Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/OeBdSTyo9l9LnOKR0Xjj1cafZLU.roa
File: OeBdSTyo9l9LnOKR0Xjj1cafZLU.roa (raw, json)
Hash identifier: 4/JVE+DBkEjBP/iXZQ6ddPq6znIqWu62idBD9d5qxW4=
Subject key identifier: 39:E0:5D:49:3C:A8:F6:5F:4B:9C:E2:91:D1:78:E3:D5:C6:9F:64:B5
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43D5
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/OeBdSTyo9l9LnOKR0Xjj1cafZLU.roa
Signing time: Sun 27 Feb 2022 00:30:11 +0000
ROA not before: Sun 27 Feb 2022 00:30:11 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17365 (0x43d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 27 00:30:11 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=39E05D493CA8F65F4B9CE291D178E3D5C69F64B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:dc:31:b2:6b:33:13:dc:42:d8:da:e4:f9:d4:
ff:36:f3:59:70:9a:ff:d1:ca:d5:5d:b3:e6:85:2b:
14:32:f9:a8:ef:f1:0f:b8:2d:38:a4:4f:fd:68:09:
f7:23:3e:aa:3e:51:4e:ad:04:80:09:fb:e4:73:71:
9f:a1:d0:15:39:be:1d:a7:80:5c:0b:f5:86:b2:6c:
66:c1:d4:b4:2f:80:ab:7e:29:ec:ac:d6:2b:42:40:
76:43:04:34:8b:79:70:f9:70:31:9a:51:6d:87:06:
f7:ed:c5:9c:88:55:66:7e:79:84:6b:c0:ae:01:73:
08:74:77:f3:44:3d:06:13:86:ac:bc:c7:d3:24:d5:
09:e3:85:93:53:ba:be:f2:eb:85:2d:d0:78:26:f2:
40:aa:a1:28:b9:98:bb:56:47:b0:73:c2:36:9b:59:
7c:9a:ce:01:d5:2d:20:d7:76:23:3f:a1:a5:3f:e2:
94:f4:0b:de:0e:6b:36:65:ab:46:63:cf:f9:90:58:
7d:14:53:3a:2f:34:df:c1:21:4e:cf:39:9e:ae:2d:
8c:2e:34:79:9c:8f:b2:dc:44:5a:d0:4e:ee:85:d8:
c0:5d:96:d2:db:56:1e:f4:61:37:2a:46:44:93:97:
3c:ee:2f:91:ef:27:20:4b:fc:00:52:a9:cd:59:6c:
4d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E0:5D:49:3C:A8:F6:5F:4B:9C:E2:91:D1:78:E3:D5:C6:9F:64:B5
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/OeBdSTyo9l9LnOKR0Xjj1cafZLU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
50:58:a5:03:cc:ff:77:0d:04:65:d3:75:f9:cf:1a:5a:fe:0e:
10:34:c1:b9:65:26:87:c0:09:25:92:4e:88:d4:86:f8:fc:56:
1a:8e:13:0d:a0:c3:91:60:46:e9:e8:69:f7:cb:62:5a:6b:3b:
3a:8d:88:48:91:30:47:c3:45:ee:17:05:f9:dd:b8:51:a2:d3:
0d:c4:96:53:0b:95:f4:69:ae:4d:fb:d3:6d:05:3f:e2:24:22:
7c:53:3a:0a:9f:36:a2:bd:f7:11:6a:cd:67:48:b9:cb:08:f2:
90:c1:16:77:95:d4:a4:f6:00:39:ad:f7:be:99:d9:2c:4f:0a:
8b:ef:10:a6:92:ba:66:3f:ee:fb:85:3b:42:0f:5b:7a:21:5c:
b8:bf:e1:66:dc:7e:7c:ea:1e:93:95:6c:d0:97:31:fe:f6:c6:
93:a1:07:85:20:cc:50:46:d5:2a:b8:d7:e7:ac:52:6f:7a:31:
80:96:49:75:d8:16:83:c1:52:d7:ff:a8:21:33:e0:b9:f7:e6:
d9:1b:aa:cc:40:e4:9f:84:b7:bd:73:71:dd:46:be:40:d6:ad:
e8:c0:68:dc:61:ba:97:5b:47:bf:95:2c:c9:43:43:d4:80:64:
a0:23:08:3a:68:35:70:d3:30:97:aa:90:34:93:ab:37:28:db:
6d:7e:c2:dc
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ9UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjcw
MDMwMTFaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDM5RTA1RDQ5M0NBOEY2
NUY0QjlDRTI5MUQxNzhFM0Q1QzY5RjY0QjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCg3DGyazMT3ELY2uT51P8281lwmv/RytVds+aFKxQy+ajv8Q+4
LTikT/1oCfcjPqo+UU6tBIAJ++RzcZ+h0BU5vh2ngFwL9YaybGbB1LQvgKt+Keys
1itCQHZDBDSLeXD5cDGaUW2HBvftxZyIVWZ+eYRrwK4Bcwh0d/NEPQYThqy8x9Mk
1QnjhZNTur7y64Ut0Hgm8kCqoSi5mLtWR7BzwjabWXyazgHVLSDXdiM/oaU/4pT0
C94OazZlq0Zjz/mQWH0UUzovNN/BIU7POZ6uLYwuNHmcj7LcRFrQTu6F2MBdltLb
Vh70YTcqRkSTlzzuL5HvJyBL/ABSqc1ZbE3PAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUOeBdSTyo9l9LnOKR0Xjj1cafZLUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9PZUJkU1R5bzlsOUxuT0tSMFhqajFjYWZaTFUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
AFBYpQPM/3cNBGXTdfnPGlr+DhA0wbllJofACSWSTojUhvj8VhqOEw2gw5FgRuno
affLYlprOzqNiEiRMEfDRe4XBfnduFGi0w3EllMLlfRprk37020FP+IkInxTOgqf
NqK99xFqzWdIucsI8pDBFneV1KT2ADmt976Z2SxPCovvEKaSumY/7vuFO0IPW3oh
XLi/4WbcfnzqHpOVbNCXMf72xpOhB4UgzFBG1Sq41+esUm96MYCWSXXYFoPBUtf/
qCEz4Ln35tkbqsxA5J+Et71zcd1GvkDWrejAaNxhupdbR7+VLMlDQ9SAZKAjCDpo
NXDTMJeqkDSTqzco221+wtw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org