Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/6fBR7vNzw5qinYyG9HfoLhjAMqc.roa
File: 6fBR7vNzw5qinYyG9HfoLhjAMqc.roa (raw, json)
Hash identifier: JT1zik44ukk7s5ra5NJnMWaAHLR+Z2muAVsKRm9Mse0=
Subject key identifier: E9:F0:51:EE:F3:73:C3:9A:A2:9D:8C:86:F4:77:E8:2E:18:C0:32:A7
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 446F
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/6fBR7vNzw5qinYyG9HfoLhjAMqc.roa
Signing time: Thu 10 Mar 2022 00:36:51 +0000
ROA not before: Thu 10 Mar 2022 00:36:51 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17519 (0x446f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 10 00:36:51 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=E9F051EEF373C39AA29D8C86F477E82E18C032A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cf:16:1f:5e:10:46:7c:53:62:8c:c5:10:5b:
99:b3:e4:6f:a1:c5:f0:44:84:b6:30:cf:d6:e8:7b:
21:5e:fd:ff:40:ab:d6:5e:06:41:53:a9:b8:d1:dc:
97:ab:95:6f:03:01:e2:4f:09:bd:27:9f:e6:0d:80:
59:f8:71:47:cf:2f:bb:16:62:c0:87:37:5c:3d:08:
b4:86:81:94:c9:aa:bf:dc:d3:e1:30:8c:c1:ad:7c:
56:64:a5:30:26:3e:25:58:7e:ce:a7:f7:09:be:92:
a8:9e:95:57:19:50:5c:04:d4:06:2d:07:f6:6e:71:
85:3b:47:15:76:be:58:dc:77:42:3b:9a:e0:ba:d4:
83:1c:e1:75:27:b1:9b:76:a0:cc:c9:ba:6a:af:b1:
60:13:26:70:58:f4:49:fa:67:38:66:9a:7f:97:89:
68:ed:7c:15:7a:2c:f9:fe:07:84:5d:ce:14:ec:ce:
93:d9:64:c4:7a:28:f4:c9:84:e9:31:aa:0c:03:23:
6b:06:51:a3:10:90:8c:8e:f8:b6:dd:87:15:02:98:
16:be:2a:e1:07:b6:71:3c:cd:de:03:4b:cc:56:54:
c9:81:ab:98:f8:d7:df:fa:55:09:61:7e:43:a0:13:
3e:2d:70:32:43:ea:51:41:69:f0:8d:73:91:4f:95:
b0:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F0:51:EE:F3:73:C3:9A:A2:9D:8C:86:F4:77:E8:2E:18:C0:32:A7
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/6fBR7vNzw5qinYyG9HfoLhjAMqc.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:2a:e2:d2:92:46:37:ab:78:2f:6a:34:79:35:b2:19:a1:1c:
ee:40:2c:88:96:ca:8e:f6:8b:0b:08:fe:a8:dd:94:0e:4d:b6:
aa:cf:ac:22:32:f5:58:53:48:42:45:a6:00:c9:1c:2a:1f:63:
80:a0:23:3e:7b:c2:ec:fe:28:28:c3:46:03:98:59:c6:f9:16:
26:f9:e7:c2:f2:65:e6:cb:eb:2f:d6:76:4b:b7:5d:e0:d8:e8:
84:b6:c8:14:5d:df:7c:43:a2:34:da:35:0c:33:11:68:09:51:
d9:c3:9a:ba:dd:95:5d:37:49:b6:21:bf:70:c1:02:c8:3c:9b:
e0:b7:87:89:76:ff:e5:c1:9d:e5:d1:3b:79:ac:5f:a0:f4:f0:
5b:8e:65:30:73:8e:95:b2:32:e0:e3:32:81:35:93:35:fd:54:
92:38:40:d9:c4:30:cc:d6:82:11:56:74:8e:f2:15:7c:b6:92:
4b:93:38:82:96:f1:8b:19:0a:0a:cf:9b:57:04:7f:25:c7:96:
ec:99:d7:b1:47:a2:7a:75:9e:aa:e2:57:df:2d:e6:27:2e:39:
79:33:23:f7:3e:5c:82:6d:00:49:24:0d:0b:e6:2f:cd:db:1a:
22:e6:0a:18:bd:38:eb:02:e8:5c:7e:37:d0:f6:e2:5f:31:ca:
be:a2:da:8f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRG8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTAw
MDM2NTFaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEU5RjA1MUVFRjM3M0Mz
OUFBMjlEOEM4NkY0NzdFODJFMThDMDMyQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLzxYfXhBGfFNijMUQW5mz5G+hxfBEhLYwz9boeyFe/f9Aq9Ze
BkFTqbjR3JerlW8DAeJPCb0nn+YNgFn4cUfPL7sWYsCHN1w9CLSGgZTJqr/c0+Ew
jMGtfFZkpTAmPiVYfs6n9wm+kqielVcZUFwE1AYtB/ZucYU7RxV2vljcd0I7muC6
1IMc4XUnsZt2oMzJumqvsWATJnBY9En6Zzhmmn+XiWjtfBV6LPn+B4RdzhTszpPZ
ZMR6KPTJhOkxqgwDI2sGUaMQkIyO+LbdhxUCmBa+KuEHtnE8zd4DS8xWVMmBq5j4
19/6VQlhfkOgEz4tcDJD6lFBafCNc5FPlbAXAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU6fBR7vNzw5qinYyG9HfoLhjAMqcwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS82ZkJSN3ZOenc1cWluWXlHOUhmb0xoakFNcWMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AC4q4tKSRjereC9qNHk1shmhHO5ALIiWyo72iwsI/qjdlA5NtqrPrCIy9VhTSEJF
pgDJHCofY4CgIz57wuz+KCjDRgOYWcb5Fib558LyZebL6y/Wdku3XeDY6IS2yBRd
33xDojTaNQwzEWgJUdnDmrrdlV03SbYhv3DBAsg8m+C3h4l2/+XBneXRO3msX6D0
8FuOZTBzjpWyMuDjMoE1kzX9VJI4QNnEMMzWghFWdI7yFXy2kkuTOIKW8YsZCgrP
m1cEfyXHluyZ17FHonp1nqriV98t5icuOXkzI/c+XIJtAEkkDQvmL83bGiLmChi9
OOsC6Fx+N9D24l8xyr6i2o8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org