Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/5xdAwJqonuwXkXmyWfMsVvc8M2E.roa
File: 5xdAwJqonuwXkXmyWfMsVvc8M2E.roa (raw, json)
Hash identifier: TPtG6YLZpmUB69IRCrNzKikbSrG0h3UDUuvuPO6vRjs=
Subject key identifier: E7:17:40:C0:9A:A8:9E:EC:17:91:79:B2:59:F3:2C:56:F7:3C:33:61
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4471
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/5xdAwJqonuwXkXmyWfMsVvc8M2E.roa
Signing time: Thu 10 Mar 2022 00:36:52 +0000
ROA not before: Thu 10 Mar 2022 00:36:52 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17521 (0x4471)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 10 00:36:52 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=E71740C09AA89EEC179179B259F32C56F73C3361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:81:7b:2d:d9:b6:67:81:cc:ee:91:2f:3c:19:
7b:38:fd:dc:e5:fc:61:3a:64:a6:42:fa:58:bd:cc:
fc:b2:6e:9d:0e:9c:a7:bf:23:81:df:06:46:ca:1c:
0c:cb:ad:3e:57:fb:dd:44:f1:5a:51:1b:73:eb:d9:
f4:58:04:75:96:a4:13:69:83:7c:04:8a:3d:86:44:
36:f6:10:22:78:35:16:2f:1f:a5:2f:64:d9:21:ea:
28:a0:32:6a:ce:aa:87:20:af:5a:23:50:a6:d6:76:
98:97:72:f3:f2:c1:a4:0d:91:90:0e:8f:95:a2:14:
e1:e3:c6:e1:85:32:b4:02:81:e1:8b:e8:59:03:6c:
3c:99:80:43:ba:89:ef:17:58:01:e1:ea:3c:7b:8b:
bd:06:28:18:11:97:25:98:45:ce:a2:b7:3f:cd:b0:
10:4a:83:b4:a1:3a:e5:e1:86:fe:8d:82:a3:c6:50:
46:23:d1:34:20:5d:7d:f7:17:30:37:63:5a:31:30:
c1:ac:ef:21:e1:70:60:51:15:8c:b1:ed:aa:30:c5:
a2:52:c7:6b:bd:36:3b:8f:3c:99:db:0a:e8:db:c8:
cc:5f:cd:c5:2e:b2:d8:16:e7:fc:af:0e:2c:9a:a0:
8f:7a:3d:ed:a2:33:f0:b5:36:df:e5:0e:b5:1f:e7:
9d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:17:40:C0:9A:A8:9E:EC:17:91:79:B2:59:F3:2C:56:F7:3C:33:61
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/5xdAwJqonuwXkXmyWfMsVvc8M2E.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:54:9b:2a:fe:a9:9b:33:0c:24:0d:41:20:21:1c:ee:ca:0a:
83:e0:a6:23:65:58:15:a8:ee:5d:61:c9:3d:e0:f7:0b:24:16:
ee:56:a8:db:70:dd:48:c8:9d:43:84:c7:ff:ee:8e:6d:95:f5:
b9:45:99:08:5e:bc:e6:58:48:ab:0d:fe:6b:8c:b9:16:d5:70:
14:ae:64:b0:1f:49:71:8f:49:cb:0c:53:2b:de:9b:13:ee:50:
9a:3f:af:18:a9:c9:8b:fd:83:4c:5f:88:7e:65:57:95:3d:6b:
f5:13:73:31:c7:3b:60:0c:68:58:ab:44:02:e0:e9:0b:4d:fa:
a6:b9:30:69:8c:da:2d:11:92:a4:d4:eb:fc:5d:5e:a1:7d:6f:
a0:fe:8c:24:b7:fd:91:fe:58:cd:e6:5b:d2:b4:e3:5c:38:03:
7a:23:6d:a1:a2:24:e2:52:ee:a8:12:d2:aa:d2:d7:3c:ac:dc:
d7:db:3a:90:d7:15:8d:bc:de:7e:fd:11:0b:b7:a1:7f:11:fa:
7f:6f:30:08:1b:da:91:5c:f0:e7:36:06:4c:52:a9:1f:e5:52:
55:f7:30:76:81:e2:81:6e:19:bb:d4:2a:23:55:e8:7e:96:85:
02:78:ee:0e:ab:83:4c:94:c8:2d:66:cd:55:92:ae:4a:88:39:
ae:ea:a4:d8
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRHEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTAw
MDM2NTJaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEU3MTc0MEMwOUFBODlF
RUMxNzkxNzlCMjU5RjMyQzU2RjczQzMzNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWgXst2bZngczukS88GXs4/dzl/GE6ZKZC+li9zPyybp0OnKe/
I4HfBkbKHAzLrT5X+91E8VpRG3Pr2fRYBHWWpBNpg3wEij2GRDb2ECJ4NRYvH6Uv
ZNkh6iigMmrOqocgr1ojUKbWdpiXcvPywaQNkZAOj5WiFOHjxuGFMrQCgeGL6FkD
bDyZgEO6ie8XWAHh6jx7i70GKBgRlyWYRc6itz/NsBBKg7ShOuXhhv6NgqPGUEYj
0TQgXX33FzA3Y1oxMMGs7yHhcGBRFYyx7aowxaJSx2u9NjuPPJnbCujbyMxfzcUu
stgW5/yvDiyaoI96Pe2iM/C1Nt/lDrUf551jAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU5xdAwJqonuwXkXmyWfMsVvc8M2EwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS81eGRBd0pxb251d1hrWG15V2ZNc1Z2YzhNMkUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AH9Umyr+qZszDCQNQSAhHO7KCoPgpiNlWBWo7l1hyT3g9wskFu5WqNtw3UjInUOE
x//ujm2V9blFmQhevOZYSKsN/muMuRbVcBSuZLAfSXGPScsMUyvemxPuUJo/rxip
yYv9g0xfiH5lV5U9a/UTczHHO2AMaFirRALg6QtN+qa5MGmM2i0RkqTU6/xdXqF9
b6D+jCS3/ZH+WM3mW9K041w4A3ojbaGiJOJS7qgS0qrS1zys3NfbOpDXFY283n79
EQu3oX8R+n9vMAgb2pFc8Oc2BkxSqR/lUlX3MHaB4oFuGbvUKiNV6H6WhQJ47g6r
g0yUyC1mzVWSrkqIOa7qpNg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org