Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/OsV4Cvm5sgWqJI2httMuiYZSnRs.roa
File: OsV4Cvm5sgWqJI2httMuiYZSnRs.roa (raw, json)
Hash identifier: mBoGcJIlMQw8Hz/+WoyKOfbKnoQ2pkehnCWk03yMYdE=
Subject key identifier: 3A:C5:78:0A:F9:B9:B2:05:AA:24:8D:A1:B6:D3:2E:89:86:52:9D:1B
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 458A
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/OsV4Cvm5sgWqJI2httMuiYZSnRs.roa
Signing time: Wed 30 Mar 2022 00:30:10 +0000
ROA not before: Wed 30 Mar 2022 00:30:10 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17802 (0x458a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 30 00:30:10 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=3AC5780AF9B9B205AA248DA1B6D32E8986529D1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7d:ad:fa:91:d8:b1:0b:58:73:61:96:fa:8e:
f0:94:8a:dc:15:ef:08:63:93:ef:33:df:dd:13:b3:
16:da:b2:e1:fb:53:e0:ee:b4:7d:e6:39:f8:6a:d9:
e2:43:a8:11:2d:c2:97:fd:fe:16:71:68:a7:af:c5:
a4:8a:d5:31:91:6e:70:36:14:4c:bd:85:ff:6c:3a:
79:ca:0d:ad:65:02:0b:09:2b:df:3c:7d:2a:ad:8f:
2f:95:79:e9:4f:ab:b3:41:bb:7d:a6:85:1a:dc:b2:
43:43:8a:5d:1a:bc:0b:d6:35:a7:ef:eb:96:a6:6c:
17:06:0d:fd:23:4b:a0:dc:14:e2:83:40:c5:1a:3b:
5d:b2:64:b9:2c:5e:a5:fc:17:62:68:03:c4:6b:7c:
90:15:9f:6a:e5:1e:ac:8d:98:ac:e2:96:ff:62:ae:
3f:3a:4a:9f:07:37:53:b5:6b:7f:15:4c:ec:9e:52:
ca:d0:e9:04:d1:cb:47:1f:e8:c4:d7:08:0d:63:e0:
01:ba:a5:e8:42:dc:ad:5c:35:5a:97:fd:f6:80:b1:
bd:b1:fb:44:5d:15:c9:d4:14:83:a4:db:f5:48:07:
a1:c4:0d:91:ca:07:77:a1:1e:9c:63:3b:7a:59:36:
26:9d:bc:59:c3:d2:2a:4d:9f:c6:ca:b1:77:ab:24:
89:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C5:78:0A:F9:B9:B2:05:AA:24:8D:A1:B6:D3:2E:89:86:52:9D:1B
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/OsV4Cvm5sgWqJI2httMuiYZSnRs.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:df:08:ea:98:da:03:b0:a8:57:cd:de:7e:23:9d:87:56:8d:
ce:a1:6e:e1:ae:8c:86:ae:08:e5:b7:a7:9b:1e:2f:9c:8a:07:
14:ba:49:ca:92:32:92:2a:5f:89:c3:b6:75:2a:0a:5d:09:30:
a8:81:9f:5b:84:f2:74:99:5b:68:6f:8f:fd:07:3d:04:8b:10:
a7:b4:59:a5:12:f6:84:fc:d5:e1:71:da:c3:82:88:b1:d9:ee:
40:36:a4:9a:e4:ba:76:f2:df:b0:69:ac:3a:6a:56:63:a2:c2:
11:19:1c:0d:a5:03:11:99:bd:3c:05:fe:72:90:64:00:0f:15:
22:30:4b:8a:2d:a3:fe:c0:26:a5:16:08:b1:31:21:86:b2:56:
0f:fb:cc:84:a2:82:1d:cf:fd:a9:dd:e6:cd:09:6b:10:67:0f:
5f:70:63:50:a6:49:cd:2c:72:dd:8a:c7:07:86:ac:87:c9:44:
b8:ea:bd:bb:b8:49:9d:09:69:32:95:01:ba:a3:21:5d:16:14:
8e:d1:65:66:8b:1c:2b:e6:61:8d:18:65:d0:ad:ed:ff:cb:df:
fd:91:f4:bb:40:bd:10:97:bd:16:b7:9f:05:81:e9:cb:e9:a5:
4d:d1:6c:78:b1:ba:fb:b4:4c:6f:3e:60:38:54:14:c0:49:4e:
97:66:3a:64
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRYowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMzAw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDNBQzU3ODBBRjlCOUIy
MDVBQTI0OERBMUI2RDMyRTg5ODY1MjlEMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMfa36kdixC1hzYZb6jvCUitwV7whjk+8z390TsxbasuH7U+Du
tH3mOfhq2eJDqBEtwpf9/hZxaKevxaSK1TGRbnA2FEy9hf9sOnnKDa1lAgsJK988
fSqtjy+VeelPq7NBu32mhRrcskNDil0avAvWNafv65ambBcGDf0jS6DcFOKDQMUa
O12yZLksXqX8F2JoA8RrfJAVn2rlHqyNmKzilv9irj86Sp8HN1O1a38VTOyeUsrQ
6QTRy0cf6MTXCA1j4AG6pehC3K1cNVqX/faAsb2x+0RdFcnUFIOk2/VIB6HEDZHK
B3ehHpxjO3pZNiadvFnD0ipNn8bKsXerJImJAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUOsV4Cvm5sgWqJI2httMuiYZSnRswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9Pc1Y0Q3ZtNXNnV3FKSTJodHRNdWlZWlNuUnMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AGzfCOqY2gOwqFfN3n4jnYdWjc6hbuGujIauCOW3p5seL5yKBxS6ScqSMpIqX4nD
tnUqCl0JMKiBn1uE8nSZW2hvj/0HPQSLEKe0WaUS9oT81eFx2sOCiLHZ7kA2pJrk
unby37BprDpqVmOiwhEZHA2lAxGZvTwF/nKQZAAPFSIwS4oto/7AJqUWCLExIYay
Vg/7zISigh3P/and5s0JaxBnD19wY1CmSc0sct2KxweGrIfJRLjqvbu4SZ0JaTKV
AbqjIV0WFI7RZWaLHCvmYY0YZdCt7f/L3/2R9LtAvRCXvRa3nwWB6cvppU3RbHix
uvu0TG8+YDhUFMBJTpdmOmQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org