Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/5wbVfajUB-IJ2hdZosuqWBLebW0.roa
File: 5wbVfajUB-IJ2hdZosuqWBLebW0.roa (raw, json)
Hash identifier: aDGxvYU0W0qLo+UkD98Xx6VZTNmgZWK46S0Ap/ASgdk=
Subject key identifier: E7:06:D5:7D:A8:D4:07:E2:09:DA:17:59:A2:CB:AA:58:12:DE:6D:6D
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4542
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/5wbVfajUB-IJ2hdZosuqWBLebW0.roa
Signing time: Fri 25 Mar 2022 00:30:08 +0000
ROA not before: Fri 25 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17730 (0x4542)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 25 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=E706D57DA8D407E209DA1759A2CBAA5812DE6D6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:97:90:eb:00:80:39:c7:64:54:fb:d2:36:aa:
50:e7:8d:7d:08:d6:92:c7:ef:c1:be:86:00:c6:7e:
9d:56:19:a3:1e:f3:44:47:fd:b8:b1:c6:cf:a7:6d:
1c:11:0d:3d:32:66:d9:b1:74:b3:f6:21:db:9f:7c:
df:5d:49:a6:52:b0:a3:50:ac:56:cf:9d:9b:3e:96:
4e:70:41:04:db:9e:64:69:87:d2:a2:1d:f8:ad:6c:
4d:17:45:20:86:e8:b9:78:af:cb:09:83:eb:2e:a0:
8a:60:a7:14:e4:0e:5a:2f:b5:f4:bf:ea:2a:46:49:
6d:c3:ab:f9:72:61:8e:76:cc:bd:c0:51:2e:14:3c:
a1:5d:03:d9:1a:57:9e:75:4e:cf:15:52:74:46:fb:
3f:89:4c:04:ff:c9:5c:15:40:0c:d1:e4:c2:d0:48:
d3:22:56:14:46:c1:cb:f2:0e:1d:ee:69:0e:1f:01:
19:22:4d:0c:47:1d:77:75:bc:21:0d:f1:07:34:c7:
b4:d5:91:f5:3e:92:a5:1f:ca:c7:76:2b:0b:8e:35:
08:a0:ec:c3:4c:51:b7:9f:3b:58:cf:c2:ce:5c:53:
b8:fd:7c:ef:d8:0b:c8:6d:08:47:0c:85:ea:6f:8d:
c6:a3:b8:06:74:ba:50:e4:b2:00:4c:87:be:ec:0c:
fe:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:06:D5:7D:A8:D4:07:E2:09:DA:17:59:A2:CB:AA:58:12:DE:6D:6D
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/5wbVfajUB-IJ2hdZosuqWBLebW0.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:0c:d0:9f:43:1d:9d:12:71:17:d4:eb:9e:ef:13:14:80:08:
04:37:40:ee:6d:f5:1a:f6:a1:4f:65:da:1f:25:03:7d:22:da:
23:4c:f0:fd:1b:26:ec:46:fa:4c:70:f8:92:0e:b4:23:cd:00:
c4:6d:00:ea:5e:91:3b:a3:a8:34:54:49:b0:e8:94:18:db:75:
a2:fd:10:04:09:b0:ba:31:9c:a4:27:64:79:73:44:66:71:03:
41:18:6d:76:fe:29:7b:7c:7b:1a:98:63:86:7a:8c:9e:d4:da:
42:63:7f:70:01:09:60:f0:85:4a:d7:92:f8:c9:87:2b:54:8a:
61:26:51:43:45:a1:27:b1:94:f5:53:0c:f4:85:32:20:2d:19:
9e:97:38:9b:75:36:9e:c2:89:4c:2d:4f:6e:42:a3:64:ac:13:
fd:1c:c9:34:4a:33:3e:0f:49:31:39:2b:a7:1a:b4:f2:04:33:
6d:e4:fc:26:b6:7e:7b:2f:41:d4:72:ab:93:69:fa:50:59:f3:
32:76:6a:de:e6:c2:90:2d:cd:86:92:07:d4:d6:d5:da:bc:2a:
6f:d0:54:e5:ef:bd:31:ab:bf:78:6e:46:20:5e:2c:18:a3:ce:
2b:33:2c:85:18:33:34:fc:44:f3:9d:25:1c:63:52:c4:07:6a:
92:e1:b7:e2
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRUIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjUw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEU3MDZENTdEQThENDA3
RTIwOURBMTc1OUEyQ0JBQTU4MTJERTZENkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZl5DrAIA5x2RU+9I2qlDnjX0I1pLH78G+hgDGfp1WGaMe80RH
/bixxs+nbRwRDT0yZtmxdLP2IduffN9dSaZSsKNQrFbPnZs+lk5wQQTbnmRph9Ki
HfitbE0XRSCG6Ll4r8sJg+suoIpgpxTkDlovtfS/6ipGSW3Dq/lyYY52zL3AUS4U
PKFdA9kaV551Ts8VUnRG+z+JTAT/yVwVQAzR5MLQSNMiVhRGwcvyDh3uaQ4fARki
TQxHHXd1vCEN8Qc0x7TVkfU+kqUfysd2KwuONQig7MNMUbefO1jPws5cU7j9fO/Y
C8htCEcMhepvjcajuAZ0ulDksgBMh77sDP5nAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU5wbVfajUB+IJ2hdZosuqWBLebW0wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS81d2JWZmFqVUItSUoyaGRab3N1cVdCTGViVzAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AAwM0J9DHZ0ScRfU657vExSACAQ3QO5t9Rr2oU9l2h8lA30i2iNM8P0bJuxG+kxw
+JIOtCPNAMRtAOpekTujqDRUSbDolBjbdaL9EAQJsLoxnKQnZHlzRGZxA0EYbXb+
KXt8exqYY4Z6jJ7U2kJjf3ABCWDwhUrXkvjJhytUimEmUUNFoSexlPVTDPSFMiAt
GZ6XOJt1Np7CiUwtT25Co2SsE/0cyTRKMz4PSTE5K6catPIEM23k/Ca2fnsvQdRy
q5Np+lBZ8zJ2at7mwpAtzYaSB9TW1dq8Km/QVOXvvTGrv3huRiBeLBijziszLIUY
MzT8RPOdJRxjUsQHapLht+I=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org