Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/QItWlC9QZ4l0eGmv2wSNQ9IjKw4.roa
File: QItWlC9QZ4l0eGmv2wSNQ9IjKw4.roa (raw, json)
Hash identifier: qRddEWRcQWLaDQdCqWROMoaB1Eu/pCxZlPzBDo0gAlY=
Subject key identifier: 40:8B:56:94:2F:50:67:89:74:78:69:AF:DB:04:8D:43:D2:23:2B:0E
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4827
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/QItWlC9QZ4l0eGmv2wSNQ9IjKw4.roa
Signing time: Tue 17 May 2022 00:30:07 +0000
ROA not before: Tue 17 May 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18471 (0x4827)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 17 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=408B56942F506789747869AFDB048D43D2232B0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:24:ee:2c:f2:9f:9e:62:c4:55:7f:f6:fd:7d:
9c:8f:e1:37:e9:32:ab:23:a9:8d:40:a1:0a:0a:b0:
c0:de:e0:86:12:36:85:24:b8:27:f5:56:d4:1c:e4:
4e:ae:14:12:e4:e0:d6:e8:98:63:0b:1d:4a:3a:08:
61:1b:68:1a:1a:ac:c8:3a:4a:e5:a7:08:f3:a0:05:
67:f6:08:e3:32:7c:93:56:12:28:5f:f6:c7:70:3d:
8e:51:d6:df:6d:88:1f:22:08:06:07:17:bd:d8:9a:
0e:da:2a:af:70:02:4f:b7:65:b3:80:7e:27:29:eb:
b0:d2:ce:32:bf:54:4f:d7:97:88:81:3c:e1:a8:f8:
d0:e0:ef:52:a2:a5:3a:7a:57:49:2b:03:32:2d:b4:
e4:d9:f8:01:f7:28:29:92:03:c8:05:b5:b1:1e:69:
21:0c:b6:7c:2e:ad:a9:79:67:b0:7a:78:90:84:db:
03:c5:0a:48:9c:ee:49:c0:13:6b:44:05:f1:c1:ec:
3a:f2:bf:cc:e3:68:fe:86:59:fb:df:57:3a:d9:d6:
96:b1:7b:ac:d9:50:45:91:ab:7e:43:71:ee:a8:cc:
8a:54:43:8f:2d:96:38:c7:f3:06:61:26:8c:04:a0:
49:07:fc:1c:df:b5:79:df:01:d1:e2:89:c6:8b:97:
b3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8B:56:94:2F:50:67:89:74:78:69:AF:DB:04:8D:43:D2:23:2B:0E
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/QItWlC9QZ4l0eGmv2wSNQ9IjKw4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:7e:63:46:33:a5:aa:ea:a4:35:fa:d6:7c:b0:cc:06:0c:74:
84:33:ab:5f:97:e4:2c:ea:21:ec:d2:c9:1b:bb:89:88:7f:b6:
19:f4:cb:2f:5d:40:11:35:67:cc:02:57:7f:09:06:90:d4:8e:
bc:be:00:a2:b1:3b:0a:e8:ee:06:da:9b:4f:bd:a3:2c:3b:24:
b0:19:6d:a7:9c:0b:e5:d2:9d:f9:9b:36:7d:df:33:2a:de:53:
b9:74:e2:cf:f4:c0:70:8a:69:d4:9b:d8:f9:a4:40:20:05:84:
55:56:41:2a:83:de:94:23:eb:58:62:e0:e0:19:49:ca:81:82:
fe:3b:3a:a1:e8:e5:c2:2a:07:75:e5:71:44:0d:c2:1c:92:8d:
81:b5:67:0a:cd:7e:25:44:71:c6:3f:e2:a9:cb:9a:6d:c4:14:
fe:23:2c:f4:04:a6:6a:d6:41:f0:09:37:d7:f2:ff:38:15:dc:
c9:6d:b4:6f:51:7a:55:36:86:bf:b7:b1:5b:a0:ea:51:6b:2e:
5e:41:ff:0c:77:42:db:a7:f6:d7:b7:5f:4e:34:d4:fb:32:5d:
54:04:f5:22:d7:d9:90:3e:45:fb:48:a9:be:42:f0:e1:18:32:
41:1a:f2:d3:4e:98:76:5e:aa:27:fd:39:79:db:c8:7a:c3:63:
9a:d6:71:b2
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSCcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MTcw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDQwOEI1Njk0MkY1MDY3
ODk3NDc4NjlBRkRCMDQ4RDQzRDIyMzJCMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9JO4s8p+eYsRVf/b9fZyP4TfpMqsjqY1AoQoKsMDe4IYSNoUk
uCf1VtQc5E6uFBLk4NbomGMLHUo6CGEbaBoarMg6SuWnCPOgBWf2COMyfJNWEihf
9sdwPY5R1t9tiB8iCAYHF73Ymg7aKq9wAk+3ZbOAficp67DSzjK/VE/Xl4iBPOGo
+NDg71KipTp6V0krAzIttOTZ+AH3KCmSA8gFtbEeaSEMtnwural5Z7B6eJCE2wPF
Ckic7knAE2tEBfHB7Dryv8zjaP6GWfvfVzrZ1paxe6zZUEWRq35Dce6ozIpUQ48t
ljjH8wZhJowEoEkH/BzftXnfAdHiicaLl7PhAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUQItWlC9QZ4l0eGmv2wSNQ9IjKw4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9RSXRXbEM5UVo0bDBlR212MndTTlE5SWpLdzQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AEp+Y0YzparqpDX61nywzAYMdIQzq1+X5CzqIezSyRu7iYh/thn0yy9dQBE1Z8wC
V38JBpDUjry+AKKxOwro7gbam0+9oyw7JLAZbaecC+XSnfmbNn3fMyreU7l04s/0
wHCKadSb2PmkQCAFhFVWQSqD3pQj61hi4OAZScqBgv47OqHo5cIqB3XlcUQNwhyS
jYG1ZwrNfiVEccY/4qnLmm3EFP4jLPQEpmrWQfAJN9fy/zgV3MlttG9RelU2hr+3
sVug6lFrLl5B/wx3Qtun9te3X0401PsyXVQE9SLX2ZA+RftIqb5C8OEYMkEa8tNO
mHZeqif9OXnbyHrDY5rWcbI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org