Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Cm8sHLZjX_owE1PQutpSlcx0a88.roa
File: Cm8sHLZjX_owE1PQutpSlcx0a88.roa (raw, json)
Hash identifier: JT7NqzzrkPoOqUhPpifFJFf63UOVM814D0JU4NEvkMc=
Subject key identifier: 0A:6F:2C:1C:B6:63:5F:FA:30:13:53:D0:BA:DA:52:95:CC:74:6B:CF
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 49B3
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Cm8sHLZjX_owE1PQutpSlcx0a88.roa
Signing time: Sat 11 Jun 2022 00:30:09 +0000
ROA not before: Sat 11 Jun 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18867 (0x49b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 11 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=0A6F2C1CB6635FFA301353D0BADA5295CC746BCF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:55:64:c7:20:c8:83:08:c7:21:6b:39:3f:fd:
a3:e0:c7:87:f6:ce:49:ae:09:55:d1:6f:2d:b0:0d:
e6:3a:26:1c:6a:cf:15:4b:9e:c9:b6:4d:51:56:af:
60:fb:5d:bd:dc:73:7f:b8:65:b1:9c:aa:62:80:b5:
58:ae:01:c4:7d:0a:a0:ba:a3:5b:44:5f:7d:e0:7c:
f1:50:d2:12:88:ae:dd:9d:81:ad:77:f6:46:fa:d3:
90:f9:46:61:b5:33:90:dc:74:15:ae:af:7f:71:c1:
ad:0e:44:bb:ad:69:10:15:35:22:de:55:fa:34:26:
d4:b5:b4:f6:b1:0b:33:13:9f:5d:f6:ab:e1:80:58:
b2:8d:87:56:8a:95:be:fa:bf:46:1c:2f:39:85:09:
89:f6:aa:bc:d0:f8:6d:75:24:04:4a:58:9e:58:67:
67:87:11:e1:9c:38:0b:5b:0f:85:85:43:72:bb:30:
d5:e1:9f:e5:11:54:3f:14:15:38:78:f6:e9:00:02:
37:8b:4a:a9:91:20:84:a9:98:bc:1f:8e:7c:f1:df:
d7:2e:2c:e7:f1:27:4d:72:77:d8:d5:e8:e4:07:a9:
7b:ca:03:ea:02:b1:46:48:15:eb:a7:91:c6:b3:03:
2f:0a:fe:1e:bf:45:4b:a5:30:0f:4a:d2:62:17:9c:
65:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6F:2C:1C:B6:63:5F:FA:30:13:53:D0:BA:DA:52:95:CC:74:6B:CF
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Cm8sHLZjX_owE1PQutpSlcx0a88.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
85:ef:2f:16:d6:f5:fe:66:91:de:67:6b:a8:95:d0:d5:3b:01:
42:92:fc:21:ed:c4:9b:bc:4b:f4:d8:7d:0c:31:ac:ae:e8:25:
07:8e:c5:4f:3f:57:91:86:c6:34:a2:ac:c0:c8:ea:f7:24:31:
b8:44:5e:99:f3:66:60:09:eb:88:11:df:86:16:cf:68:04:bf:
ea:36:17:99:a5:c8:51:96:98:18:8d:95:00:24:eb:30:d4:43:
69:47:87:18:60:9c:2f:93:af:f4:48:16:50:7f:6d:bd:a9:2c:
33:34:f9:71:9e:43:e2:44:53:4e:d6:5e:b6:7b:7b:3a:ed:35:
3d:0b:74:8d:af:55:c0:0b:01:37:84:b6:61:8b:c7:50:ff:20:
b3:17:93:34:c6:15:05:2b:80:81:6a:ce:75:0b:98:7a:de:9b:
11:66:02:ff:3f:9c:69:76:ac:04:c4:86:46:51:4d:8c:0a:db:
41:27:27:de:24:42:e8:d4:a2:75:27:98:5a:40:62:40:de:ae:
58:6f:ff:bb:0f:8c:96:d7:6f:a1:e2:d4:04:c4:55:d3:0e:45:
be:69:3c:2c:b9:e8:6b:8f:35:77:0f:93:6c:d3:13:94:d7:13:
0c:1c:1a:9d:bf:13:59:78:25:92:30:87:fd:5e:ef:f1:9b:53:
03:d0:84:52
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSbMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MTEw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDBBNkYyQzFDQjY2MzVG
RkEzMDEzNTNEMEJBREE1Mjk1Q0M3NDZCQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOVWTHIMiDCMchazk//aPgx4f2zkmuCVXRby2wDeY6JhxqzxVL
nsm2TVFWr2D7Xb3cc3+4ZbGcqmKAtViuAcR9CqC6o1tEX33gfPFQ0hKIrt2dga13
9kb605D5RmG1M5DcdBWur39xwa0ORLutaRAVNSLeVfo0JtS1tPaxCzMTn132q+GA
WLKNh1aKlb76v0YcLzmFCYn2qrzQ+G11JARKWJ5YZ2eHEeGcOAtbD4WFQ3K7MNXh
n+URVD8UFTh49ukAAjeLSqmRIISpmLwfjnzx39cuLOfxJ01yd9jV6OQHqXvKA+oC
sUZIFeunkcazAy8K/h6/RUulMA9K0mIXnGWnAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUCm8sHLZjX/owE1PQutpSlcx0a88wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9DbThzSExaalhfb3dFMVBRdXRwU2xjeDBhODgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AIXvLxbW9f5mkd5na6iV0NU7AUKS/CHtxJu8S/TYfQwxrK7oJQeOxU8/V5GGxjSi
rMDI6vckMbhEXpnzZmAJ64gR34YWz2gEv+o2F5mlyFGWmBiNlQAk6zDUQ2lHhxhg
nC+Tr/RIFlB/bb2pLDM0+XGeQ+JEU07WXrZ7ezrtNT0LdI2vVcALATeEtmGLx1D/
ILMXkzTGFQUrgIFqznULmHremxFmAv8/nGl2rATEhkZRTYwK20EnJ94kQujUonUn
mFpAYkDerlhv/7sPjJbXb6Hi1ATEVdMORb5pPCy56GuPNXcPk2zTE5TXEwwcGp2/
E1l4JZIwh/1e7/GbUwPQhFI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org