Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/OK47_Q9I7ODO-TGgFhZHwv8lz1Q.roa
File: OK47_Q9I7ODO-TGgFhZHwv8lz1Q.roa (raw, json)
Hash identifier: dDUqIT4fNhQ7zt9meQj3k8DEDtNLs4IZwmtc39X7VU0=
Subject key identifier: 38:AE:3B:FD:0F:48:EC:E0:CE:F9:31:A0:16:16:47:C2:FF:25:CF:54
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4860
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/OK47_Q9I7ODO-TGgFhZHwv8lz1Q.roa
Signing time: Sat 21 May 2022 00:30:07 +0000
ROA not before: Sat 21 May 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18528 (0x4860)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 21 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=38AE3BFD0F48ECE0CEF931A0161647C2FF25CF54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e5:91:68:c9:7b:07:3f:d0:97:a3:62:d8:32:
fd:79:21:5e:77:d9:9b:ad:31:ed:01:b6:75:60:08:
e8:3c:f4:d7:b1:0b:1c:9b:fc:52:e3:8e:cd:e4:52:
9d:f2:5f:0f:c9:ac:ea:af:9b:5b:eb:ac:f1:dd:ba:
88:75:7f:7f:5d:07:81:44:0e:79:62:b7:d6:0b:a8:
ff:b5:92:d0:3e:52:2b:0b:0a:2e:0a:7e:41:49:b5:
ab:4d:8b:a2:f8:2a:77:f1:1d:4b:e7:a9:4c:a9:4e:
dd:11:70:7c:1d:e3:6a:e9:98:e1:0d:03:c3:cf:cf:
75:f6:76:bd:e9:f6:90:66:65:e7:b5:10:2c:f4:c0:
da:74:4b:0c:d2:e7:44:db:09:a3:03:9a:bf:07:00:
f4:cd:42:d6:fa:5b:c6:b0:9b:9b:f5:a8:44:df:cc:
56:42:cf:ec:13:ce:5e:dc:06:4d:00:d4:dc:46:ed:
06:a5:a4:3b:38:e3:92:c7:99:55:0f:6b:dc:80:83:
79:03:ff:fe:51:14:68:6d:a1:41:3f:af:e2:87:1b:
46:01:e7:3b:77:9c:93:73:4f:9e:f2:33:a9:9b:a3:
ff:bb:1b:f9:42:50:e2:20:95:c2:95:a0:29:79:73:
25:e5:f3:f7:6e:06:83:2c:c5:79:18:75:85:0c:05:
7b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AE:3B:FD:0F:48:EC:E0:CE:F9:31:A0:16:16:47:C2:FF:25:CF:54
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/OK47_Q9I7ODO-TGgFhZHwv8lz1Q.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
44:2f:06:a3:f2:e1:b8:52:c5:be:0f:56:b2:fa:96:9b:a8:9a:
94:8b:03:f1:44:4f:8b:0e:22:50:08:1f:5a:8f:12:08:0d:81:
96:e1:5d:9b:de:86:af:c9:58:5c:c5:4d:4c:86:95:a5:11:1e:
63:d6:6e:3f:f7:24:5a:ec:c8:f3:9e:8d:a2:f0:5e:ed:07:01:
7f:ff:f2:49:46:ce:74:45:f0:b9:5c:f6:d6:79:df:24:4f:4a:
80:0f:5c:2d:5b:56:9a:99:9b:a3:e4:25:e5:96:7c:6a:4e:64:
52:25:2f:86:a4:79:02:cb:ee:e4:8b:2f:8a:24:d4:04:cf:94:
1a:92:3d:d5:55:3b:81:c3:3c:c0:26:56:7a:ab:a7:87:68:c3:
71:5a:04:f2:af:51:00:e7:22:4f:b8:b7:4e:cf:77:20:f8:0c:
c6:b4:a5:1b:47:36:02:04:b8:bd:37:2d:3c:a1:fc:e2:c4:db:
ed:a2:13:cf:8b:26:8d:f0:c9:c9:08:af:cb:c0:97:81:2c:53:
96:68:aa:20:66:41:0f:94:b6:87:eb:f3:a5:64:6c:70:7c:80:
1a:49:b4:53:34:05:27:2b:2c:63:a7:3f:0b:25:f5:f0:b6:6c:
b6:6c:46:47:c3:ae:e0:44:b2:73:86:b9:bb:39:66:c4:66:7b:
06:5b:59:ed
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSGAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MjEw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDM4QUUzQkZEMEY0OEVD
RTBDRUY5MzFBMDE2MTY0N0MyRkYyNUNGNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD5ZFoyXsHP9CXo2LYMv15IV532ZutMe0BtnVgCOg89NexCxyb
/FLjjs3kUp3yXw/JrOqvm1vrrPHduoh1f39dB4FEDnlit9YLqP+1ktA+UisLCi4K
fkFJtatNi6L4KnfxHUvnqUypTt0RcHwd42rpmOENA8PPz3X2dr3p9pBmZee1ECz0
wNp0SwzS50TbCaMDmr8HAPTNQtb6W8awm5v1qETfzFZCz+wTzl7cBk0A1NxG7Qal
pDs445LHmVUPa9yAg3kD//5RFGhtoUE/r+KHG0YB5zt3nJNzT57yM6mbo/+7G/lC
UOIglcKVoCl5cyXl8/duBoMsxXkYdYUMBXtZAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUOK47/Q9I7ODO+TGgFhZHwv8lz1QwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9PSzQ3X1E5STdPRE8tVEdnRmhaSHd2OGx6MVEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AEQvBqPy4bhSxb4PVrL6lpuompSLA/FET4sOIlAIH1qPEggNgZbhXZvehq/JWFzF
TUyGlaURHmPWbj/3JFrsyPOejaLwXu0HAX//8klGznRF8Llc9tZ53yRPSoAPXC1b
VpqZm6PkJeWWfGpOZFIlL4akeQLL7uSLL4ok1ATPlBqSPdVVO4HDPMAmVnqrp4do
w3FaBPKvUQDnIk+4t07PdyD4DMa0pRtHNgIEuL03LTyh/OLE2+2iE8+LJo3wyckI
r8vAl4EsU5ZoqiBmQQ+Utofr86VkbHB8gBpJtFM0BScrLGOnPwsl9fC2bLZsRkfD
ruBEsnOGubs5ZsRmewZbWe0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org