Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/PiZwrCG8I27yIltXv5Ao6isLCgc.roa
File: PiZwrCG8I27yIltXv5Ao6isLCgc.roa (raw, json)
Hash identifier: MrGd23yzmhm8gYR/soklL+BT3seafvBdT3rz497ZTIA=
Subject key identifier: 3E:26:70:AC:21:BC:23:6E:F2:22:5B:57:BF:90:28:EA:2B:0B:0A:07
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 473A
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/PiZwrCG8I27yIltXv5Ao6isLCgc.roa
Signing time: Sat 30 Apr 2022 00:30:09 +0000
ROA not before: Sat 30 Apr 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18234 (0x473a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 30 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=3E2670AC21BC236EF2225B57BF9028EA2B0B0A07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ce:90:15:65:c4:ea:63:f7:36:6f:2d:b3:fd:
1e:a2:4a:73:b7:a6:ac:97:e9:3e:5c:a6:40:0d:51:
45:a4:80:8f:1d:e8:2f:4e:f0:dd:87:8d:de:08:d2:
34:8f:4a:97:e4:d3:31:fc:af:fc:a6:db:1a:90:8a:
4b:9f:72:33:d7:ef:00:2d:f5:6f:89:3d:21:e3:92:
e2:6c:22:c3:85:9a:29:95:39:6a:59:2f:24:fb:7e:
31:c4:ea:94:d2:c6:e6:d4:93:90:c6:d1:c8:04:10:
b4:e8:52:81:87:92:ea:39:2a:69:b2:cc:8b:74:c7:
9b:3e:47:61:d0:8b:34:05:4c:78:df:a4:0a:b4:56:
21:c3:a2:34:6d:27:cd:ca:66:83:51:0b:9f:be:4b:
d4:89:f3:6c:34:00:29:37:83:be:35:df:6f:38:15:
b5:80:29:18:dd:6e:14:7c:13:ac:2d:aa:ff:53:33:
9d:fa:2a:73:d4:37:a8:37:07:93:34:43:6c:e9:58:
aa:ad:9e:c2:7d:3a:b5:61:9c:db:ec:a7:ac:d7:59:
cd:ff:61:d9:b7:d7:18:a1:f4:55:cc:b1:04:eb:bd:
3a:02:f7:83:a0:c9:14:45:aa:0b:b0:bf:0c:7e:91:
8c:c5:5e:83:d8:9d:1f:00:44:4d:55:cf:4c:c0:68:
d0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:26:70:AC:21:BC:23:6E:F2:22:5B:57:BF:90:28:EA:2B:0B:0A:07
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/PiZwrCG8I27yIltXv5Ao6isLCgc.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
81:3b:d1:20:f1:23:91:cb:fe:d0:f3:1f:b6:03:0b:f1:24:9b:
3e:89:f2:b8:43:c7:85:51:f1:22:fc:4a:8a:11:b6:43:f1:c4:
24:24:97:b9:5c:c0:eb:36:93:43:6c:28:25:a4:aa:18:67:73:
2b:c8:78:81:67:c1:3d:41:03:7c:c8:48:7a:4d:ef:8a:41:84:
be:1c:6a:dd:41:e0:9c:dd:f6:d5:2e:40:e7:c6:1c:9d:22:c0:
4e:56:f3:56:9c:cb:0a:19:bb:e2:69:4c:37:68:2a:f0:03:92:
46:e3:8a:f3:86:64:ed:ed:18:e7:d2:d2:3d:e0:0f:51:8a:5c:
36:27:ac:1d:9c:88:ff:1e:f3:48:9f:03:48:c3:e2:ea:be:2b:
94:1b:48:29:a8:70:4a:18:21:2a:3f:d7:bb:d6:e7:15:27:c8:
16:b3:cc:64:98:b0:26:eb:cf:64:4b:69:77:f0:a2:1d:98:3a:
a3:1e:1c:43:50:aa:9b:b9:36:02:2d:e2:5b:5b:44:69:0f:2b:
ed:bd:4f:9d:7c:12:da:af:d9:cd:d9:e8:cd:cd:ab:2d:f0:12:
6b:8e:09:9a:b0:9d:3c:b9:63:0b:ba:80:19:ea:76:b6:86:d8:
16:3d:a2:bf:fd:1d:df:50:55:64:52:4e:29:bf:9e:c6:94:9a:
10:a0:3d:3c
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRzowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MzAw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDNFMjY3MEFDMjFCQzIz
NkVGMjIyNUI1N0JGOTAyOEVBMkIwQjBBMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEzpAVZcTqY/c2by2z/R6iSnO3pqyX6T5cpkANUUWkgI8d6C9O
8N2Hjd4I0jSPSpfk0zH8r/ym2xqQikufcjPX7wAt9W+JPSHjkuJsIsOFmimVOWpZ
LyT7fjHE6pTSxubUk5DG0cgEELToUoGHkuo5KmmyzIt0x5s+R2HQizQFTHjfpAq0
ViHDojRtJ83KZoNRC5++S9SJ82w0ACk3g7413284FbWAKRjdbhR8E6wtqv9TM536
KnPUN6g3B5M0Q2zpWKqtnsJ9OrVhnNvsp6zXWc3/Ydm31xih9FXMsQTrvToC94Og
yRRFqguwvwx+kYzFXoPYnR8ARE1Vz0zAaNBJAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUPiZwrCG8I27yIltXv5Ao6isLCgcwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9QaVp3ckNHOEkyN3lJbHRYdjVBbzZpc0xDZ2Mucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AIE70SDxI5HL/tDzH7YDC/Ekmz6J8rhDx4VR8SL8SooRtkPxxCQkl7lcwOs2k0Ns
KCWkqhhncyvIeIFnwT1BA3zISHpN74pBhL4cat1B4Jzd9tUuQOfGHJ0iwE5W81ac
ywoZu+JpTDdoKvADkkbjivOGZO3tGOfS0j3gD1GKXDYnrB2ciP8e80ifA0jD4uq+
K5QbSCmocEoYISo/17vW5xUnyBazzGSYsCbrz2RLaXfwoh2YOqMeHENQqpu5NgIt
4ltbRGkPK+29T518Etqv2c3Z6M3Nqy3wEmuOCZqwnTy5Ywu6gBnqdraG2BY9or/9
Hd9QVWRSTim/nsaUmhCgPTw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org