Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/QosKMESQe8kIlCXjqco24OJ4W-M.roa
File: QosKMESQe8kIlCXjqco24OJ4W-M.roa (raw, json)
Hash identifier: RWAuEMlnuKpz1z7GmY86F6w7JfYPJ5neFLGTChJBNfY=
Subject key identifier: 42:8B:0A:30:44:90:7B:C9:08:94:25:E3:A9:CA:36:E0:E2:78:5B:E3
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 477C
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/QosKMESQe8kIlCXjqco24OJ4W-M.roa
Signing time: Thu 05 May 2022 00:30:06 +0000
ROA not before: Thu 05 May 2022 00:30:06 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18300 (0x477c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 5 00:30:06 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=428B0A3044907BC9089425E3A9CA36E0E2785BE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b9:ed:d3:35:06:c5:23:eb:ae:fe:20:26:ce:
9f:ce:cf:14:d5:2a:3b:6c:72:0b:17:4e:b4:41:74:
0e:4c:85:60:45:0d:25:44:41:67:64:a9:30:2c:6a:
23:84:06:ec:77:b6:e5:46:15:a1:8e:5c:f8:1f:94:
1f:79:11:48:b0:a0:be:79:a7:46:4f:32:0f:17:93:
b0:8b:7a:f9:b7:52:05:a7:b6:c7:4a:9c:10:f5:e3:
88:ef:ee:59:e1:10:74:70:77:ce:d5:72:c4:a8:78:
86:b2:e8:93:58:f5:f3:be:2b:f8:f0:bc:b5:4d:8c:
e7:56:21:7e:dc:63:18:96:2a:27:d5:95:c7:8b:08:
9f:e6:fd:75:42:dc:89:e5:60:39:86:22:f6:36:03:
08:e1:a2:20:0e:2f:c6:c4:f1:8e:26:d3:7d:86:27:
76:c8:a6:57:2f:44:54:54:a3:5c:eb:3e:b7:02:ed:
b8:6f:9d:7b:25:12:f0:33:ef:5a:dd:f7:44:f0:86:
93:a8:ed:13:3f:a2:4d:6a:9f:e0:e6:c8:46:5c:82:
1e:79:40:fc:33:dd:e7:f5:9b:ae:bf:a7:a1:04:f8:
46:f8:08:61:5e:e0:15:f9:29:a3:55:ab:46:ab:90:
ee:1d:92:29:f7:d9:48:82:10:b4:57:66:ed:a2:76:
54:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8B:0A:30:44:90:7B:C9:08:94:25:E3:A9:CA:36:E0:E2:78:5B:E3
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/QosKMESQe8kIlCXjqco24OJ4W-M.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
43:84:a1:3e:ae:46:4b:cf:5c:0c:5d:25:6a:49:ce:55:b5:e7:
ca:dd:c0:24:62:b9:e9:f8:c6:de:ac:be:f3:d7:10:54:fe:3c:
2f:d4:64:ea:04:ee:a9:7c:a3:58:e1:df:b4:8e:e6:31:07:fc:
dc:0c:62:75:49:f5:b6:f7:69:18:d8:68:24:1d:c4:31:ac:d1:
f8:e7:41:e1:46:15:df:56:76:89:cf:1a:24:3e:ea:4c:b0:fb:
9a:c8:d1:1c:31:8a:b0:a7:79:1f:9c:a0:17:fd:f5:8c:ce:b7:
5b:2c:df:59:89:5f:cf:c5:47:97:19:6c:b1:b5:8d:11:99:2c:
a8:48:c7:84:49:62:79:d0:48:a2:6e:49:1c:a9:7d:2d:fc:ce:
04:07:c8:8e:b3:48:93:7c:69:7f:10:53:e1:4e:8d:a2:29:3c:
60:8b:25:84:86:b9:49:07:b1:39:b1:3d:d1:27:74:2a:65:d9:
48:06:fe:da:98:e7:72:12:59:30:83:90:2c:a1:e7:d5:12:95:
95:c3:c9:42:0a:b6:61:e4:67:3f:f6:d7:34:6b:24:62:38:51:
80:8c:ec:a6:6b:8b:98:b0:a0:54:41:a1:cc:88:78:65:b0:af:
0f:47:17:71:e8:dc:24:31:03:d4:00:73:b7:2a:91:22:0e:d5:
79:08:e7:4f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR3wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MDUw
MDMwMDZaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDQyOEIwQTMwNDQ5MDdC
QzkwODk0MjVFM0E5Q0EzNkUwRTI3ODVCRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPue3TNQbFI+uu/iAmzp/OzxTVKjtscgsXTrRBdA5MhWBFDSVE
QWdkqTAsaiOEBux3tuVGFaGOXPgflB95EUiwoL55p0ZPMg8Xk7CLevm3UgWntsdK
nBD144jv7lnhEHRwd87VcsSoeIay6JNY9fO+K/jwvLVNjOdWIX7cYxiWKifVlceL
CJ/m/XVC3InlYDmGIvY2AwjhoiAOL8bE8Y4m032GJ3bIplcvRFRUo1zrPrcC7bhv
nXslEvAz71rd90TwhpOo7RM/ok1qn+DmyEZcgh55QPwz3ef1m66/p6EE+Eb4CGFe
4BX5KaNVq0arkO4dkin32UiCELRXZu2idlQzAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUQosKMESQe8kIlCXjqco24OJ4W+MwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9Rb3NLTUVTUWU4a0lsQ1hqcWNvMjRPSjRXLU0ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AEOEoT6uRkvPXAxdJWpJzlW158rdwCRiuen4xt6svvPXEFT+PC/UZOoE7ql8o1jh
37SO5jEH/NwMYnVJ9bb3aRjYaCQdxDGs0fjnQeFGFd9WdonPGiQ+6kyw+5rI0Rwx
irCneR+coBf99YzOt1ss31mJX8/FR5cZbLG1jRGZLKhIx4RJYnnQSKJuSRypfS38
zgQHyI6zSJN8aX8QU+FOjaIpPGCLJYSGuUkHsTmxPdEndCpl2UgG/tqY53ISWTCD
kCyh59USlZXDyUIKtmHkZz/21zRrJGI4UYCM7KZri5iwoFRBocyIeGWwrw9HF3Ho
3CQxA9QAc7cqkSIO1XkI508=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org