Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/UsNOendMr_ho5zC0X0JStZ_WSeo.roa
File: UsNOendMr_ho5zC0X0JStZ_WSeo.roa (raw, json)
Hash identifier: +9/efJsz+4Jq2hnYfXaUtXmM3TS6Zw7n/E2W9qFg8N4=
Subject key identifier: 52:C3:4E:7A:77:4C:AF:F8:68:E7:30:B4:5F:42:52:B5:9F:D6:49:EA
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4443
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/UsNOendMr_ho5zC0X0JStZ_WSeo.roa
Signing time: Mon 07 Mar 2022 00:30:09 +0000
ROA not before: Mon 07 Mar 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17475 (0x4443)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 7 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=52C34E7A774CAFF868E730B45F4252B59FD649EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1d:4d:b3:0d:90:2c:1d:26:01:90:8d:d0:64:
8a:d8:85:1b:b4:4c:24:8d:77:ea:d6:76:d2:ba:cd:
44:00:68:1b:bf:a1:45:78:e3:c8:9e:79:7b:29:07:
0c:a3:40:11:2e:d9:da:3d:76:cc:e0:c1:07:ea:d2:
40:9f:36:5b:d6:10:10:15:4f:b2:02:a4:a4:96:f6:
94:cf:ba:ca:03:95:a0:05:d2:3c:8e:ac:84:73:70:
95:cc:b6:54:47:f9:0e:65:b8:30:03:0e:df:ac:7c:
28:0c:39:bd:39:23:d0:94:4b:a2:55:2a:0d:ef:7c:
e1:8f:97:c6:62:59:3e:10:e9:5e:b8:c1:65:72:1e:
84:58:86:de:f4:aa:d6:ad:f9:d8:7b:b2:cc:4d:7e:
82:86:c8:cd:51:2c:9e:3b:86:43:60:37:62:22:2c:
94:bd:57:bf:a5:cd:52:89:09:9c:bc:36:f3:99:38:
d2:90:7b:0b:91:7b:5e:95:e9:13:5c:df:df:ff:a6:
1e:5a:11:1b:8b:52:9d:e9:79:9d:60:be:0b:3f:27:
a9:77:a4:f1:82:96:98:7f:b7:1e:a1:53:e6:70:0b:
c5:fc:a7:0c:83:92:bc:4f:ed:1f:19:29:ef:28:3d:
91:1d:81:14:02:c0:92:f8:bc:2c:8f:66:01:68:0d:
8e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C3:4E:7A:77:4C:AF:F8:68:E7:30:B4:5F:42:52:B5:9F:D6:49:EA
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/UsNOendMr_ho5zC0X0JStZ_WSeo.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
66:64:e6:5d:ba:cf:0b:f7:6b:1d:f0:b2:37:0c:0f:ce:72:5f:
31:06:6a:a5:3f:d2:5b:cb:da:f1:5d:56:a2:11:2b:4c:da:9f:
f1:78:2b:2f:72:10:50:b3:ae:d0:d4:1b:2d:85:ae:22:97:71:
2c:be:70:3d:a9:9d:77:98:00:55:e5:d6:65:29:08:fd:38:9b:
ed:e9:fc:1b:2e:00:46:74:74:27:ce:c6:b2:70:71:cb:c3:42:
6d:eb:bc:f5:bf:ab:73:cd:42:bd:3d:b9:ac:82:4a:51:33:2e:
00:67:40:25:84:56:0a:61:fc:93:af:65:3c:02:66:8c:92:8f:
ff:a3:7f:a5:80:58:1d:5e:b4:a4:0f:81:a6:41:09:fb:51:4b:
26:68:2e:9a:1c:48:aa:65:b7:80:e1:be:7e:fd:35:a5:40:22:
d8:5e:79:00:46:29:52:c7:b3:37:93:ce:16:3d:f2:6e:14:4d:
56:82:52:c8:7d:2d:4a:15:bc:60:38:72:f9:5e:b2:40:75:96:
7b:60:26:a8:c7:d3:63:a4:fd:de:4f:39:de:8e:ab:1e:f8:fd:
60:31:3c:77:4c:15:31:5b:69:e5:92:a0:7e:88:8e:2d:d9:d2:
72:8e:a9:26:10:e8:d6:8b:bf:31:9b:6a:bb:28:47:f1:21:4d:
f5:82:fc:60
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICREMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDcw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDUyQzM0RTdBNzc0Q0FG
Rjg2OEU3MzBCNDVGNDI1MkI1OUZENjQ5RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnHU2zDZAsHSYBkI3QZIrYhRu0TCSNd+rWdtK6zUQAaBu/oUV4
48ieeXspBwyjQBEu2do9dszgwQfq0kCfNlvWEBAVT7ICpKSW9pTPusoDlaAF0jyO
rIRzcJXMtlRH+Q5luDADDt+sfCgMOb05I9CUS6JVKg3vfOGPl8ZiWT4Q6V64wWVy
HoRYht70qtat+dh7ssxNfoKGyM1RLJ47hkNgN2IiLJS9V7+lzVKJCZy8NvOZONKQ
ewuRe16V6RNc39//ph5aERuLUp3peZ1gvgs/J6l3pPGClph/tx6hU+ZwC8X8pwyD
krxP7R8ZKe8oPZEdgRQCwJL4vCyPZgFoDY7vAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUUsNOendMr/ho5zC0X0JStZ/WSeowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9Vc05PZW5kTXJfaG81ekMwWDBKU3RaX1dTZW8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
AGZk5l26zwv3ax3wsjcMD85yXzEGaqU/0lvL2vFdVqIRK0zan/F4Ky9yEFCzrtDU
Gy2FriKXcSy+cD2pnXeYAFXl1mUpCP04m+3p/BsuAEZ0dCfOxrJwccvDQm3rvPW/
q3PNQr09uayCSlEzLgBnQCWEVgph/JOvZTwCZoySj/+jf6WAWB1etKQPgaZBCftR
SyZoLpocSKplt4Dhvn79NaVAItheeQBGKVLHszeTzhY98m4UTVaCUsh9LUoVvGA4
cvleskB1lntgJqjH02Ok/d5POd6Oqx74/WAxPHdMFTFbaeWSoH6Iji3Z0nKOqSYQ
6NaLvzGbarsoR/EhTfWC/GA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org