Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Lbg6wvDTqZ1n5YRGAvI4gtikSKY.roa
File: Lbg6wvDTqZ1n5YRGAvI4gtikSKY.roa (raw, json)
Hash identifier: 5HiWru3q2hgAHoRrML1qNcIN1j+O+C3UwsJCfxX+odE=
Subject key identifier: 2D:B8:3A:C2:F0:D3:A9:9D:67:E5:84:46:02:F2:38:82:D8:A4:48:A6
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44B7
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Lbg6wvDTqZ1n5YRGAvI4gtikSKY.roa
Signing time: Tue 15 Mar 2022 00:30:13 +0000
ROA not before: Tue 15 Mar 2022 00:30:13 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17591 (0x44b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 15 00:30:13 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=2DB83AC2F0D3A99D67E5844602F23882D8A448A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:27:2b:17:11:fa:11:ea:40:61:95:e6:08:57:
ca:44:21:68:80:87:c8:63:10:11:34:f0:0f:d5:34:
af:25:d0:e0:0a:c7:bc:fe:d0:cb:13:86:29:78:c0:
2f:66:fb:48:8e:ba:f6:24:e4:bc:71:fc:e2:36:cf:
f3:6c:67:07:05:23:3b:5c:4b:e7:6e:fd:6e:87:a1:
86:5a:d5:38:d8:d0:f7:78:87:58:34:f3:57:55:ce:
0d:89:74:42:44:1a:c2:fc:31:26:a1:7b:cb:a3:0a:
54:84:c2:32:e3:b6:45:a7:15:96:4d:df:66:18:3c:
2f:43:4e:8b:8a:e5:6a:f1:6f:f2:48:66:54:fb:b3:
66:33:99:36:ff:13:fb:06:db:67:c4:35:3f:8f:da:
f9:c5:f5:a5:a0:ed:bc:aa:6f:75:50:c2:45:64:69:
00:21:20:92:6b:79:42:02:44:6a:8c:ae:fe:cd:dd:
22:6a:15:ac:bc:38:5d:6b:93:2d:5b:30:4b:72:8d:
b5:33:90:37:b4:62:85:6b:b9:bf:8d:6a:a5:ed:d6:
68:f3:1e:94:5f:ef:bb:e7:ad:7d:6e:3a:9c:75:32:
9a:a5:7e:8c:39:59:11:5b:2d:d4:47:fa:f0:5a:7e:
88:a8:47:13:a1:10:f1:3c:22:27:9a:4c:61:c1:51:
15:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B8:3A:C2:F0:D3:A9:9D:67:E5:84:46:02:F2:38:82:D8:A4:48:A6
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Lbg6wvDTqZ1n5YRGAvI4gtikSKY.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:8e:13:a8:46:88:7d:17:d7:d4:87:ce:02:de:56:fc:4f:4f:
95:a4:f3:7d:2e:18:3b:a2:e0:8e:37:e5:96:d6:b2:01:59:6f:
f7:76:3f:e7:9b:dd:09:58:af:69:3a:8d:26:9f:76:c9:f2:d9:
5d:7e:c3:f5:aa:31:fc:c2:ed:53:46:2f:d7:01:0a:5c:3c:64:
46:f2:f1:66:87:c1:71:7e:a1:91:12:0a:81:38:5b:d9:02:6d:
46:fc:26:7f:a7:e8:a0:c5:bb:46:ec:3b:da:fe:ba:a7:67:e2:
f6:28:df:44:5e:e8:9f:b6:30:9f:77:00:63:ed:23:ff:10:fd:
e3:41:26:fc:d8:c9:54:90:73:5d:a5:54:72:d8:c7:f5:fc:98:
f5:c1:49:ad:60:96:6a:a5:a3:51:3c:28:c1:70:95:06:a8:4d:
13:d4:ba:d1:db:a6:52:80:04:bc:88:60:29:23:77:14:94:f3:
3b:a2:e1:d8:73:a5:04:1d:d7:4b:a2:b9:81:13:63:be:25:70:
ba:54:1b:2f:74:63:30:dd:8d:b9:e9:07:8e:9c:8e:f3:93:c0:
32:75:72:78:70:09:88:2f:0b:cc:b9:cc:68:7c:8b:7f:aa:4c:
66:30:24:db:d3:72:1f:2f:19:58:32:c4:f7:2e:34:48:76:60:
a6:1c:74:dc
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRLcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTUw
MDMwMTNaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDJEQjgzQUMyRjBEM0E5
OUQ2N0U1ODQ0NjAyRjIzODgyRDhBNDQ4QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4JysXEfoR6kBhleYIV8pEIWiAh8hjEBE08A/VNK8l0OAKx7z+
0MsThil4wC9m+0iOuvYk5Lxx/OI2z/NsZwcFIztcS+du/W6HoYZa1TjY0Pd4h1g0
81dVzg2JdEJEGsL8MSahe8ujClSEwjLjtkWnFZZN32YYPC9DTouK5Wrxb/JIZlT7
s2YzmTb/E/sG22fENT+P2vnF9aWg7byqb3VQwkVkaQAhIJJreUICRGqMrv7N3SJq
Fay8OF1rky1bMEtyjbUzkDe0YoVrub+NaqXt1mjzHpRf77vnrX1uOpx1Mpqlfow5
WRFbLdRH+vBafoioRxOhEPE8IieaTGHBURVFAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQULbg6wvDTqZ1n5YRGAvI4gtikSKYwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9MYmc2d3ZEVHFaMW41WVJHQXZJNGd0aWtTS1kucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AFyOE6hGiH0X19SHzgLeVvxPT5Wk830uGDui4I435ZbWsgFZb/d2P+eb3QlYr2k6
jSafdsny2V1+w/WqMfzC7VNGL9cBClw8ZEby8WaHwXF+oZESCoE4W9kCbUb8Jn+n
6KDFu0bsO9r+uqdn4vYo30Re6J+2MJ93AGPtI/8Q/eNBJvzYyVSQc12lVHLYx/X8
mPXBSa1glmqlo1E8KMFwlQaoTRPUutHbplKABLyIYCkjdxSU8zui4dhzpQQd10ui
uYETY74lcLpUGy90YzDdjbnpB46cjvOTwDJ1cnhwCYgvC8y5zGh8i3+qTGYwJNvT
ch8vGVgyxPcuNEh2YKYcdNw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org