc:e5:39:f3:5c:0a:1d:87:78:de:0f:
ba:90:f3:c4:8f:7a:0a:5c:54:33:aa:4e:3c:3e:7a:fe:e0:d0:
ad:43:a7:5e:76:ec:27:6c:51:a7:c9:ab:86:b3:50:6b:28:ae:
65:e8:94:57:36:3d:15:cb:0d:6f:58:73:f8:4e:e7:2f:1b:7c:
ac:18:ff:17:a4:26:41:0a:67:3e:23:e6:42:36:0f:2f:6b:ee:
1f:31:0a:e9:19:9c:0c:ed:7f:e4:c6:40:ce:03:cc:e9:ed:7e:
fb:67:7c:5a:78:7c:a2:ae:8c:af:fb:6a:91:f8:4b:8b:69:88:
bb:ff:1c:41
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ3UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjAw
MDMwMDVaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKERENDU0N0ZBQkVFMkVF
RTkyNDczNDkxNjQzQTc1Q0FDRkZFNEExN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4GQ8ebKrLZ15JuWEXFiIMfxjMTOVMXVLoXwltBKtqd8MBkqVr
W7FGv0b/nAxINeiKzSYn0uLsgoUPpGj4qHXrUc+BReyvFfOidp5qJnL8yhdQHfOy
9Xfjvx66QYOmbbLSKPTFRfgH/ANaEOcfOhAR8vdLhdrVqB81grufAjiSJOd3ihfP
RKolHCsjy3oxpA2lfnupd9Z9eLGp9sTamORMB0A8rEZd1k8zdpLfLFvSBpezLw+I
o5poF/AAU2kpadBjsaA8uHyQPcCaIECNd54ZJ/XxoAcURuOFb9iWiwQ/z6so8jZV
OERs+3Be9Z16nE0rxctyBNHxQ91Uu/5wfyoFAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU3UVH+r7i7ukkc0kWQ6dcrP/koX4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS8zVVZILXI3aTd1a2tjMGtXUTZkY3JQX2tvWDQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
ACrUkzVBhvcK27UtTWj3TtLcPDWua709mmyNTZvga4b+BHEUCvvCuLqgcQKGwmOh
jdcd55vHcZvahtObIwwvh8xo8+xZ0YnK7D9j8HuhTq63dMrTX28EfJJ3/CfARM0F
pVkllHtdeJwgOWZQaqG3LT2zYTvVFG7aOrrNWlTXUSbFDnKI+NzM5TnzXAodh3je
D7qQ88SPegpcVDOqTjw+ev7g0K1Dp1527CdsUafJq4azUGsormXolFc2PRXLDW9Y
c/hO5y8bfKwY/xekJkEKZz4j5kI2Dy9r7h8xCukZnAztf+TGQM4DzOntfvtnfFp4
fKKujK/7apH4S4tpiLv/HEE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org