Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/CmxNx8gKOSipLIxKHPMyIo9ikps.roa
File: CmxNx8gKOSipLIxKHPMyIo9ikps.roa (raw, json)
Hash identifier: Nh5Cm/6cfbVZHdud1yO+RU5OJRRVGJFs4ctwJ98Gx9w=
Subject key identifier: 0A:6C:4D:C7:C8:0A:39:28:A9:2C:8C:4A:1C:F3:32:22:8F:62:92:9B
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4710
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/CmxNx8gKOSipLIxKHPMyIo9ikps.roa
Signing time: Wed 27 Apr 2022 00:30:10 +0000
ROA not before: Wed 27 Apr 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18192 (0x4710)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 27 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=0A6C4DC7C80A3928A92C8C4A1CF332228F62929B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b3:58:b6:9d:ae:96:c1:55:47:a9:ec:d0:11:
ff:77:48:3f:c2:49:a5:4d:d5:0a:6a:4e:b1:88:44:
5d:c6:d3:62:80:bc:40:b5:ef:dd:b5:18:b0:98:03:
d9:29:40:fb:26:a4:03:98:96:5f:e2:40:2d:12:fe:
20:a8:91:ce:66:bf:0e:2c:65:3a:8e:15:0b:04:15:
9a:a3:a4:0b:1b:b2:a3:ae:3c:07:5a:7a:b0:e9:18:
b5:42:a3:85:4f:d4:8a:e2:ce:33:0d:ad:3f:50:b2:
5c:63:38:9b:f5:bf:a9:19:92:fc:81:1d:ff:0b:1b:
a9:f9:18:6e:df:98:29:59:3f:83:f7:d6:2a:df:5e:
43:7c:3d:fe:d6:9f:8e:76:79:09:ff:14:c3:9e:40:
82:93:91:fb:8f:a1:87:9c:4c:4e:90:2c:5c:cf:b3:
d6:f2:60:c6:aa:f7:df:c4:c9:5b:fc:a4:47:65:53:
0f:c9:4e:6e:8f:14:1c:5d:6e:b3:60:5f:20:bf:e5:
0a:b2:75:37:5f:03:5f:46:db:03:d6:d4:d7:f1:48:
f9:4c:c2:0c:8d:95:90:49:00:53:c9:d3:a4:a4:54:
43:12:a1:45:5e:ff:65:02:5f:8f:8e:8a:d5:5f:a7:
d3:da:7c:6d:70:4f:df:5a:72:f1:fd:cc:71:32:68:
1d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6C:4D:C7:C8:0A:39:28:A9:2C:8C:4A:1C:F3:32:22:8F:62:92:9B
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/CmxNx8gKOSipLIxKHPMyIo9ikps.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
51:e7:11:b9:d2:80:7a:fb:c7:1e:38:57:14:b5:ec:d4:ae:d7:
b8:a3:a7:d2:49:df:78:da:37:69:6b:ce:fa:39:36:83:00:f3:
00:0c:04:4f:ad:ef:d1:30:50:05:c6:0d:99:f9:57:8f:a8:aa:
a0:27:97:fb:17:ee:6f:c7:cf:83:e1:30:d0:6a:f3:2b:c0:5a:
37:89:36:1d:b5:6c:ef:2e:fe:7a:7e:7e:2e:4d:a8:3e:c2:e6:
74:fa:61:59:78:da:93:5b:14:eb:3b:8e:d6:82:3e:20:f9:e3:
f3:f1:24:6e:27:47:2b:8a:6a:f4:ac:3a:e7:64:9d:87:65:cf:
f0:1e:7d:a1:09:7c:fe:4d:0c:4b:69:a3:8e:2e:19:92:2a:82:
2f:a9:4b:53:33:24:5b:a3:2f:5f:fb:fe:d1:bc:b9:24:bc:8b:
c0:59:0b:49:07:78:a6:f4:ab:e5:01:00:40:60:af:c1:22:2e:
11:4e:8a:31:22:7d:f3:a8:d0:97:55:56:33:9b:77:20:18:d6:
78:f0:a9:27:c1:ae:41:c5:69:01:6a:bc:ce:b1:b8:fe:33:19:
18:d0:11:e5:c5:45:ad:44:b1:77:8b:84:cd:05:a9:08:06:67:
51:2a:e9:df:42:61:06:f1:4e:b8:97:70:29:ad:ea:62:25:79:
a0:0d:7c:29
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRxAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0Mjcw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDBBNkM0REM3QzgwQTM5
MjhBOTJDOEM0QTFDRjMzMjIyOEY2MjkyOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfs1i2na6WwVVHqezQEf93SD/CSaVN1QpqTrGIRF3G02KAvEC1
7921GLCYA9kpQPsmpAOYll/iQC0S/iCokc5mvw4sZTqOFQsEFZqjpAsbsqOuPAda
erDpGLVCo4VP1IrizjMNrT9QslxjOJv1v6kZkvyBHf8LG6n5GG7fmClZP4P31irf
XkN8Pf7Wn452eQn/FMOeQIKTkfuPoYecTE6QLFzPs9byYMaq99/EyVv8pEdlUw/J
Tm6PFBxdbrNgXyC/5QqydTdfA19G2wPW1NfxSPlMwgyNlZBJAFPJ06SkVEMSoUVe
/2UCX4+OitVfp9PafG1wT99acvH9zHEyaB0xAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUCmxNx8gKOSipLIxKHPMyIo9ikpswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9DbXhOeDhnS09TaXBMSXhLSFBNeUlvOWlrcHMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AFHnEbnSgHr7xx44VxS17NSu17ijp9JJ33jaN2lrzvo5NoMA8wAMBE+t79EwUAXG
DZn5V4+oqqAnl/sX7m/Hz4PhMNBq8yvAWjeJNh21bO8u/np+fi5NqD7C5nT6YVl4
2pNbFOs7jtaCPiD54/PxJG4nRyuKavSsOudknYdlz/AefaEJfP5NDEtpo44uGZIq
gi+pS1MzJFujL1/7/tG8uSS8i8BZC0kHeKb0q+UBAEBgr8EiLhFOijEiffOo0JdV
VjObdyAY1njwqSfBrkHFaQFqvM6xuP4zGRjQEeXFRa1EsXeLhM0FqQgGZ1Eq6d9C
YQbxTriXcCmt6mIleaANfCk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org