Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/G449u7nE5cFxXsubHlFR8A32SzA.roa
File: G449u7nE5cFxXsubHlFR8A32SzA.roa (raw, json)
Hash identifier: /AI2D1LFGM4KXMa/GNGGvPmkIyXz0WKLVKKaCJ9OmhQ=
Subject key identifier: 1B:8E:3D:BB:B9:C4:E5:C1:71:5E:CB:9B:1E:51:51:F0:0D:F6:4B:30
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4470
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/G449u7nE5cFxXsubHlFR8A32SzA.roa
Signing time: Thu 10 Mar 2022 00:36:51 +0000
ROA not before: Thu 10 Mar 2022 00:36:51 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17520 (0x4470)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 10 00:36:51 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=1B8E3DBBB9C4E5C1715ECB9B1E5151F00DF64B30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:db:6b:f0:fc:4d:e2:f0:3a:1b:46:4a:af:f6:
7b:bc:fd:89:23:3a:7e:d7:d1:7e:33:2f:b7:3d:e9:
86:a6:00:4a:57:80:8d:0b:48:69:ea:5b:39:be:3f:
b5:7a:cb:4e:d5:5f:bb:1e:6d:ad:2b:ec:f6:96:01:
99:93:cd:7b:c1:e9:b3:d7:d5:74:1a:db:a6:6b:13:
aa:e2:6a:51:77:6f:c0:59:10:85:95:01:b0:3b:5f:
05:1b:06:12:94:13:06:3e:cb:c5:15:83:0c:82:59:
59:37:5a:3e:67:20:3c:8d:01:7e:8f:a6:fc:cd:b2:
21:b6:32:b5:2c:ab:f1:ab:e7:6e:51:ec:df:c6:9d:
4d:c0:44:70:b9:e5:1a:7c:01:6b:ea:42:54:3d:ee:
11:59:3d:32:cc:b9:d2:2f:12:c1:17:ed:49:8b:43:
78:b5:ab:0e:10:4d:5b:25:98:c0:ca:0b:e3:eb:34:
66:f9:36:98:56:e6:55:aa:08:9b:ce:17:ad:48:9a:
6f:83:73:a0:2a:7b:7f:6f:ee:05:8b:7b:2b:63:28:
35:0f:ca:6a:76:f3:0f:fb:6d:2e:8b:6a:84:0f:a3:
81:bd:41:3e:18:2b:02:5a:07:75:d4:98:c3:5b:77:
64:66:ce:04:75:9c:23:0b:49:21:ea:76:38:30:c9:
02:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:8E:3D:BB:B9:C4:E5:C1:71:5E:CB:9B:1E:51:51:F0:0D:F6:4B:30
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/G449u7nE5cFxXsubHlFR8A32SzA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:d8:04:90:73:cf:9a:6d:ab:5d:49:ee:c3:85:c6:07:3a:5c:
1b:d5:d2:54:f1:4d:b1:a8:4a:6e:75:84:80:7f:40:c8:37:8b:
6e:a4:29:ae:a7:86:00:81:22:f2:55:e6:5f:ef:9e:41:f2:8b:
18:a4:6b:85:71:68:e0:8a:6d:a7:d7:a9:a1:65:23:d3:11:e0:
3d:6c:ef:b5:46:f3:1d:c4:dd:42:09:ec:c1:68:c5:41:28:c8:
a4:a7:85:52:c1:f7:85:8e:be:5f:e0:9d:66:5a:9a:42:46:ae:
d7:e7:b4:88:68:b8:43:00:4c:7b:16:cb:6b:ab:6c:34:df:2a:
e4:c4:89:06:c2:92:3f:6f:c9:89:e7:a5:b1:ae:25:66:1f:d0:
03:89:ad:19:0c:13:3b:aa:57:67:cd:a1:fa:73:cc:5e:1f:59:
83:ad:c0:d3:42:54:49:b2:2d:47:80:10:47:f6:42:90:7e:8e:
35:d3:d9:d8:a0:57:91:5b:96:e7:06:f1:7d:62:5a:e2:0e:b9:
43:de:07:2e:0a:80:bb:60:90:35:22:71:b4:eb:27:48:a5:03:
34:a5:7a:0a:b8:5f:01:f2:cf:b8:cb:75:41:95:05:54:20:30:
2f:7c:1c:7b:88:e2:9d:e7:88:c1:87:d5:e2:78:ad:9d:cf:e6:
88:41:b8:18
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRHAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTAw
MDM2NTFaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDFCOEUzREJCQjlDNEU1
QzE3MTVFQ0I5QjFFNTE1MUYwMERGNjRCMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC822vw/E3i8DobRkqv9nu8/YkjOn7X0X4zL7c96YamAEpXgI0L
SGnqWzm+P7V6y07VX7seba0r7PaWAZmTzXvB6bPX1XQa26ZrE6rialF3b8BZEIWV
AbA7XwUbBhKUEwY+y8UVgwyCWVk3Wj5nIDyNAX6PpvzNsiG2MrUsq/Gr525R7N/G
nU3ARHC55Rp8AWvqQlQ97hFZPTLMudIvEsEX7UmLQ3i1qw4QTVslmMDKC+PrNGb5
NphW5lWqCJvOF61Imm+Dc6Aqe39v7gWLeytjKDUPymp28w/7bS6LaoQPo4G9QT4Y
KwJaB3XUmMNbd2RmzgR1nCMLSSHqdjgwyQKdAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUG449u7nE5cFxXsubHlFR8A32SzAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9HNDQ5dTduRTVjRnhYc3ViSGxGUjhBMzJTekEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AF3YBJBzz5ptq11J7sOFxgc6XBvV0lTxTbGoSm51hIB/QMg3i26kKa6nhgCBIvJV
5l/vnkHyixika4VxaOCKbafXqaFlI9MR4D1s77VG8x3E3UIJ7MFoxUEoyKSnhVLB
94WOvl/gnWZamkJGrtfntIhouEMATHsWy2urbDTfKuTEiQbCkj9vyYnnpbGuJWYf
0AOJrRkMEzuqV2fNofpzzF4fWYOtwNNCVEmyLUeAEEf2QpB+jjXT2digV5FblucG
8X1iWuIOuUPeBy4KgLtgkDUicbTrJ0ilAzSlegq4XwHyz7jLdUGVBVQgMC98HHuI
4p3niMGH1eJ4rZ3P5ohBuBg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org