Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/PurlGxxFy8ayfNKePbhV4D6k06g.roa
File: PurlGxxFy8ayfNKePbhV4D6k06g.roa (raw, json)
Hash identifier: cSkLevWOhQ0a82X1jNCmZYzlfSp92qGsM31WMIjNo9A=
Subject key identifier: 3E:EA:E5:1B:1C:45:CB:C6:B2:7C:D2:9E:3D:B8:55:E0:3E:A4:D3:A8
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 464C
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/PurlGxxFy8ayfNKePbhV4D6k06g.roa
Signing time: Wed 13 Apr 2022 00:30:06 +0000
ROA not before: Wed 13 Apr 2022 00:30:06 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17996 (0x464c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 13 00:30:06 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=3EEAE51B1C45CBC6B27CD29E3DB855E03EA4D3A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e8:c8:3b:8c:59:6e:88:4c:5c:06:2b:ca:56:
96:16:bb:a5:1c:0d:ee:8b:1f:a1:c2:c2:89:4f:a9:
b0:6b:d9:36:fd:bc:61:37:e3:7a:1e:f6:29:e2:e7:
d9:74:7b:a6:23:f0:4b:5e:16:87:dd:f1:1c:a9:d1:
13:2d:79:4f:30:af:fa:5e:a8:eb:33:21:79:e2:b9:
72:d1:1e:05:cb:cd:be:9e:f9:3d:8e:ad:09:15:52:
ac:e5:f7:65:8f:5a:a2:3f:34:29:1d:1e:58:88:5b:
7b:e0:98:76:de:9c:44:73:50:0d:ae:4d:cf:62:24:
bc:fe:08:bd:ca:10:74:2d:be:3e:75:d7:ee:32:d4:
e0:14:ad:4f:71:c6:40:78:8f:20:ff:71:f2:57:26:
bc:96:93:5d:7a:53:e2:53:c4:17:a0:c8:8e:f6:e9:
76:4b:fb:11:5a:13:1b:f3:88:e6:29:86:fd:6e:e5:
b2:04:0c:c1:78:d1:f5:26:9f:b0:28:25:6b:fd:f0:
bd:70:f7:7f:ee:bf:db:5d:03:79:ed:9f:bd:17:f5:
91:a6:c2:ae:3b:72:ac:4f:42:57:c1:6a:47:d3:5a:
42:f6:54:48:ff:69:e0:26:03:bc:48:31:c4:cd:46:
11:28:46:5a:1e:5d:ff:1f:84:31:cd:f7:3d:0d:6c:
fc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:EA:E5:1B:1C:45:CB:C6:B2:7C:D2:9E:3D:B8:55:E0:3E:A4:D3:A8
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/PurlGxxFy8ayfNKePbhV4D6k06g.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:b3:f5:cf:a4:5b:98:25:21:80:e0:c0:84:4c:c6:a5:a1:63:
b5:48:23:f4:0d:2e:a7:bf:fb:45:af:53:ec:1d:65:47:c4:4a:
18:53:e1:d5:61:47:d1:58:9e:0c:c7:71:57:39:8e:1c:a5:5a:
36:85:e2:1d:86:53:de:00:c2:41:91:1e:09:e7:b1:09:05:5e:
ad:f6:08:72:9a:82:b7:a7:68:6f:17:b6:03:b8:ba:b2:a1:5d:
94:c0:78:81:ef:be:2f:7c:25:7a:aa:7c:89:18:5d:fc:25:e6:
31:68:f5:f7:14:fb:3b:a4:c7:f3:a6:15:3c:b9:09:a9:a5:40:
91:93:5a:78:68:22:f7:bb:ed:38:7a:a4:e7:d5:93:8f:83:46:
16:c6:f0:1b:eb:aa:50:b3:b0:bb:18:e9:76:e3:9f:d2:04:49:
55:3c:d7:97:96:61:6b:a6:bb:5c:91:07:4a:2e:9e:9b:02:f4:
e0:70:77:87:95:1d:95:d6:f9:0c:ea:16:bd:d2:ba:92:85:02:
74:4d:14:b1:34:ed:29:14:29:6b:f7:15:78:0d:cc:a0:e3:24:
31:94:e3:17:84:68:fc:c5:22:93:9b:a4:2d:b2:23:6a:1b:8f:
bb:12:82:83:69:28:04:f8:63:57:86:19:d6:29:4a:ad:69:48:
cc:6d:24:8c
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRkwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MTMw
MDMwMDZaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDNFRUFFNTFCMUM0NUNC
QzZCMjdDRDI5RTNEQjg1NUUwM0VBNEQzQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDR6Mg7jFluiExcBivKVpYWu6UcDe6LH6HCwolPqbBr2Tb9vGE3
43oe9ini59l0e6Yj8EteFofd8Ryp0RMteU8wr/peqOszIXniuXLRHgXLzb6e+T2O
rQkVUqzl92WPWqI/NCkdHliIW3vgmHbenERzUA2uTc9iJLz+CL3KEHQtvj511+4y
1OAUrU9xxkB4jyD/cfJXJryWk116U+JTxBegyI726XZL+xFaExvziOYphv1u5bIE
DMF40fUmn7AoJWv98L1w93/uv9tdA3ntn70X9ZGmwq47cqxPQlfBakfTWkL2VEj/
aeAmA7xIMcTNRhEoRloeXf8fhDHN9z0NbPyjAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUPurlGxxFy8ayfNKePbhV4D6k06gwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9QdXJsR3h4Rnk4YXlmTktlUGJoVjRENmswNmcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AD6z9c+kW5glIYDgwIRMxqWhY7VII/QNLqe/+0WvU+wdZUfEShhT4dVhR9FYngzH
cVc5jhylWjaF4h2GU94AwkGRHgnnsQkFXq32CHKagrenaG8XtgO4urKhXZTAeIHv
vi98JXqqfIkYXfwl5jFo9fcU+zukx/OmFTy5CamlQJGTWnhoIve77Th6pOfVk4+D
RhbG8BvrqlCzsLsY6Xbjn9IESVU815eWYWumu1yRB0ounpsC9OBwd4eVHZXW+Qzq
Fr3SupKFAnRNFLE07SkUKWv3FXgNzKDjJDGU4xeEaPzFIpObpC2yI2obj7sSgoNp
KAT4Y1eGGdYpSq1pSMxtJIw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org