Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/VwVwidRtWFotuX9MnRuD1kCk8jU.roa
File: VwVwidRtWFotuX9MnRuD1kCk8jU.roa (raw, json)
Hash identifier: XNOK5tESpOUOmSpEZsaU9ubByrwqGoNjBCMEIu8IRTw=
Subject key identifier: 57:05:70:89:D4:6D:58:5A:2D:B9:7F:4C:9D:1B:83:D6:40:A4:F2:35
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 436B
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/VwVwidRtWFotuX9MnRuD1kCk8jU.roa
Signing time: Sat 19 Feb 2022 00:30:07 +0000
ROA not before: Sat 19 Feb 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17259 (0x436b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 19 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=57057089D46D585A2DB97F4C9D1B83D640A4F235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:04:71:9a:47:2b:68:4a:5f:41:bc:70:a2:29:
ca:d3:89:d9:10:f5:ee:0f:90:e2:80:34:c6:49:6f:
da:8b:5c:1e:48:83:ed:fb:42:20:a8:54:0d:30:6e:
fc:ec:ac:d0:ba:64:ec:75:51:ed:64:ed:91:26:78:
0d:69:b5:26:4e:f1:48:b0:04:17:d8:a8:00:94:00:
ca:69:a3:55:44:93:e7:16:1d:59:b7:a3:95:6c:29:
52:6d:54:83:39:6d:65:b7:e3:80:1c:68:90:8a:55:
23:2f:43:95:ca:0b:76:2e:c6:ab:d4:77:7e:d1:61:
40:e9:b4:c4:47:20:aa:29:c7:21:05:f2:f6:c4:0b:
b7:41:50:cf:6d:d4:39:42:8f:36:88:39:e4:dc:aa:
c6:31:a1:a5:34:5c:6f:e1:bd:1f:14:67:e3:4a:1a:
00:0f:00:7a:12:88:68:94:e7:17:da:94:ff:e4:fa:
28:90:88:ee:77:17:2f:f1:62:82:a3:c3:d1:4f:4c:
7d:89:ed:87:3c:c8:de:42:f1:d1:99:cf:60:6a:cc:
03:46:54:1e:38:57:db:e3:15:d1:82:d4:28:8f:d2:
85:56:73:cc:3b:48:0c:b1:25:0b:03:3c:17:2b:a5:
1d:be:94:27:49:0e:d5:32:78:27:27:37:33:88:ab:
55:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:05:70:89:D4:6D:58:5A:2D:B9:7F:4C:9D:1B:83:D6:40:A4:F2:35
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/VwVwidRtWFotuX9MnRuD1kCk8jU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:15:38:5f:1b:3d:19:b0:51:97:3d:e5:07:60:5c:26:60:4b:
2a:54:6b:4c:de:7a:8d:f6:ef:a5:61:a0:6d:4d:c6:6f:d7:c7:
fe:14:02:10:1c:64:e7:af:46:6f:f2:b5:e5:1e:3d:19:9b:3f:
db:b8:4b:b2:ba:5a:6f:dd:ff:71:1f:4e:56:7c:f6:43:3b:13:
bd:4e:8b:b5:0c:19:a8:11:13:e6:2b:b4:e2:49:25:03:f5:e5:
54:43:f9:8a:0d:0d:74:94:1f:5f:58:de:5d:67:1f:19:8c:db:
6c:55:8a:49:44:55:00:d2:5d:af:bb:42:0c:ed:c7:f9:e0:f8:
1e:3f:17:32:6a:86:86:88:cb:98:a5:c7:58:ef:84:8d:3d:9e:
98:44:13:86:1f:eb:5a:ba:50:d4:6c:e2:b7:57:54:bd:e2:01:
f7:de:47:21:9d:8b:01:9f:c1:ed:f9:dc:19:3b:fe:53:e5:7d:
fa:27:72:23:c3:b2:6c:91:aa:24:da:2b:e1:58:a0:fa:a1:ee:
c8:16:41:f4:d0:4d:1e:2c:0d:3d:ad:2d:b6:f5:77:63:25:5d:
e2:b9:f3:c6:e4:ec:a5:9d:c3:8d:ea:fc:9a:2c:7c:79:b4:09:
a2:0f:de:8c:20:01:45:ee:69:ba:e2:65:d3:97:b8:4f:2e:c1:
6b:85:52:fc
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ2swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTkw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDU3MDU3MDg5RDQ2RDU4
NUEyREI5N0Y0QzlEMUI4M0Q2NDBBNEYyMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSBHGaRytoSl9BvHCiKcrTidkQ9e4PkOKANMZJb9qLXB5Ig+37
QiCoVA0wbvzsrNC6ZOx1Ue1k7ZEmeA1ptSZO8UiwBBfYqACUAMppo1VEk+cWHVm3
o5VsKVJtVIM5bWW344AcaJCKVSMvQ5XKC3YuxqvUd37RYUDptMRHIKopxyEF8vbE
C7dBUM9t1DlCjzaIOeTcqsYxoaU0XG/hvR8UZ+NKGgAPAHoSiGiU5xfalP/k+iiQ
iO53Fy/xYoKjw9FPTH2J7Yc8yN5C8dGZz2BqzANGVB44V9vjFdGC1CiP0oVWc8w7
SAyxJQsDPBcrpR2+lCdJDtUyeCcnNzOIq1VfAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUVwVwidRtWFotuX9MnRuD1kCk8jUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9Wd1Z3aWRSdFdGb3R1WDlNblJ1RDFrQ2s4alUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
ACwVOF8bPRmwUZc95QdgXCZgSypUa0zeeo3276VhoG1Nxm/Xx/4UAhAcZOevRm/y
teUePRmbP9u4S7K6Wm/d/3EfTlZ89kM7E71Oi7UMGagRE+YrtOJJJQP15VRD+YoN
DXSUH19Y3l1nHxmM22xViklEVQDSXa+7Qgztx/ng+B4/FzJqhoaIy5ilx1jvhI09
nphEE4Yf61q6UNRs4rdXVL3iAffeRyGdiwGfwe353Bk7/lPlffonciPDsmyRqiTa
K+FYoPqh7sgWQfTQTR4sDT2tLbb1d2MlXeK588bk7KWdw43q/JosfHm0CaIP3owg
AUXuabriZdOXuE8uwWuFUvw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org