Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/5nYuGPg0jKokh3961ljAxqE0nmU.roa
File: 5nYuGPg0jKokh3961ljAxqE0nmU.roa (raw, json)
Hash identifier: WjPAUoN3ZvGi7NtRHmZH3mV84lEbYpp9CU05O/PmoBg=
Subject key identifier: E6:76:2E:18:F8:34:8C:AA:24:87:7F:7A:D6:58:C0:C6:A1:34:9E:65
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 46BD
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/5nYuGPg0jKokh3961ljAxqE0nmU.roa
Signing time: Thu 21 Apr 2022 00:30:10 +0000
ROA not before: Thu 21 Apr 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18109 (0x46bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 21 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=E6762E18F8348CAA24877F7AD658C0C6A1349E65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4e:bc:4e:85:16:9a:16:7b:aa:bc:f0:ef:dd:
df:97:e0:18:83:1e:ea:26:60:7a:80:17:78:86:14:
0d:54:59:78:4d:54:b7:7c:fa:38:6f:ef:81:92:e5:
a9:34:b6:ac:aa:c3:d6:f7:60:9f:b0:98:ff:d6:0b:
86:14:2e:33:bc:33:b0:50:1d:af:bf:1a:25:ab:aa:
8f:a5:0c:17:2f:9d:c4:6a:cb:2e:34:fb:d9:76:63:
cd:8e:e4:f9:dd:8c:31:6b:e5:05:33:d4:2f:36:91:
86:71:af:0d:c9:31:9e:fd:b8:d5:68:22:b7:91:8d:
4a:e4:35:4e:33:7d:83:7a:64:b5:dc:39:70:95:de:
a3:b2:86:54:18:e4:75:73:36:a8:24:a7:8a:df:a0:
2b:4b:57:5e:cd:6b:3b:04:b7:46:c2:d2:0f:e5:40:
57:95:a1:b4:41:de:4e:1a:4d:96:cb:52:6e:a2:a8:
12:0b:e5:e6:b3:9c:a6:30:b5:9b:50:1f:c7:6f:13:
c4:d5:32:ca:9c:75:06:fb:fe:e7:d7:82:13:cc:96:
28:6b:04:74:dd:ae:c2:21:82:90:96:c9:d0:80:0c:
0d:31:37:91:82:5c:e5:7e:75:16:bd:62:75:e2:53:
37:bc:71:0f:27:7d:7f:56:d9:1c:a0:21:a7:fa:9c:
b6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:76:2E:18:F8:34:8C:AA:24:87:7F:7A:D6:58:C0:C6:A1:34:9E:65
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/5nYuGPg0jKokh3961ljAxqE0nmU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:ac:72:e1:b4:c9:fc:f5:dd:ae:22:74:2f:db:44:aa:ae:3c:
70:5e:11:08:6a:ee:26:34:72:29:63:32:0a:8f:d7:5d:50:e7:
00:0d:9f:e1:6b:e0:a5:2c:fe:09:09:95:a2:a8:91:ec:5e:bc:
e7:71:c3:70:43:5c:19:0f:1b:bf:ee:5f:2b:c8:53:e8:27:db:
35:f7:1f:a4:d3:6c:c8:a6:7c:65:e3:35:ee:f9:f6:8d:b5:41:
f3:40:2e:49:47:6c:77:fa:76:79:a6:9a:3f:9d:d1:11:14:56:
72:49:5f:bd:ca:1d:15:81:cd:6b:50:bf:ba:2b:07:81:0a:9f:
cb:e6:96:40:78:f1:f4:e8:96:f3:7e:5d:f3:2f:16:46:94:fa:
59:ab:bf:92:b6:ca:3e:7a:27:48:b9:7c:99:d3:82:c6:7b:db:
41:88:72:af:c5:93:3a:54:86:2a:88:42:84:d1:68:e5:a5:c6:
75:2c:0d:ed:e1:47:26:58:c7:51:1b:b5:a6:9b:3b:0b:1f:ff:
b5:87:43:a2:c3:d6:f2:78:01:39:16:08:b0:79:ec:a9:80:fe:
dc:bc:59:59:de:25:34:b5:f6:5f:8f:0e:46:14:e0:d2:f3:e9:
c7:f9:4d:70:7e:c8:2e:cd:88:4f:9a:7d:db:52:a8:1b:6d:e2:
d9:66:60:ad
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRr0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MjEw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEU2NzYyRTE4RjgzNDhD
QUEyNDg3N0Y3QUQ2NThDMEM2QTEzNDlFNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHTrxOhRaaFnuqvPDv3d+X4BiDHuomYHqAF3iGFA1UWXhNVLd8
+jhv74GS5ak0tqyqw9b3YJ+wmP/WC4YULjO8M7BQHa+/GiWrqo+lDBcvncRqyy40
+9l2Y82O5PndjDFr5QUz1C82kYZxrw3JMZ79uNVoIreRjUrkNU4zfYN6ZLXcOXCV
3qOyhlQY5HVzNqgkp4rfoCtLV17NazsEt0bC0g/lQFeVobRB3k4aTZbLUm6iqBIL
5eaznKYwtZtQH8dvE8TVMsqcdQb7/ufXghPMlihrBHTdrsIhgpCWydCADA0xN5GC
XOV+dRa9YnXiUze8cQ8nfX9W2RygIaf6nLbRAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU5nYuGPg0jKokh3961ljAxqE0nmUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS81bll1R1BnMGpLb2toMzk2MWxqQXhxRTBubVUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AJuscuG0yfz13a4idC/bRKquPHBeEQhq7iY0ciljMgqP111Q5wANn+Fr4KUs/gkJ
laKokexevOdxw3BDXBkPG7/uXyvIU+gn2zX3H6TTbMimfGXjNe759o21QfNALklH
bHf6dnmmmj+d0REUVnJJX73KHRWBzWtQv7orB4EKn8vmlkB48fTolvN+XfMvFkaU
+lmrv5K2yj56J0i5fJnTgsZ720GIcq/FkzpUhiqIQoTRaOWlxnUsDe3hRyZYx1Eb
taabOwsf/7WHQ6LD1vJ4ATkWCLB57KmA/ty8WVneJTS19l+PDkYU4NLz6cf5TXB+
yC7NiE+afdtSqBtt4tlmYK0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org