Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/A9FhorpygrG2EJ-4xQBaBaEMltU.roa
File: A9FhorpygrG2EJ-4xQBaBaEMltU.roa (raw, json)
Hash identifier: 4GduikjxdqNaSK9NmQjJwLSvlD43k/QaqKuExtnwn0Y=
Subject key identifier: 03:D1:61:A2:BA:72:82:B1:B6:10:9F:B8:C5:00:5A:05:A1:0C:96:D5
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4721
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/A9FhorpygrG2EJ-4xQBaBaEMltU.roa
Signing time: Thu 28 Apr 2022 00:30:10 +0000
ROA not before: Thu 28 Apr 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18209 (0x4721)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 28 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=03D161A2BA7282B1B6109FB8C5005A05A10C96D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e5:85:91:9e:53:31:18:85:3c:22:11:5b:29:
f5:ec:25:b8:7f:38:0d:74:be:fe:79:ff:12:2d:eb:
7c:05:8d:ab:53:e8:c4:f7:a5:0d:1c:34:19:82:b9:
6a:e6:fe:56:ca:91:a9:db:25:fc:6e:ff:20:25:39:
54:07:79:ad:f6:04:67:e0:88:1f:0e:3c:1d:b3:bf:
a7:68:9c:b7:f1:20:eb:22:4a:86:e2:4f:46:72:d7:
c2:84:d4:30:89:8e:58:59:37:6b:e9:7f:90:6d:c7:
42:e5:39:30:5f:b3:80:2b:d2:b7:75:31:fe:70:af:
af:4f:4b:6d:a4:60:63:cf:4f:d6:a1:c2:7a:c1:3a:
3e:6e:e3:01:03:f8:b5:6b:16:75:a2:5c:2c:98:05:
15:2c:d7:7b:ea:62:6a:ff:a7:35:98:fe:60:61:13:
fc:23:68:fe:c0:ca:a5:f8:52:c0:e3:eb:16:e5:4a:
ee:fa:1d:5e:b4:ec:c9:b4:c7:cc:40:ab:37:23:ef:
23:59:a9:4c:e0:78:cf:99:43:a5:d6:b5:22:fb:34:
d2:ad:a0:ec:b1:2f:cf:44:76:3e:e0:68:d2:db:63:
d5:07:23:b8:fe:c4:f3:3d:48:0c:5b:9d:00:b4:48:
39:a7:4e:06:b6:95:8f:ed:d0:0a:98:a5:c7:e3:77:
4c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D1:61:A2:BA:72:82:B1:B6:10:9F:B8:C5:00:5A:05:A1:0C:96:D5
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/A9FhorpygrG2EJ-4xQBaBaEMltU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:46:c6:73:2f:d8:02:98:40:48:34:6e:ac:35:30:0b:6d:10:
c3:29:1b:01:72:b7:d5:a3:66:9c:37:4b:25:ff:08:7f:31:74:
92:80:84:91:b1:fc:e6:98:0a:ac:79:ea:cb:af:25:98:05:32:
90:0b:a4:d6:9a:28:23:f5:47:d8:03:69:75:6e:95:31:dc:1f:
6f:7d:95:99:64:bd:1a:c9:8c:e7:7f:9d:4c:f9:1c:f9:9a:af:
bc:4a:a9:bb:4b:11:0d:9b:1f:24:a3:da:05:7e:81:72:2f:62:
d4:e8:ac:2b:fe:0e:25:ab:8b:67:23:00:b0:49:11:07:9b:95:
12:e8:c9:b1:1f:a4:5e:57:5d:0c:5c:d5:9e:64:1a:20:ab:2a:
00:d2:ae:db:82:2e:78:19:be:ea:73:64:18:be:a9:94:4f:50:
a8:b4:e4:34:d0:56:78:ec:39:29:45:76:76:a5:b8:f7:dd:93:
12:46:d3:c9:a2:c7:13:a7:fe:3f:bc:0c:0d:65:c9:12:89:99:
f8:12:10:81:71:33:4f:ac:24:b5:09:50:08:26:d5:f1:38:af:
be:47:5c:ba:25:27:5b:bd:0b:81:21:05:7d:9f:d5:ba:9a:04:
d2:19:6d:1d:f6:01:8f:73:fc:78:4d:0a:e2:30:0a:ac:b1:2e:
78:12:a6:bf
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRyEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0Mjgw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDAzRDE2MUEyQkE3Mjgy
QjFCNjEwOUZCOEM1MDA1QTA1QTEwQzk2RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH5YWRnlMxGIU8IhFbKfXsJbh/OA10vv55/xIt63wFjatT6MT3
pQ0cNBmCuWrm/lbKkanbJfxu/yAlOVQHea32BGfgiB8OPB2zv6donLfxIOsiSobi
T0Zy18KE1DCJjlhZN2vpf5Btx0LlOTBfs4Ar0rd1Mf5wr69PS22kYGPPT9ahwnrB
Oj5u4wED+LVrFnWiXCyYBRUs13vqYmr/pzWY/mBhE/wjaP7AyqX4UsDj6xblSu76
HV607Mm0x8xAqzcj7yNZqUzgeM+ZQ6XWtSL7NNKtoOyxL89Edj7gaNLbY9UHI7j+
xPM9SAxbnQC0SDmnTga2lY/t0AqYpcfjd0ylAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUA9FhorpygrG2EJ+4xQBaBaEMltUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9BOUZob3JweWdyRzJFSi00eFFCYUJhRU1sdFUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AG9GxnMv2AKYQEg0bqw1MAttEMMpGwFyt9WjZpw3SyX/CH8xdJKAhJGx/OaYCqx5
6suvJZgFMpALpNaaKCP1R9gDaXVulTHcH299lZlkvRrJjOd/nUz5HPmar7xKqbtL
EQ2bHySj2gV+gXIvYtTorCv+DiWri2cjALBJEQeblRLoybEfpF5XXQxc1Z5kGiCr
KgDSrtuCLngZvupzZBi+qZRPUKi05DTQVnjsOSlFdnaluPfdkxJG08mixxOn/j+8
DA1lyRKJmfgSEIFxM0+sJLUJUAgm1fE4r75HXLolJ1u9C4EhBX2f1bqaBNIZbR32
AY9z/HhNCuIwCqyxLngSpr8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org