Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/8PVyvajPbFB8WKNt-5utowlCKIo.roa
File: 8PVyvajPbFB8WKNt-5utowlCKIo.roa (raw, json)
Hash identifier: LBJhhv8GIgbXvSMADqkFu5fkt+j9xhiYUH5G8bZkOto=
Subject key identifier: F0:F5:72:BD:A8:CF:6C:50:7C:58:A3:6D:FB:9B:AD:A3:09:42:28:8A
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4835
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/8PVyvajPbFB8WKNt-5utowlCKIo.roa
Signing time: Wed 18 May 2022 00:30:05 +0000
ROA not before: Wed 18 May 2022 00:30:05 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18485 (0x4835)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 18 00:30:05 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=F0F572BDA8CF6C507C58A36DFB9BADA30942288A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ba:c8:39:15:85:58:a6:29:da:a9:5e:55:71:
26:af:9a:31:7e:ec:80:2e:b6:c5:1d:4f:e2:fb:66:
62:3e:b1:09:83:d8:be:24:bc:12:b3:49:92:01:a2:
43:f7:bd:5d:7b:bd:e3:3a:f0:2e:76:99:6b:50:b8:
e8:c3:bd:2c:72:4e:ba:c2:65:f7:cd:a5:14:3c:5b:
b0:09:66:b5:f0:84:82:d4:46:48:e6:04:25:78:b2:
43:6b:d1:17:c5:ca:0f:51:f6:7e:97:d8:ff:fa:d2:
d8:da:d7:db:16:9e:74:e7:dd:01:47:b1:82:05:d9:
56:e4:e2:84:3d:1a:6c:3f:f5:34:af:3c:ec:bd:58:
52:bf:2b:4e:21:54:4c:13:d6:52:fc:ea:ed:fc:cd:
fa:46:6d:6a:b4:e9:66:95:2b:4c:45:40:f3:b8:d4:
55:2f:e3:5d:70:46:73:b0:dc:31:63:34:5e:61:53:
8c:5a:74:7b:1e:ae:3a:64:a4:03:eb:75:75:a0:21:
f2:22:be:2b:94:d9:28:d6:dc:f2:28:8e:e6:45:8a:
9d:8f:13:c0:d6:7c:90:75:8a:63:9b:45:8e:bf:33:
14:a2:29:06:ad:43:8d:52:6c:3a:95:6d:9b:96:e4:
59:ae:43:81:bf:43:53:65:31:19:7d:d1:2c:9d:ad:
28:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F5:72:BD:A8:CF:6C:50:7C:58:A3:6D:FB:9B:AD:A3:09:42:28:8A
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/8PVyvajPbFB8WKNt-5utowlCKIo.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
52:19:9a:01:15:db:11:26:63:e5:03:c7:7a:1b:dc:fd:9e:ed:
f2:ce:45:34:f6:b8:82:1d:82:67:c2:18:e9:96:0f:28:64:76:
7f:db:b8:04:9a:a3:9e:d8:43:ca:98:06:a3:10:f9:48:93:d7:
37:7e:e2:cf:a3:1a:61:95:5f:40:66:c5:d9:94:bf:f4:e5:b6:
0d:f5:f1:87:db:c4:e3:c4:99:13:64:a7:9f:83:ac:0c:9f:69:
36:0d:03:1c:4b:7d:d7:ec:be:5d:09:c5:ce:62:ad:c4:03:a1:
c3:ea:0e:8b:a7:6c:5c:f3:aa:f9:95:ba:76:60:26:f7:d3:0a:
83:c1:9f:d2:d9:22:95:38:08:a8:91:14:54:b0:52:e9:88:08:
e0:f1:9b:ba:e0:32:38:96:cf:e7:8c:f6:5e:eb:69:2e:64:a2:
cc:1a:51:23:68:9d:9f:19:cb:02:cf:e7:bd:50:08:8b:e7:16:
db:17:14:82:a5:58:d9:05:35:69:77:76:26:43:6a:e7:f9:fd:
af:4a:3a:b8:31:a0:08:4b:71:91:1e:a1:03:ef:8d:c4:5d:96:
99:d6:bf:5c:e1:55:cc:df:93:ff:07:d4:17:94:66:71:65:ac:
53:4e:96:9b:c0:57:0d:32:a8:63:d5:be:75:d8:65:20:67:6f:
9a:ae:51:49
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSDUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MTgw
MDMwMDVaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEYwRjU3MkJEQThDRjZD
NTA3QzU4QTM2REZCOUJBREEzMDk0MjI4OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfusg5FYVYpinaqV5VcSavmjF+7IAutsUdT+L7ZmI+sQmD2L4k
vBKzSZIBokP3vV17veM68C52mWtQuOjDvSxyTrrCZffNpRQ8W7AJZrXwhILURkjm
BCV4skNr0RfFyg9R9n6X2P/60tja19sWnnTn3QFHsYIF2Vbk4oQ9Gmw/9TSvPOy9
WFK/K04hVEwT1lL86u38zfpGbWq06WaVK0xFQPO41FUv411wRnOw3DFjNF5hU4xa
dHserjpkpAPrdXWgIfIiviuU2SjW3PIojuZFip2PE8DWfJB1imObRY6/MxSiKQat
Q41SbDqVbZuW5FmuQ4G/Q1NlMRl90SydrSjRAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU8PVyvajPbFB8WKNt+5utowlCKIowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS84UFZ5dmFqUGJGQjhXS050LTV1dG93bENLSW8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AFIZmgEV2xEmY+UDx3ob3P2e7fLORTT2uIIdgmfCGOmWDyhkdn/buASao57YQ8qY
BqMQ+UiT1zd+4s+jGmGVX0BmxdmUv/Tltg318YfbxOPEmRNkp5+DrAyfaTYNAxxL
fdfsvl0Jxc5ircQDocPqDounbFzzqvmVunZgJvfTCoPBn9LZIpU4CKiRFFSwUumI
CODxm7rgMjiWz+eM9l7raS5koswaUSNonZ8ZywLP571QCIvnFtsXFIKlWNkFNWl3
diZDauf5/a9KOrgxoAhLcZEeoQPvjcRdlpnWv1zhVczfk/8H1BeUZnFlrFNOlpvA
Vw0yqGPVvnXYZSBnb5quUUk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org