Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/AITykcvpPwXHjGt5kBxDYNVd9IQ.roa
File: AITykcvpPwXHjGt5kBxDYNVd9IQ.roa (raw, json)
Hash identifier: ypFSdtcrByIAgrB1vJiCbARIq7pb6AkYmwqZ+49nTbk=
Subject key identifier: 00:84:F2:91:CB:E9:3F:05:C7:8C:6B:79:90:1C:43:60:D5:5D:F4:84
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4247
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/AITykcvpPwXHjGt5kBxDYNVd9IQ.roa
Signing time: Sat 29 Jan 2022 00:30:08 +0000
ROA not before: Sat 29 Jan 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16967 (0x4247)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jan 29 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=0084F291CBE93F05C78C6B79901C4360D55DF484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e5:4e:ee:0a:95:4f:1d:d1:e8:c7:45:fe:54:
db:6a:a1:87:d6:3b:50:63:da:0c:b0:c7:6f:8f:8d:
6f:4f:97:ac:53:67:62:80:1f:af:21:3a:ad:e8:5d:
cf:a7:12:09:d5:0f:26:48:47:95:45:8a:54:6f:c0:
18:50:86:19:79:51:9d:81:eb:f1:09:25:cd:5e:dd:
55:9e:de:74:22:24:d5:81:79:c5:c1:d3:26:82:83:
6c:91:81:5f:2e:4f:3e:17:6a:8c:af:a5:3b:d0:8e:
95:7d:2b:47:b7:aa:57:a3:07:fe:2e:ba:29:e2:28:
1e:24:e4:8e:cb:9a:f9:18:d2:75:b4:80:9b:60:fe:
9f:e7:15:0d:1c:d3:9c:3b:87:75:73:fe:ba:c9:f8:
8e:35:b2:30:81:2e:5b:ac:e8:84:a3:a9:49:8f:bc:
b9:fa:81:c7:8e:bd:d8:76:fb:5f:29:88:23:4b:6c:
af:80:da:64:b6:2a:dd:70:49:5b:2a:5f:e1:d6:20:
a2:e6:b7:bd:f0:13:a7:28:16:85:0c:52:1f:7c:84:
cf:1b:6f:32:37:87:5b:35:ed:5d:ed:12:40:9f:38:
49:89:ad:ea:ed:63:3d:9a:9b:77:d8:b8:c0:57:b7:
17:7b:a3:f7:7a:07:c2:8f:d3:2a:10:f9:ba:6c:d3:
dc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:84:F2:91:CB:E9:3F:05:C7:8C:6B:79:90:1C:43:60:D5:5D:F4:84
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/AITykcvpPwXHjGt5kBxDYNVd9IQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
73:0a:cb:04:80:cc:b0:84:f2:c0:f9:49:35:bb:56:a1:91:49:
9c:b6:88:bf:69:0b:82:52:0e:d5:a9:3d:e1:dc:48:85:96:8b:
f2:42:b9:6f:26:66:9e:3a:26:07:29:fe:b6:bd:e0:f0:95:26:
df:26:a3:b0:23:4f:83:bc:5e:55:4c:de:c7:60:84:a9:66:ad:
f6:1f:6a:e0:88:10:a7:52:a6:66:15:a9:6a:c6:4b:a1:4c:65:
15:2a:13:eb:9c:c9:ed:51:44:dc:88:87:41:11:35:1b:79:20:
6d:4e:ff:8b:ce:00:fa:56:31:fa:79:9b:a4:81:d1:58:d9:09:
49:36:27:75:f8:e6:46:71:0c:0e:7d:9d:e0:e9:a0:0b:72:b2:
d3:7a:d9:cb:76:52:4d:84:31:ff:93:29:da:79:35:19:ed:fc:
4f:2e:13:64:00:47:33:0b:96:84:eb:a1:14:ca:ba:65:34:2e:
f2:18:e7:7f:48:fb:62:89:b1:fc:0c:53:85:f9:fc:3a:c7:ab:
b1:44:af:1b:a2:0a:3f:8f:e3:43:77:bd:53:c7:54:e4:2f:9c:
0d:f2:8b:35:b1:c6:9d:db:e3:f1:5a:53:ca:54:5e:eb:a7:27:
fa:87:fa:86:9f:1d:96:1e:c6:5d:f9:1f:7a:02:6b:03:d8:5c:
88:b4:e1:2e
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQkcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAxMjkw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDAwODRGMjkxQ0JFOTNG
MDVDNzhDNkI3OTkwMUM0MzYwRDU1REY0ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC15U7uCpVPHdHox0X+VNtqoYfWO1Bj2gywx2+PjW9Pl6xTZ2KA
H68hOq3oXc+nEgnVDyZIR5VFilRvwBhQhhl5UZ2B6/EJJc1e3VWe3nQiJNWBecXB
0yaCg2yRgV8uTz4XaoyvpTvQjpV9K0e3qlejB/4uuiniKB4k5I7LmvkY0nW0gJtg
/p/nFQ0c05w7h3Vz/rrJ+I41sjCBLlus6ISjqUmPvLn6gceOvdh2+18piCNLbK+A
2mS2Kt1wSVsqX+HWIKLmt73wE6coFoUMUh98hM8bbzI3h1s17V3tEkCfOEmJrert
Yz2am3fYuMBXtxd7o/d6B8KP0yoQ+bps09zZAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUAITykcvpPwXHjGt5kBxDYNVd9IQwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9BSVR5a2N2cFB3WEhqR3Q1a0J4RFlOVmQ5SVEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AHMKywSAzLCE8sD5STW7VqGRSZy2iL9pC4JSDtWpPeHcSIWWi/JCuW8mZp46Jgcp
/ra94PCVJt8mo7AjT4O8XlVM3sdghKlmrfYfauCIEKdSpmYVqWrGS6FMZRUqE+uc
ye1RRNyIh0ERNRt5IG1O/4vOAPpWMfp5m6SB0VjZCUk2J3X45kZxDA59neDpoAty
stN62ct2Uk2EMf+TKdp5NRnt/E8uE2QARzMLloTroRTKumU0LvIY539I+2KJsfwM
U4X5/DrHq7FErxuiCj+P40N3vVPHVOQvnA3yizWxxp3b4/FaU8pUXuunJ/qH+oaf
HZYexl35H3oCawPYXIi04S4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org