Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/JMA8zMruPSbxJwvHkS32KJXn6dU.roa
File: JMA8zMruPSbxJwvHkS32KJXn6dU.roa (raw, json)
Hash identifier: FpNMcEsw4pbXcIY6L9izBmVSW6btLQz30I3Y5w7dZvQ=
Subject key identifier: 24:C0:3C:CC:CA:EE:3D:26:F1:27:0B:C7:91:2D:F6:28:95:E7:E9:D5
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4402
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/JMA8zMruPSbxJwvHkS32KJXn6dU.roa
Signing time: Wed 02 Mar 2022 00:30:15 +0000
ROA not before: Wed 02 Mar 2022 00:30:15 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17410 (0x4402)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 2 00:30:15 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=24C03CCCCAEE3D26F1270BC7912DF62895E7E9D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ea:af:54:f0:92:6d:93:52:a3:55:1f:28:b6:
2d:ca:09:a4:70:91:24:0c:47:db:e0:3f:fa:4c:48:
d9:83:02:dd:39:56:53:bc:fe:df:9e:6d:e0:c1:1e:
3b:49:b7:28:55:13:b6:56:e9:97:62:cc:90:71:a2:
00:af:14:70:a7:d6:07:e6:9e:a0:16:3a:b0:62:a1:
00:cc:d9:7f:0b:fc:58:15:ac:de:cb:06:bb:f4:e7:
a0:97:a2:b7:8f:95:1f:c2:e2:f3:6f:57:45:bd:50:
ae:8a:e6:87:ba:de:fa:90:da:54:92:11:ed:34:28:
60:bd:81:d3:90:f4:c4:7f:b7:b2:44:b5:16:c2:c7:
04:61:01:7c:b8:f4:13:bb:ae:85:07:f3:dc:60:63:
28:7b:3e:7a:37:7b:b7:ca:1f:05:56:ae:32:4b:fa:
8e:4c:d5:6c:bf:ca:09:52:11:88:34:00:f9:fd:60:
80:ae:34:05:64:bb:c5:33:8f:31:5c:cd:39:ad:a3:
7b:db:b5:29:86:33:04:65:b5:42:94:e9:59:8d:52:
6f:dd:db:e5:16:cd:02:64:ed:39:b5:3b:cb:b1:68:
c9:e2:b4:c0:42:49:8d:d1:38:3a:50:ec:77:73:54:
2e:2b:5b:f4:28:af:50:1f:03:2c:ca:23:c6:c9:bb:
3d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:C0:3C:CC:CA:EE:3D:26:F1:27:0B:C7:91:2D:F6:28:95:E7:E9:D5
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/JMA8zMruPSbxJwvHkS32KJXn6dU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:50:88:74:38:b8:97:1b:5d:de:bc:94:9b:1c:0a:ac:9c:54:
75:05:c8:6b:f9:64:a8:8b:fa:db:78:bf:97:df:a2:02:ca:3d:
16:ac:f7:f1:1d:92:4c:83:0d:36:a7:53:29:a2:38:c7:e7:3b:
d3:6b:dd:c7:c7:42:29:d5:c4:8c:da:48:47:c9:62:70:0b:e2:
2f:fc:b5:50:cc:a0:d1:56:31:4b:25:f7:7f:d3:62:c2:d7:dc:
a5:40:48:15:2c:e8:c1:1c:82:3e:fb:2b:11:66:66:2e:7f:7d:
e0:1b:2a:1c:a9:06:9c:1b:44:bb:f7:47:20:7f:5e:45:13:7f:
0f:66:1a:0f:fe:77:20:2e:ef:c8:e7:12:1d:85:10:40:31:1f:
72:a1:89:64:cb:27:9e:ef:72:99:de:ae:18:b0:cb:08:26:b5:
82:f0:36:fd:65:16:b5:d7:17:1f:69:55:ad:f7:4e:55:07:2d:
f8:cc:4b:45:2a:2e:33:ec:ac:f3:24:d5:b7:70:c6:28:9c:a8:
1a:f1:83:e9:9e:56:fc:d4:d9:76:6d:52:e4:a4:cc:f5:92:86:
41:68:c8:54:84:00:dd:46:02:20:3a:e1:07:4b:9b:ad:44:a9:
af:2a:8b:30:8c:e5:81:b7:dc:68:48:e8:88:94:0d:44:cc:b1:
62:bc:47:73
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRAIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDIw
MDMwMTVaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDI0QzAzQ0NDQ0FFRTNE
MjZGMTI3MEJDNzkxMkRGNjI4OTVFN0U5RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDV6q9U8JJtk1KjVR8oti3KCaRwkSQMR9vgP/pMSNmDAt05VlO8
/t+ebeDBHjtJtyhVE7ZW6ZdizJBxogCvFHCn1gfmnqAWOrBioQDM2X8L/FgVrN7L
Brv056CXorePlR/C4vNvV0W9UK6K5oe63vqQ2lSSEe00KGC9gdOQ9MR/t7JEtRbC
xwRhAXy49BO7roUH89xgYyh7Pno3e7fKHwVWrjJL+o5M1Wy/yglSEYg0APn9YICu
NAVku8UzjzFczTmto3vbtSmGMwRltUKU6VmNUm/d2+UWzQJk7Tm1O8uxaMnitMBC
SY3RODpQ7HdzVC4rW/Qor1AfAyzKI8bJuz0vAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUJMA8zMruPSbxJwvHkS32KJXn6dUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9KTUE4ek1ydVBTYnhKd3ZIa1MzMktKWG42ZFUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AI1QiHQ4uJcbXd68lJscCqycVHUFyGv5ZKiL+tt4v5ffogLKPRas9/EdkkyDDTan
UymiOMfnO9Nr3cfHQinVxIzaSEfJYnAL4i/8tVDMoNFWMUsl93/TYsLX3KVASBUs
6MEcgj77KxFmZi5/feAbKhypBpwbRLv3RyB/XkUTfw9mGg/+dyAu78jnEh2FEEAx
H3KhiWTLJ57vcpnerhiwywgmtYLwNv1lFrXXFx9pVa33TlUHLfjMS0UqLjPsrPMk
1bdwxiicqBrxg+meVvzU2XZtUuSkzPWShkFoyFSEAN1GAiA64QdLm61Eqa8qizCM
5YG33GhI6IiUDUTMsWK8R3M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org