Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/aPkojAQfUMhtTp6GVo-xdJ7VVLc.roa
File: aPkojAQfUMhtTp6GVo-xdJ7VVLc.roa (raw, json)
Hash identifier: ldaZ0mIcFxG0kfkXPf3pdNXHKCGhxbA56mt05R45Tig=
Subject key identifier: 68:F9:28:8C:04:1F:50:C8:6D:4E:9E:86:56:8F:B1:74:9E:D5:54:B7
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4808
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/aPkojAQfUMhtTp6GVo-xdJ7VVLc.roa
Signing time: Sun 15 May 2022 00:30:05 +0000
ROA not before: Sun 15 May 2022 00:30:05 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18440 (0x4808)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 15 00:30:05 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=68F9288C041F50C86D4E9E86568FB1749ED554B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:eb:19:b0:ee:57:a9:c2:3e:51:cc:2c:94:95:
0c:96:c2:98:82:b9:4c:ed:c8:62:e0:08:c2:54:d9:
f6:22:1b:39:c2:0e:51:26:63:96:1d:6e:50:33:8e:
d1:6c:56:56:24:53:5d:e4:d5:37:91:2b:52:95:49:
93:cf:7f:bb:b6:33:d7:6e:ca:da:26:a1:25:6a:80:
0d:b4:06:f3:03:5d:7a:36:43:f0:bb:15:77:d9:26:
12:ba:b1:ea:35:54:be:33:d5:4d:7a:0c:be:c3:e5:
b0:34:e8:f2:fb:d7:a5:76:7a:b9:87:e9:98:a0:df:
2d:d7:12:14:42:59:a5:13:9e:b4:61:10:37:ed:51:
d1:b5:26:b0:2a:00:d2:01:b1:05:6d:95:11:4e:f6:
31:62:69:24:5e:6a:c2:45:f6:c8:a1:39:20:cc:f6:
d5:73:a1:21:7b:ce:99:30:ce:ba:b4:84:50:2b:dc:
a8:36:57:3c:04:ad:19:8d:14:fa:25:7a:dd:5f:de:
b4:9b:d0:42:40:34:53:a2:d4:15:a2:df:bc:69:37:
5e:68:20:7a:05:8f:3a:f8:db:07:79:39:d7:9f:de:
03:38:6b:32:09:93:f1:ab:8f:4e:b1:1f:f7:e5:92:
6a:8f:be:d1:1f:8d:49:c7:bd:67:b3:2f:70:81:8e:
da:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F9:28:8C:04:1F:50:C8:6D:4E:9E:86:56:8F:B1:74:9E:D5:54:B7
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/aPkojAQfUMhtTp6GVo-xdJ7VVLc.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
55:08:b8:c2:ff:15:6e:01:9b:ea:c1:6d:66:8d:bd:c0:cc:b7:
f2:aa:70:b6:0e:3d:05:61:95:91:16:99:52:ff:0a:f1:54:ee:
d0:46:53:1c:26:b2:98:a4:78:07:d6:eb:bd:ed:13:09:63:7a:
43:5e:b7:fb:c2:dc:5c:57:4c:0c:b9:d6:45:8e:6c:ae:34:47:
99:c1:07:a4:78:35:c5:61:ff:b5:96:92:29:e1:91:c7:72:dc:
67:82:98:1d:76:2f:7a:84:28:42:fc:7c:ad:bc:bb:18:30:d7:
da:b1:33:b8:c7:b9:3e:d6:87:47:c2:e2:9d:86:86:88:9d:0c:
d5:23:13:dd:75:79:0f:d0:dd:2e:32:f6:ec:35:e6:31:a1:14:
eb:17:f5:96:10:cc:de:71:27:1c:a2:1a:7f:d4:44:9d:0a:24:
b2:e0:27:e6:33:eb:d1:e5:11:5e:e2:6d:f6:8c:1a:ba:7d:ce:
da:05:77:bc:c9:02:0c:43:a4:89:81:2b:69:e8:0c:bd:a4:9e:
c0:da:55:d7:d0:18:27:0a:5d:33:75:10:05:7b:94:fd:72:3b:
7b:8a:6d:92:0b:f3:6c:49:9d:00:21:75:47:e0:ed:92:38:61:
6e:14:da:03:d6:f7:7e:0a:41:dd:46:c8:9a:a7:ec:7e:d0:9c:
b8:d6:e1:0c
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSAgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MTUw
MDMwMDVaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDY4RjkyODhDMDQxRjUw
Qzg2RDRFOUU4NjU2OEZCMTc0OUVENTU0QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCg6xmw7lepwj5RzCyUlQyWwpiCuUztyGLgCMJU2fYiGznCDlEm
Y5YdblAzjtFsVlYkU13k1TeRK1KVSZPPf7u2M9duytomoSVqgA20BvMDXXo2Q/C7
FXfZJhK6seo1VL4z1U16DL7D5bA06PL716V2ermH6Zig3y3XEhRCWaUTnrRhEDft
UdG1JrAqANIBsQVtlRFO9jFiaSReasJF9sihOSDM9tVzoSF7zpkwzrq0hFAr3Kg2
VzwErRmNFPolet1f3rSb0EJANFOi1BWi37xpN15oIHoFjzr42wd5Odef3gM4azIJ
k/Grj06xH/flkmqPvtEfjUnHvWezL3CBjtoFAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUaPkojAQfUMhtTp6GVo+xdJ7VVLcwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9hUGtvakFRZlVNaHRUcDZHVm8teGRKN1ZWTGMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AFUIuML/FW4Bm+rBbWaNvcDMt/KqcLYOPQVhlZEWmVL/CvFU7tBGUxwmspikeAfW
673tEwljekNet/vC3FxXTAy51kWObK40R5nBB6R4NcVh/7WWkinhkcdy3GeCmB12
L3qEKEL8fK28uxgw19qxM7jHuT7Wh0fC4p2GhoidDNUjE911eQ/Q3S4y9uw15jGh
FOsX9ZYQzN5xJxyiGn/URJ0KJLLgJ+Yz69HlEV7ibfaMGrp9ztoFd7zJAgxDpImB
K2noDL2knsDaVdfQGCcKXTN1EAV7lP1yO3uKbZIL82xJnQAhdUfg7ZI4YW4U2gPW
934KQd1GyJqn7H7QnLjW4Qw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org