Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/RfpscrOj8aiecs-oC4B4FEoGTZY.roa
File: RfpscrOj8aiecs-oC4B4FEoGTZY.roa (raw, json)
Hash identifier: PJDseFCnoexWQ7PLzhi/8+EZOEVi7HD1Inu1MC0Zgrg=
Subject key identifier: 45:FA:6C:72:B3:A3:F1:A8:9E:72:CF:A8:0B:80:78:14:4A:06:4D:96
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 494D
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/RfpscrOj8aiecs-oC4B4FEoGTZY.roa
Signing time: Sat 04 Jun 2022 00:30:09 +0000
ROA not before: Sat 04 Jun 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18765 (0x494d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 4 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=45FA6C72B3A3F1A89E72CFA80B8078144A064D96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:11:86:d3:d6:95:3b:84:b2:f9:62:fa:e4:ff:
f4:09:cc:6b:b1:7e:1d:3e:3d:45:bd:66:1f:e8:f7:
a3:41:9c:22:6d:2c:aa:06:ff:b1:93:92:76:a3:1f:
21:a3:31:c6:01:70:9a:5a:93:4d:91:ae:8f:d9:25:
85:70:bf:f3:ae:d7:34:63:b4:70:a1:f8:96:24:bf:
d2:84:dd:34:ab:1a:66:ca:f9:07:ae:ad:8e:0e:2e:
5e:18:fc:c5:b5:87:81:07:9e:39:fb:c9:95:08:70:
a8:e7:c0:f2:66:20:d8:8e:20:de:36:09:69:ad:43:
27:57:8d:d2:68:f4:46:64:ea:8e:1c:7b:de:9b:94:
ed:44:e5:be:7f:88:de:ad:ea:56:0f:b7:c1:f8:fc:
6f:21:b4:7c:07:44:c8:1e:76:de:87:f3:0d:ec:01:
66:82:55:44:8d:97:52:27:07:76:0a:92:ef:a6:9b:
ff:22:56:b3:6e:9b:de:4b:88:cd:79:25:fb:3a:41:
1e:4c:54:fb:bb:69:68:04:a5:66:78:24:02:77:70:
60:39:15:18:22:a5:bc:e7:7f:58:2b:63:d0:25:74:
c3:bd:fc:c1:3d:1d:ea:f3:59:4e:b7:6d:d2:6b:74:
67:18:09:5f:2e:96:a9:db:0d:0c:90:8d:f1:6f:0f:
d9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:FA:6C:72:B3:A3:F1:A8:9E:72:CF:A8:0B:80:78:14:4A:06:4D:96
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/RfpscrOj8aiecs-oC4B4FEoGTZY.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:90:12:44:94:95:18:cb:18:a8:4e:aa:92:4b:08:7a:b7:04:
ae:de:ab:a4:1f:78:1b:10:af:cc:91:d9:7d:d1:8d:43:4a:32:
51:ea:ea:22:b6:75:71:6e:f9:25:38:54:16:6a:ed:a9:c8:fa:
16:2c:0c:1a:7e:3d:a5:dc:d9:0b:38:55:d5:17:ab:7e:c7:4a:
96:57:77:54:66:4e:ee:cc:e4:32:f1:a6:d8:9f:03:d2:ad:3a:
07:f4:1b:51:e9:38:5a:f7:2c:f3:4a:f6:67:d3:30:db:05:5d:
56:18:57:5e:25:59:d3:ca:e1:df:89:43:84:aa:8c:62:a3:41:
1e:43:c1:a9:1f:37:09:fd:55:c1:ab:fb:a1:f3:0e:27:55:72:
4f:27:d0:6b:78:8b:57:99:98:5b:a2:d3:22:fc:50:8c:18:3c:
1f:25:1a:08:6c:bf:6d:dc:97:2f:e4:ec:b4:e0:a5:a8:a3:62:
da:e6:54:3d:1b:61:d2:1f:c4:c8:b0:5b:96:ce:5e:77:3e:4a:
5c:11:a5:94:d9:99:d8:6b:4e:7f:75:2b:14:95:08:97:a9:fb:
f7:54:96:67:6c:eb:bb:e8:59:99:83:1c:04:18:49:0e:ba:3a:
e8:21:32:0a:50:fe:f3:57:b3:b7:3f:55:6d:59:d1:c3:f4:25:
dd:6b:c8:8b
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSU0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDQw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDQ1RkE2QzcyQjNBM0Yx
QTg5RTcyQ0ZBODBCODA3ODE0NEEwNjREOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDREYbT1pU7hLL5Yvrk//QJzGuxfh0+PUW9Zh/o96NBnCJtLKoG
/7GTknajHyGjMcYBcJpak02Rro/ZJYVwv/Ou1zRjtHCh+JYkv9KE3TSrGmbK+Qeu
rY4OLl4Y/MW1h4EHnjn7yZUIcKjnwPJmINiOIN42CWmtQydXjdJo9EZk6o4ce96b
lO1E5b5/iN6t6lYPt8H4/G8htHwHRMgedt6H8w3sAWaCVUSNl1InB3YKku+mm/8i
VrNum95LiM15Jfs6QR5MVPu7aWgEpWZ4JAJ3cGA5FRgipbznf1grY9AldMO9/ME9
HerzWU63bdJrdGcYCV8ulqnbDQyQjfFvD9mXAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQURfpscrOj8aiecs+oC4B4FEoGTZYwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9SZnBzY3JPajhhaWVjcy1vQzRCNEZFb0dUWlkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AKSQEkSUlRjLGKhOqpJLCHq3BK7eq6QfeBsQr8yR2X3RjUNKMlHq6iK2dXFu+SU4
VBZq7anI+hYsDBp+PaXc2Qs4VdUXq37HSpZXd1RmTu7M5DLxptifA9KtOgf0G1Hp
OFr3LPNK9mfTMNsFXVYYV14lWdPK4d+JQ4SqjGKjQR5DwakfNwn9VcGr+6HzDidV
ck8n0Gt4i1eZmFui0yL8UIwYPB8lGghsv23cly/k7LTgpaijYtrmVD0bYdIfxMiw
W5bOXnc+SlwRpZTZmdhrTn91KxSVCJep+/dUlmds67voWZmDHAQYSQ66OughMgpQ
/vNXs7c/VW1Z0cP0Jd1ryIs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org