Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/4djHQ5v3yvJl5ya07ufRUk2x26o.roa
File: 4djHQ5v3yvJl5ya07ufRUk2x26o.roa (raw, json)
Hash identifier: FfjV+fR4CGrycZoAMYFP05dfNs/ixPoOrpAmETFh1qQ=
Subject key identifier: E1:D8:C7:43:9B:F7:CA:F2:65:E7:26:B4:EE:E7:D1:52:4D:B1:DB:AA
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 433E
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/4djHQ5v3yvJl5ya07ufRUk2x26o.roa
Signing time: Wed 16 Feb 2022 00:30:05 +0000
ROA not before: Wed 16 Feb 2022 00:30:05 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17214 (0x433e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 16 00:30:05 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=E1D8C7439BF7CAF265E726B4EEE7D1524DB1DBAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f4:c7:09:d2:ff:5e:46:7e:b3:1d:dd:e5:e8:
cc:5d:e9:6e:3b:f2:c1:13:2f:ff:5b:ae:1a:22:9f:
92:b0:59:86:c2:18:fe:c3:3d:d7:f3:ff:aa:9f:d1:
bc:fd:18:73:36:73:6a:60:57:62:44:12:49:a9:f5:
3f:41:27:7f:8f:18:27:16:97:bd:d9:38:a2:d8:b1:
52:f8:49:01:16:90:f0:f0:08:29:4d:41:ee:f4:a9:
c4:f0:af:3a:7a:c7:9a:f7:cb:b6:6f:82:27:e7:ca:
e8:de:8f:65:94:48:17:a8:e0:8f:c0:75:fe:da:5e:
3d:63:02:05:5d:22:b9:ef:d9:83:65:1c:e6:85:a2:
1d:d3:89:5a:f2:c3:36:26:dc:d9:bc:54:c0:9a:20:
12:86:58:c9:55:e0:a0:38:ba:92:84:16:52:d2:86:
e5:64:bb:c0:5c:0a:0d:71:74:04:c4:04:34:28:3d:
2f:47:d8:9e:27:aa:75:ca:08:66:2e:84:44:a8:6a:
5a:e1:27:c9:1c:c3:6a:00:cc:95:00:a1:58:ed:d2:
6d:77:5c:4a:e8:0c:7d:80:6f:47:e9:6a:8f:43:c5:
78:d3:ca:dd:c8:fb:01:52:a7:c4:82:89:e6:7f:d3:
82:cf:3d:6e:d3:4e:8b:83:2a:0e:6b:e1:8b:67:36:
4a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D8:C7:43:9B:F7:CA:F2:65:E7:26:B4:EE:E7:D1:52:4D:B1:DB:AA
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/4djHQ5v3yvJl5ya07ufRUk2x26o.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
17:58:0c:34:9c:e7:18:eb:b3:33:16:78:41:78:af:fb:47:8b:
9c:e7:7d:79:ec:89:f4:86:6c:2a:48:6a:df:88:08:a1:9e:68:
b9:c0:ce:87:ba:70:0b:2a:3e:6d:b0:92:3a:ff:e7:be:b8:d6:
6d:87:5d:02:4c:ad:02:ed:ef:b2:0e:4c:6e:d0:a0:85:7c:e2:
b7:e8:fb:a7:88:17:3b:e9:20:a7:6e:89:a3:d0:d6:01:53:a0:
46:31:29:ca:73:ac:e1:79:b4:b6:ce:6a:75:47:a0:85:27:4f:
81:67:16:0f:77:2e:1d:98:69:53:52:9f:04:63:65:9b:be:4b:
60:0e:e7:2b:0b:f8:30:ea:70:65:a3:5e:78:8c:72:f9:de:89:
50:0f:a9:b6:e3:15:71:af:8c:bb:02:9c:cc:6f:c6:d9:6d:26:
e2:06:ee:67:62:a9:de:0c:9e:97:f2:1d:5c:e9:30:5e:d0:ca:
f1:0f:da:7b:15:30:aa:55:27:f7:78:f7:18:56:5d:d6:79:f8:
ca:47:4f:fc:15:55:82:f5:47:b4:b0:fa:8b:a1:bd:e4:7d:40:
7d:87:d5:f3:40:19:18:3d:73:c0:50:5c:83:f0:f8:70:92:f1:
ee:14:92:49:ca:f2:a4:79:9f:eb:89:c4:8a:12:aa:a1:da:ee:
45:14:d7:0e
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQz4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTYw
MDMwMDVaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEUxRDhDNzQzOUJGN0NB
RjI2NUU3MjZCNEVFRTdEMTUyNERCMURCQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDR9McJ0v9eRn6zHd3l6Mxd6W478sETL/9brhoin5KwWYbCGP7D
Pdfz/6qf0bz9GHM2c2pgV2JEEkmp9T9BJ3+PGCcWl73ZOKLYsVL4SQEWkPDwCClN
Qe70qcTwrzp6x5r3y7Zvgifnyujej2WUSBeo4I/Adf7aXj1jAgVdIrnv2YNlHOaF
oh3TiVrywzYm3Nm8VMCaIBKGWMlV4KA4upKEFlLShuVku8BcCg1xdATEBDQoPS9H
2J4nqnXKCGYuhESoalrhJ8kcw2oAzJUAoVjt0m13XEroDH2Ab0fpao9DxXjTyt3I
+wFSp8SCieZ/04LPPW7TTouDKg5r4YtnNko/AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU4djHQ5v3yvJl5ya07ufRUk2x26owHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS80ZGpIUTV2M3l2Smw1eWEwN3VmUlVrMngyNm8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
ABdYDDSc5xjrszMWeEF4r/tHi5znfXnsifSGbCpIat+ICKGeaLnAzoe6cAsqPm2w
kjr/57641m2HXQJMrQLt77IOTG7QoIV84rfo+6eIFzvpIKduiaPQ1gFToEYxKcpz
rOF5tLbOanVHoIUnT4FnFg93Lh2YaVNSnwRjZZu+S2AO5ysL+DDqcGWjXniMcvne
iVAPqbbjFXGvjLsCnMxvxtltJuIG7mdiqd4MnpfyHVzpMF7QyvEP2nsVMKpVJ/d4
9xhWXdZ5+MpHT/wVVYL1R7Sw+ouhveR9QH2H1fNAGRg9c8BQXIPw+HCS8e4UkknK
8qR5n+uJxIoSqqHa7kUU1w4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org