Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/V2Yer3xBUSVW1Qeht4FNybfr72w.roa
File: V2Yer3xBUSVW1Qeht4FNybfr72w.roa (raw, json)
Hash identifier: J9fXUrZ5lQ8C47mYxlMZFy1G5TBh7kTiAYClo+42ZYA=
Subject key identifier: 57:66:1E:AF:7C:41:51:25:56:D5:07:A1:B7:81:4D:C9:B7:EB:EF:6C
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 490A
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/V2Yer3xBUSVW1Qeht4FNybfr72w.roa
Signing time: Wed 01 Jun 2022 00:30:11 +0000
ROA not before: Wed 01 Jun 2022 00:30:11 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18698 (0x490a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 1 00:30:11 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=57661EAF7C41512556D507A1B7814DC9B7EBEF6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:60:3e:60:6d:94:e0:e8:6c:af:ac:2e:41:13:
fa:b0:0f:ba:94:0e:32:80:44:95:72:75:a6:94:14:
ba:64:b6:bb:d3:26:73:20:5a:9a:21:40:b2:cf:cc:
ad:c0:bd:9c:5c:22:9f:cc:e2:d0:a0:b8:35:5f:a0:
3a:b5:95:bf:93:f8:36:f6:6b:53:48:63:e3:34:6b:
af:8c:c7:9c:a2:89:ab:d2:19:82:da:c7:82:7a:27:
9c:7e:b2:8e:9e:83:e8:0a:0c:21:e3:f5:7c:8f:30:
c8:e6:68:2c:a2:04:81:ed:a1:d1:b8:12:d7:2d:76:
7a:cb:f1:7c:01:cc:4b:15:ef:32:7c:ce:0f:a6:f4:
43:64:b9:cc:5a:09:e4:7b:04:cf:ec:e5:1d:09:78:
1b:a7:0b:10:42:62:eb:06:33:37:2b:94:30:72:1d:
2d:3f:17:f0:ce:57:39:19:29:33:8f:9e:ff:06:81:
05:25:58:f5:ea:db:5c:6d:fe:0f:d5:32:bd:4b:31:
7b:8d:84:65:83:6e:a2:47:87:87:85:23:50:1d:48:
22:18:d4:5a:c2:17:86:da:85:fc:b5:55:12:a9:6e:
5e:86:ea:55:82:fd:9f:1c:cc:4b:1e:49:95:0e:e5:
e8:43:24:15:56:ec:d5:c7:a9:1b:7d:44:61:17:cc:
1e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:66:1E:AF:7C:41:51:25:56:D5:07:A1:B7:81:4D:C9:B7:EB:EF:6C
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/V2Yer3xBUSVW1Qeht4FNybfr72w.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.8.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:ac:bb:59:8d:46:a5:2b:d9:9f:30:d5:46:7e:1b:ed:2b:5f:
c2:0f:11:69:0c:d3:48:d8:11:30:3b:5f:27:84:14:b8:27:7f:
83:42:c6:e9:87:1b:20:20:02:1a:da:eb:ec:c0:c4:e6:b5:4e:
ae:ab:7a:9d:89:bc:84:e9:8c:b1:ca:b0:96:8c:1a:9a:be:ed:
00:e0:64:7e:53:1f:f5:93:09:27:0b:36:ef:4d:c9:eb:d5:65:
35:94:7d:20:87:a2:74:e8:f0:10:7d:71:16:cc:7c:66:7f:3b:
11:58:7d:dc:9f:dd:6b:74:37:eb:b5:e4:8a:34:74:1d:cb:09:
8c:a5:1d:db:6b:21:c8:c8:3a:12:80:77:f8:02:a4:e8:2f:2a:
42:a5:78:5d:9c:a5:fa:04:b1:4b:13:80:89:2d:b8:f8:5a:9b:
32:96:05:e4:c7:ec:40:58:58:d4:19:a2:6b:83:f6:88:d6:95:
22:4a:a4:f5:1a:4e:5c:0f:7c:40:39:8e:91:75:56:ef:a0:2f:
a1:b1:b1:69:c0:91:94:6f:c0:55:bf:60:14:fe:ec:8c:73:79:
74:32:b3:12:31:35:90:03:a9:99:82:7b:e8:06:92:3e:05:e1:
de:69:62:4e:1a:f0:44:f1:bb:ce:3e:e6:a1:2d:d1:71:23:2d:
54:2a:aa:4b
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSQowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDEw
MDMwMTFaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDU3NjYxRUFGN0M0MTUx
MjU1NkQ1MDdBMUI3ODE0REM5QjdFQkVGNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhYD5gbZTg6GyvrC5BE/qwD7qUDjKARJVydaaUFLpktrvTJnMg
WpohQLLPzK3AvZxcIp/M4tCguDVfoDq1lb+T+Db2a1NIY+M0a6+Mx5yiiavSGYLa
x4J6J5x+so6eg+gKDCHj9XyPMMjmaCyiBIHtodG4EtctdnrL8XwBzEsV7zJ8zg+m
9ENkucxaCeR7BM/s5R0JeBunCxBCYusGMzcrlDByHS0/F/DOVzkZKTOPnv8GgQUl
WPXq21xt/g/VMr1LMXuNhGWDbqJHh4eFI1AdSCIY1FrCF4bahfy1VRKpbl6G6lWC
/Z8czEseSZUO5ehDJBVW7NXHqRt9RGEXzB6JAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUV2Yer3xBUSVW1Qeht4FNybfr72wwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9WMlllcjN4QlVTVlcxUWVodDRGTnliZnI3Mncucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAgwDQYJKoZIhvcNAQELBQADggEB
AG6su1mNRqUr2Z8w1UZ+G+0rX8IPEWkM00jYETA7XyeEFLgnf4NCxumHGyAgAhra
6+zAxOa1Tq6rep2JvITpjLHKsJaMGpq+7QDgZH5TH/WTCScLNu9NyevVZTWUfSCH
onTo8BB9cRbMfGZ/OxFYfdyf3Wt0N+u15Io0dB3LCYylHdtrIcjIOhKAd/gCpOgv
KkKleF2cpfoEsUsTgIktuPhamzKWBeTH7EBYWNQZomuD9ojWlSJKpPUaTlwPfEA5
jpF1Vu+gL6GxsWnAkZRvwFW/YBT+7IxzeXQysxIxNZADqZmCe+gGkj4F4d5pYk4a
8ETxu84+5qEt0XEjLVQqqks=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org