Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Zu5GHEcMeMzsnXNOpGc1HQdUaKc.roa
File: Zu5GHEcMeMzsnXNOpGc1HQdUaKc.roa (raw, json)
Hash identifier: NxUrWygRJ5pfjD4XeQ9ZT2LZxU0iusEMEBF/ohR2KW4=
Subject key identifier: 66:EE:46:1C:47:0C:78:CC:EC:9D:73:4E:A4:67:35:1D:07:54:68:A7
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4447
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Zu5GHEcMeMzsnXNOpGc1HQdUaKc.roa
Signing time: Mon 07 Mar 2022 00:30:11 +0000
ROA not before: Mon 07 Mar 2022 00:30:11 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17479 (0x4447)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 7 00:30:11 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=66EE461C470C78CCEC9D734EA467351D075468A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:10:10:c4:94:92:77:be:64:4c:80:f9:ce:97:
d2:0a:e5:2e:a0:3d:c8:6a:f2:9f:56:c7:c6:16:86:
3b:e4:13:cf:f1:50:1c:90:68:35:8a:7b:50:9d:9a:
35:90:0e:c4:97:55:aa:a2:82:32:a8:c2:9d:fa:49:
1d:0b:53:31:b4:24:eb:51:c3:43:bd:10:9c:0e:0e:
a6:ae:3a:95:fc:7a:bc:2f:a2:9e:e6:1e:27:6a:63:
ce:ed:41:d6:26:c3:d0:2b:dc:9c:10:fe:3c:ed:be:
be:93:57:63:2d:a8:55:3d:e7:7a:48:4c:a0:47:a6:
8d:90:32:ee:1e:de:86:e3:d2:72:79:a7:70:27:c8:
27:45:24:7b:98:f7:32:97:db:67:0e:8d:2d:6f:c1:
e3:17:5e:e4:31:3b:7e:0d:2c:f3:3e:06:bf:09:81:
e7:1e:cb:ac:b0:8c:0e:ac:0b:6a:c8:6a:39:b8:32:
16:b8:22:33:30:6b:bc:0e:9a:ba:ef:2a:fe:60:9c:
3b:89:31:2a:93:97:d4:15:09:eb:fa:44:5a:ac:e2:
9a:b0:c4:b9:c1:bc:ea:6b:0e:f4:4b:21:43:7c:d2:
44:1f:03:65:dc:05:25:90:37:0a:18:ed:1e:4e:64:
87:dd:bd:c2:64:17:bd:04:2c:4e:96:dc:da:67:53:
57:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:EE:46:1C:47:0C:78:CC:EC:9D:73:4E:A4:67:35:1D:07:54:68:A7
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Zu5GHEcMeMzsnXNOpGc1HQdUaKc.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
35:53:70:58:d6:67:05:70:0d:bd:ba:4e:5b:00:a6:b5:47:e7:
3b:03:39:3b:05:df:d3:f4:bb:e2:5c:90:16:5c:cb:2b:a3:a3:
57:68:cd:da:fd:d1:2b:30:74:56:d9:1c:dc:f6:dc:50:cc:b7:
bf:c8:c4:07:ca:72:f3:90:90:5b:ad:e4:f5:c2:93:7b:95:93:
f9:42:ff:b5:0d:db:dc:04:3f:b2:92:25:a9:15:93:6d:47:2b:
52:06:0f:f0:a6:21:38:85:12:45:22:1c:fa:97:84:ed:91:09:
a2:7c:d3:23:86:79:6f:a1:c1:8e:25:74:22:79:c6:f2:c3:9d:
57:8e:10:f6:56:72:c4:23:39:4d:18:d6:09:e7:21:85:ab:30:
9c:69:76:4b:d4:19:53:81:69:36:00:db:dc:8c:c4:dd:d8:a1:
ae:46:76:10:87:0e:62:97:10:1f:7e:28:65:6e:6d:5b:32:03:
7a:41:2f:7e:29:fd:2d:3a:5b:9e:a7:c7:89:3d:22:87:3f:06:
58:e7:a2:9c:22:36:5e:f2:ba:8f:e7:11:14:3d:ca:6d:50:3d:
24:ed:95:f7:27:6e:9c:5a:69:65:30:5c:c8:e9:49:98:2a:1f:
5c:e3:44:3e:c9:77:35:fa:38:06:d8:70:8b:09:cd:56:e7:b7:
54:58:3a:2f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICREcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDcw
MDMwMTFaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDY2RUU0NjFDNDcwQzc4
Q0NFQzlENzM0RUE0NjczNTFEMDc1NDY4QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGEBDElJJ3vmRMgPnOl9IK5S6gPchq8p9Wx8YWhjvkE8/xUByQ
aDWKe1CdmjWQDsSXVaqigjKowp36SR0LUzG0JOtRw0O9EJwODqauOpX8erwvop7m
HidqY87tQdYmw9Ar3JwQ/jztvr6TV2MtqFU953pITKBHpo2QMu4e3obj0nJ5p3An
yCdFJHuY9zKX22cOjS1vweMXXuQxO34NLPM+Br8Jgecey6ywjA6sC2rIajm4Mha4
IjMwa7wOmrrvKv5gnDuJMSqTl9QVCev6RFqs4pqwxLnBvOprDvRLIUN80kQfA2Xc
BSWQNwoY7R5OZIfdvcJkF70ELE6W3NpnU1f9AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUZu5GHEcMeMzsnXNOpGc1HQdUaKcwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9adTVHSEVjTWVNenNuWE5PcEdjMUhRZFVhS2Mucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ADVTcFjWZwVwDb26TlsAprVH5zsDOTsF39P0u+JckBZcyyujo1dozdr90SswdFbZ
HNz23FDMt7/IxAfKcvOQkFut5PXCk3uVk/lC/7UN29wEP7KSJakVk21HK1IGD/Cm
ITiFEkUiHPqXhO2RCaJ80yOGeW+hwY4ldCJ5xvLDnVeOEPZWcsQjOU0Y1gnnIYWr
MJxpdkvUGVOBaTYA29yMxN3Yoa5GdhCHDmKXEB9+KGVubVsyA3pBL34p/S06W56n
x4k9Ioc/BljnopwiNl7yuo/nERQ9ym1QPSTtlfcnbpxaaWUwXMjpSZgqH1zjRD7J
dzX6OAbYcIsJzVbnt1RYOi8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org