Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/4TGYVosM2XVn8aPz6BI54yjB9n4.roa
File: 4TGYVosM2XVn8aPz6BI54yjB9n4.roa (raw, json)
Hash identifier: Ojk+mlnicPwO9iEzhqengKY1lw66GNkujxGopdels/c=
Subject key identifier: E1:31:98:56:8B:0C:D9:75:67:F1:A3:F3:E8:12:39:E3:28:C1:F6:7E
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4906
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/4TGYVosM2XVn8aPz6BI54yjB9n4.roa
Signing time: Wed 01 Jun 2022 00:30:10 +0000
ROA not before: Wed 01 Jun 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18694 (0x4906)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 1 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=E13198568B0CD97567F1A3F3E81239E328C1F67E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f9:7a:e2:15:bc:64:be:d6:37:90:9c:a6:85:
f8:66:c7:f7:27:26:06:ba:3e:88:13:22:d5:69:fc:
95:99:9a:00:85:74:61:0a:02:07:5d:50:60:86:89:
1a:e2:0f:3f:4e:7c:98:dc:77:70:8b:c7:e3:98:ad:
21:39:27:08:e1:4b:4e:7f:5c:7b:df:3e:8b:1f:5d:
c1:03:d4:2f:c5:46:83:a8:37:b9:6e:61:77:6c:05:
77:35:78:6e:92:e5:2b:b6:8e:5d:d6:12:78:f9:2c:
06:99:89:4a:2e:e8:1d:b4:e5:5c:51:39:c0:00:3b:
67:fe:a9:dc:e9:08:b4:68:53:4b:2d:a5:ab:0b:61:
d2:af:2a:4a:ce:85:8c:23:5b:69:6e:a9:64:f0:fb:
94:e5:cb:1b:7e:d6:6b:27:66:f1:a9:19:6a:b8:f1:
c8:cc:db:c6:07:f6:c7:48:33:1d:25:4e:93:e5:97:
86:e0:e9:0f:fd:4d:01:ba:88:06:4c:2e:40:8b:5d:
9f:70:c5:65:f9:8d:63:2c:b4:de:fb:5c:66:64:09:
94:63:fc:fd:f2:38:27:1e:54:e4:a7:41:26:1e:58:
fa:e9:ba:1b:88:62:cc:71:68:a0:f6:6d:73:c1:96:
a8:54:65:ae:a9:ab:ad:ce:7a:3a:9c:91:6c:ed:a9:
75:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:31:98:56:8B:0C:D9:75:67:F1:A3:F3:E8:12:39:E3:28:C1:F6:7E
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/4TGYVosM2XVn8aPz6BI54yjB9n4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.2.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:60:1c:ca:67:ec:23:4e:14:18:5e:b8:6d:06:5f:43:5c:7d:
6c:bf:80:a5:39:55:b4:a2:40:83:b9:20:1a:ed:a6:3a:b3:ca:
c9:00:7a:54:ae:25:d4:54:14:71:18:cc:aa:2a:3f:43:fc:98:
e9:69:ad:0f:dc:ca:66:5d:b7:8b:2a:3e:3c:7a:4d:1e:59:98:
50:e8:ac:6f:dd:42:5b:bc:93:cb:d2:78:58:dc:7c:f9:e1:e1:
f8:10:c9:8a:ee:13:9c:a8:ff:e8:bb:11:c6:5a:61:7c:00:d4:
b6:57:2d:c3:42:09:55:b1:05:9d:3f:a2:27:52:2f:0d:68:02:
08:80:f8:05:00:9d:17:77:c1:0f:b8:dd:a8:05:3f:0f:96:4e:
4f:da:ed:85:16:3d:0e:0a:87:ca:5a:71:5c:58:de:c9:52:9e:
c0:b0:fa:2f:02:87:e6:9f:63:01:d5:7c:2d:1a:43:ae:5c:43:
44:18:ec:1f:89:c3:35:fc:20:a8:2f:4d:45:bc:84:04:fe:8f:
42:fc:85:c0:46:3b:f3:67:8d:fd:46:61:2e:9b:7c:17:34:cd:
53:26:50:fc:93:47:18:08:d2:af:7e:69:a3:d8:f0:a6:c7:18:
04:2f:9f:68:46:c0:be:7f:02:2b:9a:5e:d5:34:2f:85:d4:53:
2a:02:73:a4
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSQYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDEw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEUxMzE5ODU2OEIwQ0Q5
NzU2N0YxQTNGM0U4MTIzOUUzMjhDMUY2N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDh+XriFbxkvtY3kJymhfhmx/cnJga6PogTItVp/JWZmgCFdGEK
AgddUGCGiRriDz9OfJjcd3CLx+OYrSE5JwjhS05/XHvfPosfXcED1C/FRoOoN7lu
YXdsBXc1eG6S5Su2jl3WEnj5LAaZiUou6B205VxROcAAO2f+qdzpCLRoU0stpasL
YdKvKkrOhYwjW2luqWTw+5Tlyxt+1msnZvGpGWq48cjM28YH9sdIMx0lTpPll4bg
6Q/9TQG6iAZMLkCLXZ9wxWX5jWMstN77XGZkCZRj/P3yOCceVOSnQSYeWPrpuhuI
YsxxaKD2bXPBlqhUZa6pq63OejqckWztqXUNAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU4TGYVosM2XVn8aPz6BI54yjB9n4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS80VEdZVm9zTTJYVm44YVB6NkJJNTR5akI5bjQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAIwDQYJKoZIhvcNAQELBQADggEB
AKhgHMpn7CNOFBheuG0GX0NcfWy/gKU5VbSiQIO5IBrtpjqzyskAelSuJdRUFHEY
zKoqP0P8mOlprQ/cymZdt4sqPjx6TR5ZmFDorG/dQlu8k8vSeFjcfPnh4fgQyYru
E5yo/+i7EcZaYXwA1LZXLcNCCVWxBZ0/oidSLw1oAgiA+AUAnRd3wQ+43agFPw+W
Tk/a7YUWPQ4Kh8pacVxY3slSnsCw+i8Ch+afYwHVfC0aQ65cQ0QY7B+JwzX8IKgv
TUW8hAT+j0L8hcBGO/Nnjf1GYS6bfBc0zVMmUPyTRxgI0q9+aaPY8KbHGAQvn2hG
wL5/AiuaXtU0L4XUUyoCc6Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org