Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/5aoT_7tw5YfQO0Vb0xGnIqmYQMg.roa
File: 5aoT_7tw5YfQO0Vb0xGnIqmYQMg.roa (raw, json)
Hash identifier: aDznGQ+G9NYvJMi8rogye/xBnpIN4l4wTIH6aIrsVRA=
Subject key identifier: E5:AA:13:FF:BB:70:E5:87:D0:3B:45:5B:D3:11:A7:22:A9:98:40:C8
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4249
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/5aoT_7tw5YfQO0Vb0xGnIqmYQMg.roa
Signing time: Sat 29 Jan 2022 00:30:08 +0000
ROA not before: Sat 29 Jan 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16969 (0x4249)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jan 29 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=E5AA13FFBB70E587D03B455BD311A722A99840C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:52:11:4d:67:7a:d7:ce:45:56:30:91:65:16:
35:54:ea:c2:ce:c1:9a:63:44:09:78:9f:9b:27:3b:
ec:2a:95:d5:18:b6:f8:e5:56:91:2d:20:c7:8b:73:
e9:bb:eb:74:6d:67:db:07:01:36:0c:62:89:35:b6:
1f:a3:f1:80:08:96:8b:02:c4:7f:0c:68:21:8d:af:
90:0a:40:05:f5:3a:63:28:88:78:45:de:15:69:f6:
5a:6e:94:4f:c2:14:3f:d3:ed:27:b2:dd:90:53:a0:
d2:be:b6:80:f4:dc:c7:a3:7f:db:61:f3:7f:20:cf:
b9:10:06:54:cb:e7:7d:3e:e0:8c:5f:2c:6e:57:03:
04:3f:ea:09:de:59:a0:12:f7:16:37:f4:db:1e:29:
41:5f:5a:7e:44:57:cd:68:7d:1e:86:5d:79:6b:61:
53:47:5c:8b:9c:d7:94:da:55:ae:e3:4d:6a:64:f6:
17:b2:b8:ed:4c:0f:91:af:04:13:25:ef:32:c4:b1:
02:31:c8:67:93:13:04:0b:c1:32:38:3e:15:36:67:
fc:82:7d:19:35:63:89:e2:67:dd:d4:7d:ae:27:07:
e0:72:ef:51:a4:ad:8e:3a:46:8d:5f:1e:2b:a6:a9:
5c:9c:ff:74:84:88:7f:12:68:ad:d3:23:dd:be:26:
b6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AA:13:FF:BB:70:E5:87:D0:3B:45:5B:D3:11:A7:22:A9:98:40:C8
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/5aoT_7tw5YfQO0Vb0xGnIqmYQMg.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:f4:b6:0c:30:19:d8:e9:18:48:cb:18:1d:3a:0a:9b:4a:f9:
2a:ed:e1:9e:f2:eb:8c:7a:28:97:4c:c7:c1:75:e8:02:7c:39:
8a:90:9f:4c:53:b5:f7:99:69:9f:b8:81:12:de:d8:2d:72:2a:
69:af:fb:01:89:51:9d:d2:2c:31:88:3e:2c:43:05:e0:fd:06:
35:81:05:f9:e6:48:e6:e8:06:4a:3c:6c:02:5b:f0:75:df:e8:
7a:2d:f5:bd:18:5c:b9:a3:96:ae:61:2c:f8:a8:2c:a1:dc:20:
58:25:dc:ef:0d:48:20:58:7d:a2:98:54:97:58:f6:48:6f:8e:
3f:1a:3d:23:96:65:f7:5e:55:e3:df:dc:96:d7:ec:f8:95:b0:
eb:1a:47:4e:53:f9:e2:8f:09:c8:91:8b:c2:db:d2:5d:29:8e:
ce:1e:fa:f9:06:97:a6:ed:ec:58:db:2b:85:8e:67:90:f1:b7:
04:3c:f1:d4:60:59:a2:29:4c:e4:f2:7c:d4:69:07:d0:85:40:
e2:58:43:0f:11:48:db:ed:f1:98:62:6e:ca:99:51:3f:7e:48:
8a:c9:49:39:5c:35:9c:b4:66:df:7c:62:d7:83:7d:7f:77:ff:
8e:de:10:a2:6e:e6:3a:5a:96:10:ea:7e:21:bb:2e:8f:63:b9:
4b:ea:3b:ba
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQkkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAxMjkw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEU1QUExM0ZGQkI3MEU1
ODdEMDNCNDU1QkQzMTFBNzIyQTk5ODQwQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAUhFNZ3rXzkVWMJFlFjVU6sLOwZpjRAl4n5snO+wqldUYtvjl
VpEtIMeLc+m763RtZ9sHATYMYok1th+j8YAIlosCxH8MaCGNr5AKQAX1OmMoiHhF
3hVp9lpulE/CFD/T7Sey3ZBToNK+toD03Mejf9th838gz7kQBlTL530+4IxfLG5X
AwQ/6gneWaAS9xY39NseKUFfWn5EV81ofR6GXXlrYVNHXIuc15TaVa7jTWpk9hey
uO1MD5GvBBMl7zLEsQIxyGeTEwQLwTI4PhU2Z/yCfRk1Y4niZ93Ufa4nB+By71Gk
rY46Ro1fHiumqVyc/3SEiH8SaK3TI92+Jra3AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU5aoT/7tw5YfQO0Vb0xGnIqmYQMgwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS81YW9UXzd0dzVZZlFPMFZiMHhHbklxbVlRTWcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AKv0tgwwGdjpGEjLGB06CptK+Srt4Z7y64x6KJdMx8F16AJ8OYqQn0xTtfeZaZ+4
gRLe2C1yKmmv+wGJUZ3SLDGIPixDBeD9BjWBBfnmSOboBko8bAJb8HXf6Hot9b0Y
XLmjlq5hLPioLKHcIFgl3O8NSCBYfaKYVJdY9khvjj8aPSOWZfdeVePf3JbX7PiV
sOsaR05T+eKPCciRi8Lb0l0pjs4e+vkGl6bt7FjbK4WOZ5DxtwQ88dRgWaIpTOTy
fNRpB9CFQOJYQw8RSNvt8ZhibsqZUT9+SIrJSTlcNZy0Zt98YteDfX93/47eEKJu
5jpalhDqfiG7Lo9juUvqO7o=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org