Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/DMItfamHKcuL8vtWUi2iKTmn5lY.roa
File: DMItfamHKcuL8vtWUi2iKTmn5lY.roa (raw, json)
Hash identifier: NniS62fDT8Wu+AnuKI1CNu9uZ8gTaGNSXjvRvRR5gRU=
Subject key identifier: 0C:C2:2D:7D:A9:87:29:CB:8B:F2:FB:56:52:2D:A2:29:39:A7:E6:56
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 49A6
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/DMItfamHKcuL8vtWUi2iKTmn5lY.roa
Signing time: Fri 10 Jun 2022 00:30:08 +0000
ROA not before: Fri 10 Jun 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18854 (0x49a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 10 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=0CC22D7DA98729CB8BF2FB56522DA22939A7E656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b4:c5:65:db:8f:a6:34:9b:7e:ba:0d:11:c2:
15:af:af:fb:49:c4:b9:f9:f8:4d:c7:c2:8c:d2:1c:
ba:e9:97:cc:24:89:35:4a:e1:b6:dc:a0:6f:6f:2e:
26:85:08:fe:63:91:1d:ba:bd:26:b5:cc:33:2d:f3:
25:c3:d7:c5:49:83:18:1b:7d:cc:75:a1:5f:ec:0f:
2f:f6:25:1d:25:74:47:b2:76:fd:2c:11:42:41:91:
21:84:a0:ab:fc:4c:85:b0:6a:64:a6:b9:70:aa:60:
ad:64:56:dc:b5:0a:d5:a6:0e:8b:ad:6f:4f:f1:eb:
8f:8b:54:fe:21:60:9b:79:78:9a:b3:c4:d5:30:f3:
02:5a:54:9e:0c:56:69:6d:db:70:c7:d0:20:a3:9a:
49:2a:3a:af:cc:d8:86:6e:e3:51:3a:24:cd:a7:53:
b5:47:ec:c7:f0:f9:83:f3:6e:f9:1d:1c:c0:a3:10:
77:cb:6c:31:e4:db:b1:11:ad:a1:53:03:62:aa:ff:
12:2e:6e:d9:6f:be:62:b9:0d:51:0f:6c:0a:23:da:
cd:74:9d:b6:33:f9:11:a2:ce:44:15:e2:5b:62:36:
8a:a8:f6:76:3e:9a:68:b2:40:4b:9a:6c:a1:02:7d:
11:00:20:2f:58:73:72:7b:08:50:6e:8d:cc:b3:45:
53:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C2:2D:7D:A9:87:29:CB:8B:F2:FB:56:52:2D:A2:29:39:A7:E6:56
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/DMItfamHKcuL8vtWUi2iKTmn5lY.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
35:92:2c:ce:b0:a9:35:e3:ee:5a:8f:54:1d:84:4c:ea:9c:85:
ac:2d:ad:7d:bd:89:48:f7:2a:9c:cb:f0:77:de:04:1c:b5:da:
f0:cf:04:4f:56:d2:56:d4:a1:66:af:59:08:20:d9:71:5d:1f:
24:4c:f8:d3:02:81:98:39:af:4f:19:9b:2a:d6:d9:43:9c:7d:
2a:3f:ce:66:2e:d6:09:b4:76:4e:f0:60:a0:6c:11:6f:28:f9:
18:43:cf:56:19:49:92:e8:8c:18:0c:f7:c9:b4:f3:22:82:0a:
2c:74:34:c0:5f:aa:b0:ae:bd:88:42:d5:5b:a0:58:79:eb:15:
10:be:3d:35:e2:40:c2:f7:13:54:59:30:2f:e7:93:14:d8:f8:
0f:a4:a6:ba:39:2b:ec:7f:76:98:7d:40:b9:bd:6d:41:7c:a5:
80:09:9d:b9:c1:5a:91:72:47:94:5f:11:00:91:56:a1:ff:9d:
41:ba:43:30:61:10:91:09:dc:93:9d:e7:61:8f:91:1d:6b:be:
76:64:e4:2a:c5:ba:41:5e:e2:8e:1c:cb:c5:a8:35:7e:f9:d1:
2a:28:47:e7:44:e0:43:bf:6e:b3:7e:ee:dd:b2:a6:cb:bd:bf:
58:98:1b:f3:30:fe:29:6f:1a:b0:c5:2b:c5:05:72:22:50:06:
e3:96:28:ce
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSaYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MTAw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDBDQzIyRDdEQTk4NzI5
Q0I4QkYyRkI1NjUyMkRBMjI5MzlBN0U2NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQtMVl24+mNJt+ug0RwhWvr/tJxLn5+E3HwozSHLrpl8wkiTVK
4bbcoG9vLiaFCP5jkR26vSa1zDMt8yXD18VJgxgbfcx1oV/sDy/2JR0ldEeydv0s
EUJBkSGEoKv8TIWwamSmuXCqYK1kVty1CtWmDoutb0/x64+LVP4hYJt5eJqzxNUw
8wJaVJ4MVmlt23DH0CCjmkkqOq/M2IZu41E6JM2nU7VH7Mfw+YPzbvkdHMCjEHfL
bDHk27ERraFTA2Kq/xIubtlvvmK5DVEPbAoj2s10nbYz+RGizkQV4ltiNoqo9nY+
mmiyQEuabKECfREAIC9Yc3J7CFBujcyzRVP3AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUDMItfamHKcuL8vtWUi2iKTmn5lYwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ETUl0ZmFtSEtjdUw4dnRXVWkyaUtUbW41bFkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ADWSLM6wqTXj7lqPVB2ETOqchawtrX29iUj3KpzL8HfeBBy12vDPBE9W0lbUoWav
WQgg2XFdHyRM+NMCgZg5r08ZmyrW2UOcfSo/zmYu1gm0dk7wYKBsEW8o+RhDz1YZ
SZLojBgM98m08yKCCix0NMBfqrCuvYhC1VugWHnrFRC+PTXiQML3E1RZMC/nkxTY
+A+kpro5K+x/dph9QLm9bUF8pYAJnbnBWpFyR5RfEQCRVqH/nUG6QzBhEJEJ3JOd
52GPkR1rvnZk5CrFukFe4o4cy8WoNX750SooR+dE4EO/brN+7t2ypsu9v1iYG/Mw
/ilvGrDFK8UFciJQBuOWKM4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org