Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/LSbYeizn9MhZ7S0EOz5Psob6G6g.roa
File: LSbYeizn9MhZ7S0EOz5Psob6G6g.roa (raw, json)
Hash identifier: xPj8u7e1MLwBu5d2j4izMlBh/YGH7OvQ+vWH7SOlIpo=
Subject key identifier: 2D:26:D8:7A:2C:E7:F4:C8:59:ED:2D:04:3B:3E:4F:B2:86:FA:1B:A8
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44E3
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/LSbYeizn9MhZ7S0EOz5Psob6G6g.roa
Signing time: Fri 18 Mar 2022 01:07:26 +0000
ROA not before: Fri 18 Mar 2022 01:07:26 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17635 (0x44e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 18 01:07:26 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=2D26D87A2CE7F4C859ED2D043B3E4FB286FA1BA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a3:d6:06:e2:f7:13:0d:60:77:ca:44:5f:61:
b0:c6:ae:1e:43:71:cf:75:e1:7f:1c:38:33:97:41:
ef:80:cc:a7:c8:63:89:50:4c:f4:43:82:12:94:5a:
8f:f8:7c:12:cc:8b:67:03:de:fa:54:37:7e:e8:12:
8a:e4:bd:64:b8:13:35:a5:f3:89:d7:38:80:70:b1:
8b:d8:22:5c:6e:5f:49:d7:d6:58:6b:4f:72:b2:34:
11:71:2b:a2:b1:4b:ce:c8:c5:10:22:2c:c6:62:cd:
64:67:d0:be:8b:bc:d8:c9:13:cc:bd:d5:db:3e:96:
d0:23:01:ff:09:cb:7f:2c:80:14:18:80:50:4c:96:
85:d0:a9:67:4e:eb:bd:a4:d4:33:e4:15:d5:65:ae:
0b:d4:7d:52:18:23:b6:ab:b5:71:30:36:08:25:8d:
4e:df:c5:7f:9e:7c:2d:ab:59:89:dc:5e:7a:31:33:
fc:4e:14:e2:65:f1:7d:91:a7:30:b6:37:b3:ec:04:
4d:d3:84:40:b0:11:6c:8d:8c:bf:0b:54:ab:c9:e5:
de:d2:88:5c:40:6f:5b:85:5b:d5:d0:d1:8f:ee:95:
90:be:b7:62:76:8c:9c:f5:f0:41:3f:11:3a:e5:7d:
46:b9:23:ec:6e:d6:48:e0:43:1e:e7:04:3e:ba:72:
da:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:26:D8:7A:2C:E7:F4:C8:59:ED:2D:04:3B:3E:4F:B2:86:FA:1B:A8
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/LSbYeizn9MhZ7S0EOz5Psob6G6g.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.2.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:c9:21:fd:20:f6:5a:d4:d0:d5:72:84:53:c2:4a:db:08:20:
35:ae:69:8d:de:f9:35:9c:41:89:5b:37:75:ad:98:92:81:32:
47:d6:53:6f:4c:66:f3:23:92:ae:39:b4:6c:68:04:2a:10:32:
c5:49:71:b1:77:53:bb:3d:f4:c0:62:97:52:7c:da:be:b1:39:
6e:71:f2:89:0a:67:f8:f8:6f:67:ae:fd:10:04:34:55:6d:68:
6c:a7:3b:a1:ab:73:ff:76:d3:27:44:ab:2b:f2:00:8f:7b:7d:
6f:b2:76:a3:0b:38:98:4d:90:33:22:99:29:7f:b8:ef:c4:92:
5e:af:9f:30:93:86:30:d2:b6:0b:52:85:41:ba:e8:49:78:c8:
f4:d1:dd:70:c1:97:f3:42:e8:44:bf:27:22:29:6d:c6:db:c8:
f2:5f:1d:6b:cc:11:d4:86:5b:7b:1e:98:62:c7:e7:e2:f6:57:
bf:5f:e6:8d:f1:e3:ee:45:cd:94:e5:1e:ec:ca:3f:27:81:f9:
04:c9:56:fa:c6:f2:13:fc:1f:da:7d:e1:b9:1d:d6:94:e3:1f:
84:20:d4:92:e0:7f:f6:a2:bb:62:34:59:9b:fc:96:20:dd:31:
c0:45:19:9f:3b:d5:66:0e:cd:31:2f:0e:7f:49:35:4d:c6:f4:
c8:b0:f3:aa
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICROMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTgw
MTA3MjZaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDJEMjZEODdBMkNFN0Y0
Qzg1OUVEMkQwNDNCM0U0RkIyODZGQTFCQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRo9YG4vcTDWB3ykRfYbDGrh5Dcc914X8cODOXQe+AzKfIY4lQ
TPRDghKUWo/4fBLMi2cD3vpUN37oEorkvWS4EzWl84nXOIBwsYvYIlxuX0nX1lhr
T3KyNBFxK6KxS87IxRAiLMZizWRn0L6LvNjJE8y91ds+ltAjAf8Jy38sgBQYgFBM
loXQqWdO672k1DPkFdVlrgvUfVIYI7artXEwNggljU7fxX+efC2rWYncXnoxM/xO
FOJl8X2RpzC2N7PsBE3ThECwEWyNjL8LVKvJ5d7SiFxAb1uFW9XQ0Y/ulZC+t2J2
jJz18EE/ETrlfUa5I+xu1kjgQx7nBD66ctr1AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQULSbYeizn9MhZ7S0EOz5Psob6G6gwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9MU2JZZWl6bjlNaFo3UzBFT3o1UHNvYjZHNmcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAIwDQYJKoZIhvcNAQELBQADggEB
AIvJIf0g9lrU0NVyhFPCStsIIDWuaY3e+TWcQYlbN3WtmJKBMkfWU29MZvMjkq45
tGxoBCoQMsVJcbF3U7s99MBil1J82r6xOW5x8okKZ/j4b2eu/RAENFVtaGynO6Gr
c/920ydEqyvyAI97fW+ydqMLOJhNkDMimSl/uO/Ekl6vnzCThjDStgtShUG66El4
yPTR3XDBl/NC6ES/JyIpbcbbyPJfHWvMEdSGW3semGLH5+L2V79f5o3x4+5FzZTl
HuzKPyeB+QTJVvrG8hP8H9p94bkd1pTjH4Qg1JLgf/aiu2I0WZv8liDdMcBFGZ87
1WYOzTEvDn9JNU3G9Miw86o=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org