Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/OslljPYjqrcJ4txMjJ7Jd0vB7XE.roa
File: OslljPYjqrcJ4txMjJ7Jd0vB7XE.roa (raw, json)
Hash identifier: PQKefl1DJ+kXmayQiyx7GnrAiryzh3CENVu6YJfztZw=
Subject key identifier: 3A:C9:65:8C:F6:23:AA:B7:09:E2:DC:4C:8C:9E:C9:77:4B:C1:ED:71
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 471F
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/OslljPYjqrcJ4txMjJ7Jd0vB7XE.roa
Signing time: Thu 28 Apr 2022 00:30:09 +0000
ROA not before: Thu 28 Apr 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18207 (0x471f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 28 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=3AC9658CF623AAB709E2DC4C8C9EC9774BC1ED71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8f:79:29:d2:21:52:5a:50:6c:73:b4:39:45:
09:8f:90:5a:23:e6:8c:2c:31:51:ff:23:e6:d9:e2:
ee:ba:a3:de:4b:79:bc:1b:da:a0:23:e7:bd:d5:30:
33:ea:ed:54:2e:9d:b8:90:f3:93:68:c2:38:69:ce:
cb:6b:b0:a2:93:8e:32:d8:37:b0:19:01:03:67:64:
4c:ae:ac:d5:7b:17:79:d3:c7:0a:d8:d9:83:d1:0f:
94:7a:74:60:28:89:57:5c:fa:cc:0d:b5:83:ce:ba:
50:1c:50:bb:18:80:7f:7c:47:54:38:a6:c0:a5:91:
7a:78:54:80:b3:ca:8c:4c:60:42:c0:b7:b2:ec:12:
8e:31:01:a2:cc:79:c4:01:66:fe:94:0d:5b:39:a9:
5f:f6:ef:62:7e:9a:c5:05:f9:24:0c:27:fa:b6:3c:
a3:68:a4:a8:aa:01:6b:a2:89:04:15:40:68:de:b3:
46:f2:ae:63:e6:56:a0:9e:33:4f:68:38:6e:6c:ee:
43:ba:30:5f:41:73:a4:56:e7:61:45:d2:ac:b4:c6:
14:fa:5c:b6:0c:1b:4f:0d:65:d8:76:d4:97:08:4f:
b5:45:0e:d7:ef:c6:be:15:57:cf:27:be:6f:cf:48:
30:a4:2d:e2:e6:85:3b:7f:d2:07:8e:ab:ad:51:ea:
01:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C9:65:8C:F6:23:AA:B7:09:E2:DC:4C:8C:9E:C9:77:4B:C1:ED:71
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/OslljPYjqrcJ4txMjJ7Jd0vB7XE.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
22:31:25:20:09:5a:d5:b3:5b:1f:10:5b:93:8f:df:fb:1e:e2:
9b:53:4c:0a:1b:6c:12:2c:e7:37:fc:0d:0b:3a:f0:6a:4f:4c:
18:25:28:7e:9d:bd:9d:01:ce:31:cf:a9:20:65:71:45:46:b9:
e4:36:42:bf:19:0e:f5:4b:0f:78:bb:98:2c:70:2a:60:f2:1e:
31:72:74:c7:62:2b:71:58:da:27:71:71:4c:e1:7b:2e:24:06:
a4:c7:37:0b:52:96:bb:64:55:48:91:89:43:5a:54:7d:ad:27:
41:64:3c:d6:62:14:4c:8b:b2:24:aa:1f:d0:95:b8:c7:6f:2a:
7b:0f:91:d4:5b:7f:53:52:e0:d7:58:99:02:d3:2e:4d:1d:9a:
79:c7:a7:cb:be:43:50:be:c2:4b:c0:dd:e8:7d:84:b1:e4:cf:
bc:ab:66:81:50:d5:d3:2b:14:ea:c1:37:1d:95:2b:a4:64:2c:
49:19:45:5c:f6:23:17:35:51:42:10:dc:44:fb:97:ea:55:8c:
f0:d3:71:7e:96:c0:55:76:38:d7:5a:6d:a7:ab:6e:13:49:45:
ff:a7:70:af:36:9d:2e:77:47:2b:44:95:e9:c4:7a:32:4f:6b:
51:25:65:06:64:dc:81:b6:0e:37:74:33:08:5b:e1:7c:1e:f4:
ea:2d:36:c9
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRx8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0Mjgw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDNBQzk2NThDRjYyM0FB
QjcwOUUyREM0QzhDOUVDOTc3NEJDMUVENzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQj3kp0iFSWlBsc7Q5RQmPkFoj5owsMVH/I+bZ4u66o95Lebwb
2qAj573VMDPq7VQunbiQ85NowjhpzstrsKKTjjLYN7AZAQNnZEyurNV7F3nTxwrY
2YPRD5R6dGAoiVdc+swNtYPOulAcULsYgH98R1Q4psClkXp4VICzyoxMYELAt7Ls
Eo4xAaLMecQBZv6UDVs5qV/272J+msUF+SQMJ/q2PKNopKiqAWuiiQQVQGjes0by
rmPmVqCeM09oOG5s7kO6MF9Bc6RW52FF0qy0xhT6XLYMG08NZdh21JcIT7VFDtfv
xr4VV88nvm/PSDCkLeLmhTt/0geOq61R6gHVAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUOslljPYjqrcJ4txMjJ7Jd0vB7XEwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9Pc2xsalBZanFyY0o0dHhNako3SmQwdkI3WEUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ACIxJSAJWtWzWx8QW5OP3/se4ptTTAobbBIs5zf8DQs68GpPTBglKH6dvZ0BzjHP
qSBlcUVGueQ2Qr8ZDvVLD3i7mCxwKmDyHjFydMdiK3FY2idxcUzhey4kBqTHNwtS
lrtkVUiRiUNaVH2tJ0FkPNZiFEyLsiSqH9CVuMdvKnsPkdRbf1NS4NdYmQLTLk0d
mnnHp8u+Q1C+wkvA3eh9hLHkz7yrZoFQ1dMrFOrBNx2VK6RkLEkZRVz2Ixc1UUIQ
3ET7l+pVjPDTcX6WwFV2ONdabaerbhNJRf+ncK82nS53RytElenEejJPa1ElZQZk
3IG2Djd0Mwhb4Xwe9OotNsk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org