Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/CgS7meagAOM0Ax4qyDXtprnco78.roa
File: CgS7meagAOM0Ax4qyDXtprnco78.roa (raw, json)
Hash identifier: Gi+wmutwS/4hzRF3CelnQBU4Cppw4g2WR1YFEQ8IsNs=
Subject key identifier: 0A:04:BB:99:E6:A0:00:E3:34:03:1E:2A:C8:35:ED:A6:B9:DC:A3:BF
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 426C
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/CgS7meagAOM0Ax4qyDXtprnco78.roa
Signing time: Tue 01 Feb 2022 00:30:04 +0000
ROA not before: Tue 01 Feb 2022 00:30:04 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17004 (0x426c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 1 00:30:04 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=0A04BB99E6A000E334031E2AC835EDA6B9DCA3BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a9:27:5f:18:73:62:54:5c:78:d0:2f:bf:79:
c8:93:0d:e5:33:0a:17:8d:b1:b0:60:5e:89:2e:e5:
c0:ba:d9:8e:d1:6f:16:25:8c:d9:d4:42:7c:e7:6e:
78:09:7a:6d:b5:60:bf:ea:4c:95:96:ff:41:ad:df:
89:66:d0:a2:f6:87:27:8d:80:39:66:86:59:30:3c:
d5:6b:93:b1:94:55:d1:41:45:05:5b:f1:9a:1d:00:
e9:b9:13:81:e2:ac:9c:8a:ff:ec:16:94:c8:ac:b8:
5c:db:ae:ed:02:19:85:55:7e:96:dc:f8:4f:2f:ad:
90:13:94:a4:24:77:b0:db:ae:e2:64:f4:67:ee:7f:
6c:f6:98:b2:85:d3:54:16:ab:10:3c:f8:51:d3:47:
67:53:c3:24:9d:45:b9:33:4b:67:dc:07:b1:a2:36:
01:f7:d8:0e:79:e8:51:65:c5:7c:72:20:27:af:f0:
24:97:27:68:fa:1d:9c:ec:32:ca:9b:a0:46:ca:7e:
56:4d:ea:a3:57:28:df:e6:e8:3e:ab:4f:dd:11:f9:
dd:91:1c:7e:07:e8:ba:34:d9:b6:26:d6:c5:9a:3d:
63:83:80:ce:b5:29:a7:d0:fd:dd:f7:33:20:9b:f3:
00:6f:51:3a:43:58:b6:c1:ff:5d:0f:03:16:8d:08:
84:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:04:BB:99:E6:A0:00:E3:34:03:1E:2A:C8:35:ED:A6:B9:DC:A3:BF
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/CgS7meagAOM0Ax4qyDXtprnco78.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:22:c9:47:f6:95:f6:24:12:0e:0b:61:69:d1:29:68:b1:3c:
74:5a:79:49:48:bc:08:da:ee:95:60:ba:4c:60:fe:d6:44:b1:
cf:80:c2:55:51:e3:79:b9:f5:37:0a:b0:7d:ee:d3:71:65:98:
a0:7c:f7:71:96:7f:5e:13:2a:61:f9:46:67:e5:69:c4:66:49:
5c:80:48:7f:ce:6a:cf:02:8d:b9:e5:72:a2:de:a5:e6:93:58:
ba:73:5d:2e:74:0c:59:14:c7:32:07:23:bc:c0:c1:00:25:25:
3d:89:d1:1f:9e:ef:d1:25:b4:c9:98:13:eb:4d:c0:6e:c4:61:
aa:71:19:9f:e6:cb:46:32:db:0f:57:b5:05:2f:64:1d:09:60:
35:a6:2a:40:b1:c2:53:e6:f2:0d:62:04:e0:45:9f:d2:9a:b6:
ae:f4:49:55:1c:2b:d2:7f:e4:74:5d:9e:01:20:0c:36:4f:03:
25:19:74:7b:45:64:38:c1:41:17:17:85:68:53:6e:23:3f:0f:
1a:45:72:7c:3e:49:a1:51:06:74:e5:dc:c2:40:fc:9d:8f:62:
80:93:8c:fe:bd:a4:1f:5e:80:fb:f1:9a:be:e0:d8:da:e0:90:
80:4f:8e:1c:ab:0a:74:16:78:81:68:19:da:7d:85:bd:56:b7:
aa:69:98:80
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQmwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDEw
MDMwMDRaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDBBMDRCQjk5RTZBMDAw
RTMzNDAzMUUyQUM4MzVFREE2QjlEQ0EzQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYqSdfGHNiVFx40C+/eciTDeUzCheNsbBgXoku5cC62Y7RbxYl
jNnUQnznbngJem21YL/qTJWW/0Gt34lm0KL2hyeNgDlmhlkwPNVrk7GUVdFBRQVb
8ZodAOm5E4HirJyK/+wWlMisuFzbru0CGYVVfpbc+E8vrZATlKQkd7DbruJk9Gfu
f2z2mLKF01QWqxA8+FHTR2dTwySdRbkzS2fcB7GiNgH32A556FFlxXxyICev8CSX
J2j6HZzsMsqboEbKflZN6qNXKN/m6D6rT90R+d2RHH4H6Lo02bYm1sWaPWODgM61
KafQ/d33MyCb8wBvUTpDWLbB/10PAxaNCITDAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUCgS7meagAOM0Ax4qyDXtprnco78wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9DZ1M3bWVhZ0FPTTBBeDRxeURYdHBybmNvNzgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AKUiyUf2lfYkEg4LYWnRKWixPHRaeUlIvAja7pVgukxg/tZEsc+AwlVR43m59TcK
sH3u03FlmKB893GWf14TKmH5RmflacRmSVyASH/Oas8CjbnlcqLepeaTWLpzXS50
DFkUxzIHI7zAwQAlJT2J0R+e79EltMmYE+tNwG7EYapxGZ/my0Yy2w9XtQUvZB0J
YDWmKkCxwlPm8g1iBOBFn9Katq70SVUcK9J/5HRdngEgDDZPAyUZdHtFZDjBQRcX
hWhTbiM/DxpFcnw+SaFRBnTl3MJA/J2PYoCTjP69pB9egPvxmr7g2NrgkIBPjhyr
CnQWeIFoGdp9hb1Wt6ppmIA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org