Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/N5x--pYYm-2igXKfhVw4c2P-bVA.roa
File: N5x--pYYm-2igXKfhVw4c2P-bVA.roa (raw, json)
Hash identifier: JXxSnJm7LnLPul171O1wTU4a0rJNzHgAx/YJKXqachU=
Subject key identifier: 37:9C:7E:FA:96:18:9B:ED:A2:81:72:9F:85:5C:38:73:63:FE:6D:50
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44FE
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/N5x--pYYm-2igXKfhVw4c2P-bVA.roa
Signing time: Sun 20 Mar 2022 00:30:21 +0000
ROA not before: Sun 20 Mar 2022 00:30:21 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17662 (0x44fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 20 00:30:21 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=379C7EFA96189BEDA281729F855C387363FE6D50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bc:3f:4a:17:6d:75:7a:8f:cc:0b:18:f4:5d:
8c:be:1b:6e:0d:3b:62:fe:e2:ee:03:f5:dd:d8:06:
5f:2f:ad:01:f5:7f:7b:d5:1f:0b:fa:95:de:90:46:
42:15:10:95:cd:b1:97:77:c9:96:d1:38:f4:01:6b:
54:ac:e9:b0:a7:8a:74:fb:64:7a:e2:6e:1b:64:d9:
92:eb:9e:22:22:93:e5:e0:25:55:94:5f:c7:01:ce:
81:4a:d5:09:70:07:51:71:80:95:cc:4f:06:0c:c4:
9b:14:b1:22:7f:eb:dc:e0:16:9a:2c:36:3a:ec:71:
8f:5d:71:2d:46:dd:c1:b7:0d:be:3d:ba:d6:e1:57:
09:e0:dc:5a:a2:db:1e:42:c1:fd:fe:e9:f4:1f:36:
a6:ae:39:32:e6:8c:d3:ad:e8:60:95:00:62:79:52:
9b:b4:2b:a1:28:4b:fc:eb:3c:25:e3:82:a0:99:58:
04:d9:24:12:16:ff:c1:18:2e:df:3f:3f:ab:72:c6:
95:5a:3e:01:a6:47:39:6c:13:6b:d2:88:be:d0:2a:
bc:63:0c:20:b7:41:ee:5a:d6:dd:a5:c3:d5:e3:05:
b3:26:66:7c:79:91:aa:a1:3e:b7:11:c1:fc:25:4e:
69:33:76:2f:19:71:64:84:b3:5d:7c:86:ec:a5:da:
a8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:9C:7E:FA:96:18:9B:ED:A2:81:72:9F:85:5C:38:73:63:FE:6D:50
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/N5x--pYYm-2igXKfhVw4c2P-bVA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
96:3a:78:22:4f:33:7c:13:4e:c1:45:03:1d:e5:25:90:3d:8b:
b1:22:29:4c:18:91:32:49:b9:d0:b5:e3:a6:7b:0f:c5:db:19:
1c:63:44:40:d6:b8:6e:04:b7:89:88:54:b9:7f:54:bf:73:c3:
89:3b:61:f3:67:d6:5f:a0:aa:0a:8d:b0:7c:26:0c:77:e3:e2:
6e:b9:75:ab:90:51:77:c7:4e:53:24:7a:53:66:39:cd:47:f0:
07:d1:62:d8:08:24:04:2a:d7:db:d3:83:32:b1:eb:52:4a:d5:
d4:14:a7:0e:21:e3:74:fe:d7:74:25:c8:e0:1d:c6:b4:b3:ca:
d9:4c:60:c9:5a:6c:32:37:b9:e1:56:80:2a:12:07:02:4a:7d:
e3:57:cc:4f:9b:4c:4f:74:cf:06:d9:54:60:ee:b8:53:0a:71:
70:bd:8e:83:45:99:18:9a:56:e4:f8:19:73:e0:76:b2:59:3d:
46:3f:d3:32:a9:b3:47:a3:14:9d:e6:a9:57:20:3b:d9:73:5d:
cf:4d:9d:d9:3e:c5:ba:a2:53:d0:3e:b9:6d:ed:9f:cf:02:8f:
82:64:71:5c:66:d3:da:0f:56:29:1b:81:b9:68:61:83:28:0d:
46:2c:1b:21:1e:99:e4:aa:f3:a5:03:51:19:4d:f2:53:e7:bb:
87:d0:e9:a6
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjAw
MDMwMjFaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDM3OUM3RUZBOTYxODlC
RURBMjgxNzI5Rjg1NUMzODczNjNGRTZENTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVvD9KF211eo/MCxj0XYy+G24NO2L+4u4D9d3YBl8vrQH1f3vV
Hwv6ld6QRkIVEJXNsZd3yZbROPQBa1Ss6bCninT7ZHribhtk2ZLrniIik+XgJVWU
X8cBzoFK1QlwB1FxgJXMTwYMxJsUsSJ/69zgFposNjrscY9dcS1G3cG3Db49utbh
Vwng3Fqi2x5Cwf3+6fQfNqauOTLmjNOt6GCVAGJ5Upu0K6EoS/zrPCXjgqCZWATZ
JBIW/8EYLt8/P6tyxpVaPgGmRzlsE2vSiL7QKrxjDCC3Qe5a1t2lw9XjBbMmZnx5
kaqhPrcRwfwlTmkzdi8ZcWSEs118huyl2qilAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUN5x++pYYm+2igXKfhVw4c2P+bVAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ONXgtLXBZWW0tMmlnWEtmaFZ3NGMyUC1iVkEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AJY6eCJPM3wTTsFFAx3lJZA9i7EiKUwYkTJJudC146Z7D8XbGRxjREDWuG4Et4mI
VLl/VL9zw4k7YfNn1l+gqgqNsHwmDHfj4m65dauQUXfHTlMkelNmOc1H8AfRYtgI
JAQq19vTgzKx61JK1dQUpw4h43T+13QlyOAdxrSzytlMYMlabDI3ueFWgCoSBwJK
feNXzE+bTE90zwbZVGDuuFMKcXC9joNFmRiaVuT4GXPgdrJZPUY/0zKps0ejFJ3m
qVcgO9lzXc9Nndk+xbqiU9A+uW3tn88Cj4JkcVxm09oPVikbgbloYYMoDUYsGyEe
meSq86UDURlN8lPnu4fQ6aY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org