Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/RKAMJaXxBp5J9vFJ2KudFoTmVPA.roa
File: RKAMJaXxBp5J9vFJ2KudFoTmVPA.roa (raw, json)
Hash identifier: 3beKqLFNk5hB+DzPu8p6sv2bJnqZDIIjIA5YYn87e/k=
Subject key identifier: 44:A0:0C:25:A5:F1:06:9E:49:F6:F1:49:D8:AB:9D:16:84:E6:54:F0
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4526
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/RKAMJaXxBp5J9vFJ2KudFoTmVPA.roa
Signing time: Wed 23 Mar 2022 00:30:08 +0000
ROA not before: Wed 23 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17702 (0x4526)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 23 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=44A00C25A5F1069E49F6F149D8AB9D1684E654F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:21:cc:5a:e8:ce:4c:c1:36:66:3d:84:28:da:
cb:8a:48:cf:d4:4c:ff:b4:8b:29:04:e7:f6:cd:71:
20:55:fb:6c:5b:6c:0b:fc:0e:35:50:49:93:eb:9a:
16:34:18:ee:e2:06:96:5f:e4:dd:bc:7b:b5:7e:e6:
e2:15:9c:5e:df:7e:f0:0e:46:c2:0c:ac:38:5b:09:
67:70:c3:72:58:ae:90:6c:18:b9:8f:09:e8:dc:88:
65:d9:88:75:76:b6:67:88:ef:a5:bf:a5:8e:a0:7c:
23:25:24:67:e1:65:b9:69:24:31:7c:d3:a3:21:f0:
98:e8:30:89:d0:92:c8:41:f8:5b:27:9e:c9:89:33:
74:6d:e6:d9:af:d2:b9:54:f4:f8:23:5b:2c:00:46:
28:da:e6:25:2c:09:fc:71:8b:3e:62:08:88:50:bf:
c2:25:36:f3:c8:4f:13:e6:74:20:ac:6e:eb:ff:a2:
19:b5:17:f1:a7:45:c3:39:78:cd:0d:56:6e:ba:1f:
26:dd:a6:d3:a4:b1:04:e8:bf:04:0d:fd:1c:5d:98:
e2:86:1f:99:92:d4:7b:49:a4:cf:1a:4a:09:db:12:
e9:5c:51:a7:72:b9:d6:b8:a3:79:92:5a:4b:b2:63:
5c:bf:7b:b1:c1:a5:af:13:3d:4a:94:59:04:9f:9a:
ac:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A0:0C:25:A5:F1:06:9E:49:F6:F1:49:D8:AB:9D:16:84:E6:54:F0
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/RKAMJaXxBp5J9vFJ2KudFoTmVPA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
26:b9:46:ec:ff:87:a7:7b:47:88:38:07:66:bd:40:87:b9:cf:
dc:4f:01:e7:ac:1c:62:f9:a8:0e:d5:9b:e4:d3:ad:f7:72:47:
19:41:8a:f6:b2:19:ae:cc:a4:b8:ae:12:00:90:6a:63:b3:2c:
33:41:9f:82:5a:ca:35:7b:91:e9:05:01:59:60:81:c5:d1:4e:
2e:5d:77:96:f2:20:57:99:26:d3:4a:88:72:45:ac:fc:7b:83:
6e:cf:bf:30:7a:d7:1a:00:c4:30:11:37:3b:13:e4:46:d2:71:
84:87:b6:4a:47:17:dc:de:4c:64:93:8e:58:0b:5a:92:9a:10:
fe:fe:f5:65:e0:78:98:3d:ae:97:a6:c4:90:a6:6d:37:5a:5c:
96:c2:e0:95:fe:a9:a2:46:59:50:13:bb:1e:d9:57:54:73:e2:
03:4a:62:a0:4d:28:27:7e:f2:b1:df:e9:67:ba:c2:6d:b6:8e:
bd:71:2d:cd:14:fa:0f:1c:85:77:6c:bb:d5:30:ad:ab:14:49:
10:a7:4e:3c:be:44:b1:c2:24:6b:20:56:89:82:67:20:36:65:
6f:d5:d6:72:68:19:8c:82:ed:43:39:06:51:fa:89:93:2b:3c:
3c:ae:6d:2e:ec:34:46:85:57:46:d7:ba:f6:28:f9:d9:78:77:
81:a1:b5:29
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRSYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjMw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDQ0QTAwQzI1QTVGMTA2
OUU0OUY2RjE0OUQ4QUI5RDE2ODRFNjU0RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiIcxa6M5MwTZmPYQo2suKSM/UTP+0iykE5/bNcSBV+2xbbAv8
DjVQSZPrmhY0GO7iBpZf5N28e7V+5uIVnF7ffvAORsIMrDhbCWdww3JYrpBsGLmP
CejciGXZiHV2tmeI76W/pY6gfCMlJGfhZblpJDF806Mh8JjoMInQkshB+FsnnsmJ
M3Rt5tmv0rlU9PgjWywARija5iUsCfxxiz5iCIhQv8IlNvPITxPmdCCsbuv/ohm1
F/GnRcM5eM0NVm66HybdptOksQTovwQN/RxdmOKGH5mS1HtJpM8aSgnbEulcUady
uda4o3mSWkuyY1y/e7HBpa8TPUqUWQSfmqwlAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQURKAMJaXxBp5J9vFJ2KudFoTmVPAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9SS0FNSmFYeEJwNUo5dkZKMkt1ZEZvVG1WUEEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ACa5Ruz/h6d7R4g4B2a9QIe5z9xPAeesHGL5qA7Vm+TTrfdyRxlBivayGa7MpLiu
EgCQamOzLDNBn4JayjV7kekFAVlggcXRTi5dd5byIFeZJtNKiHJFrPx7g27PvzB6
1xoAxDARNzsT5EbScYSHtkpHF9zeTGSTjlgLWpKaEP7+9WXgeJg9rpemxJCmbTda
XJbC4JX+qaJGWVATux7ZV1Rz4gNKYqBNKCd+8rHf6We6wm22jr1xLc0U+g8chXds
u9UwrasUSRCnTjy+RLHCJGsgVomCZyA2ZW/V1nJoGYyC7UM5BlH6iZMrPDyubS7s
NEaFV0bXuvYo+dl4d4GhtSk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org