Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/MZD64BbMJpysrtY8b3vJRsIb40A.roa
File: MZD64BbMJpysrtY8b3vJRsIb40A.roa (raw, json)
Hash identifier: Sj4SFthIk3BqOdxgazctr25pcXqHnJPUcg2asLAnRG4=
Subject key identifier: 31:90:FA:E0:16:CC:26:9C:AC:AE:D6:3C:6F:7B:C9:46:C2:1B:E3:40
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 436A
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/MZD64BbMJpysrtY8b3vJRsIb40A.roa
Signing time: Sat 19 Feb 2022 00:30:07 +0000
ROA not before: Sat 19 Feb 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17258 (0x436a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 19 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=3190FAE016CC269CACAED63C6F7BC946C21BE340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ba:19:bd:16:79:11:ff:14:db:2a:c7:0f:bb:
bc:e7:ac:7e:73:62:ac:41:82:f4:bf:fc:fa:71:45:
43:ef:89:fd:96:f0:da:f6:46:cc:b4:85:a3:0b:6c:
5e:df:dc:dc:c3:77:bc:2f:ca:37:11:d2:a6:f6:34:
58:21:98:d8:4b:c9:6c:8e:73:b8:40:20:56:db:78:
36:cc:4c:64:2a:3a:f6:7e:97:cf:13:61:8c:f8:8f:
4a:d9:6c:0e:f4:1a:75:b8:c7:42:a7:07:38:cc:f7:
91:d6:e9:a4:8b:e0:df:28:13:68:0f:dd:6a:c0:0f:
93:93:59:53:30:2a:af:2e:a7:e2:24:21:95:fb:bb:
63:9b:3c:b3:94:fe:8f:8e:19:49:ea:23:7f:94:68:
07:67:48:dd:16:89:14:87:54:8d:72:be:41:79:58:
2e:67:af:16:91:28:49:eb:5b:e0:a3:d9:96:64:6f:
ce:3e:30:5c:a9:4c:f1:f3:c9:c8:2e:24:5d:23:2b:
d8:aa:94:24:e6:a5:c4:0c:b9:42:c0:fd:b3:0a:57:
e5:a7:2e:37:3f:6f:97:d2:8b:3d:de:06:64:86:33:
75:44:4b:ce:35:ca:bb:38:dd:62:f9:92:f7:b9:b2:
a0:5d:9c:b9:b7:5b:9e:f9:2f:5f:a9:86:c2:fc:64:
d0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:90:FA:E0:16:CC:26:9C:AC:AE:D6:3C:6F:7B:C9:46:C2:1B:E3:40
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/MZD64BbMJpysrtY8b3vJRsIb40A.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
49:76:46:94:f8:71:e1:db:e4:52:4f:1a:81:68:c9:7c:76:6e:
3a:3a:06:8b:34:0f:e6:05:bd:81:ef:99:82:7f:c5:35:cd:a0:
2f:a5:4e:55:53:9e:fb:32:f1:8f:6c:65:05:f2:46:38:e7:77:
21:4b:06:3a:88:fb:33:3a:7e:02:9e:97:d3:ce:de:01:79:b1:
0c:ed:de:0f:9f:44:14:f7:c7:52:5d:10:7f:54:26:58:5b:de:
69:d6:ea:90:b3:38:b2:ad:71:43:b5:53:72:a5:66:96:bb:f3:
34:14:9f:a0:ea:37:98:36:f0:89:55:29:a9:35:9e:41:81:ce:
f6:de:52:fd:7b:73:e4:75:36:c1:ed:a4:aa:21:5b:b8:d6:b2:
7e:e1:72:a5:ea:57:3e:70:43:55:9b:d1:3b:08:a3:10:e3:f9:
a5:55:26:aa:a4:bc:77:09:81:db:56:21:1f:a8:45:7b:09:42:
9f:83:d4:fc:f6:10:f6:80:3c:31:58:9c:d3:5d:ef:40:81:57:
f5:f7:48:07:59:57:31:1a:94:62:b1:1f:2e:04:66:6c:3e:76:
6e:c7:02:52:68:40:20:ff:d4:c7:a6:37:b6:00:c1:f7:aa:79:
ef:7a:e9:8e:9e:12:f2:52:a7:14:83:34:19:0b:a6:aa:63:5e:
ce:4f:80:9b
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ2owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTkw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDMxOTBGQUUwMTZDQzI2
OUNBQ0FFRDYzQzZGN0JDOTQ2QzIxQkUzNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRuhm9FnkR/xTbKscPu7znrH5zYqxBgvS//PpxRUPvif2W8Nr2
Rsy0haMLbF7f3NzDd7wvyjcR0qb2NFghmNhLyWyOc7hAIFbbeDbMTGQqOvZ+l88T
YYz4j0rZbA70GnW4x0KnBzjM95HW6aSL4N8oE2gP3WrAD5OTWVMwKq8up+IkIZX7
u2ObPLOU/o+OGUnqI3+UaAdnSN0WiRSHVI1yvkF5WC5nrxaRKEnrW+Cj2ZZkb84+
MFypTPHzycguJF0jK9iqlCTmpcQMuULA/bMKV+WnLjc/b5fSiz3eBmSGM3VES841
yrs43WL5kve5sqBdnLm3W575L1+phsL8ZNBvAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUMZD64BbMJpysrtY8b3vJRsIb40AwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9NWkQ2NEJiTUpweXNydFk4YjN2SlJzSWI0MEEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AEl2RpT4ceHb5FJPGoFoyXx2bjo6Bos0D+YFvYHvmYJ/xTXNoC+lTlVTnvsy8Y9s
ZQXyRjjndyFLBjqI+zM6fgKel9PO3gF5sQzt3g+fRBT3x1JdEH9UJlhb3mnW6pCz
OLKtcUO1U3KlZpa78zQUn6DqN5g28IlVKak1nkGBzvbeUv17c+R1NsHtpKohW7jW
sn7hcqXqVz5wQ1Wb0TsIoxDj+aVVJqqkvHcJgdtWIR+oRXsJQp+D1Pz2EPaAPDFY
nNNd70CBV/X3SAdZVzEalGKxHy4EZmw+dm7HAlJoQCD/1MemN7YAwfeqee966Y6e
EvJSpxSDNBkLpqpjXs5PgJs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org