Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/aasRJWENOPiJqsRcbhdztG0E75M.roa
File: aasRJWENOPiJqsRcbhdztG0E75M.roa (raw, json)
Hash identifier: ax+qidil3nQtqERFcr4hi26+32P8buHJty5gbjEWlX0=
Subject key identifier: 69:AB:11:25:61:0D:38:F8:89:AA:C4:5C:6E:17:73:B4:6D:04:EF:93
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4505
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/aasRJWENOPiJqsRcbhdztG0E75M.roa
Signing time: Mon 21 Mar 2022 00:30:05 +0000
ROA not before: Mon 21 Mar 2022 00:30:05 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17669 (0x4505)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 21 00:30:05 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=69AB1125610D38F889AAC45C6E1773B46D04EF93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:58:1b:f7:e0:85:c1:76:83:26:66:b9:17:aa:
4c:00:32:a6:94:b2:68:9f:e1:57:05:e8:3f:e2:1c:
1e:94:7d:66:5e:d2:6d:69:1a:21:b1:d1:2b:73:96:
55:2c:77:b5:43:de:71:c8:42:0f:29:33:b5:90:63:
a8:09:77:49:df:0c:25:b2:a5:ec:58:3e:6b:6e:45:
a3:65:c8:dc:8c:00:e2:9f:06:45:c7:b5:84:c4:85:
24:55:e7:1d:17:a2:18:30:a7:81:49:f9:68:91:6c:
5d:ca:fe:51:79:42:e0:4c:14:6f:7b:96:a5:6a:8b:
0c:80:3d:ea:75:94:b8:fa:53:80:f7:81:d4:35:1a:
ba:83:1e:58:86:7a:9c:ea:b0:8c:fc:3c:ae:e9:09:
56:6d:90:62:37:54:26:8f:ea:4c:bf:e5:dc:17:fd:
70:e2:60:e6:74:53:f4:3e:ca:31:e8:a4:b3:1e:23:
99:44:72:a5:57:24:6a:74:d6:27:34:75:d6:87:1f:
3e:ad:80:e9:2b:87:97:7e:4e:e1:ca:8e:27:52:58:
2f:85:f9:65:22:95:02:42:7c:91:d2:8c:eb:e7:75:
84:05:72:e3:99:6a:fa:2c:df:97:c8:9a:b4:ca:8b:
38:0e:0f:15:9d:70:5f:1f:ec:22:c0:78:c4:df:16:
27:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AB:11:25:61:0D:38:F8:89:AA:C4:5C:6E:17:73:B4:6D:04:EF:93
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/aasRJWENOPiJqsRcbhdztG0E75M.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
09:fb:3f:a2:3a:e0:52:19:f1:45:50:ba:11:cc:a5:03:d0:f7:
83:45:d9:35:9b:6b:a2:4a:cd:7b:6f:7e:8f:ee:94:0f:68:62:
fe:e9:95:a1:ad:79:e4:6d:54:d0:31:78:e8:8f:30:fa:1b:36:
de:1e:9f:6b:ff:5d:08:9d:77:c3:e2:d0:b7:4d:a6:08:0f:86:
ec:0f:fd:83:78:fd:9b:24:42:e1:7c:5b:f8:af:66:25:b6:e7:
c5:10:e0:de:0b:fb:4d:1d:40:e9:d1:b8:27:bb:9f:53:59:e1:
48:eb:0e:c3:af:ea:bc:f0:79:ac:3f:79:4d:45:6c:18:92:f4:
32:95:d8:b8:db:6a:de:5c:85:35:13:aa:97:13:00:78:4f:2f:
2e:e4:f8:36:c2:7c:3c:7a:6d:19:99:d0:0e:a1:07:76:03:cd:
41:dd:41:b3:6c:72:95:d0:aa:7c:74:6b:58:cc:3a:7d:49:79:
45:15:6a:fb:86:12:62:a3:96:42:d6:65:d2:46:5d:40:f1:30:
2a:01:7c:3c:63:c3:2d:77:2d:99:33:9f:b0:af:98:f3:32:c3:
ce:9d:a8:a2:50:e6:a6:6f:ea:f6:0f:7c:81:aa:13:2e:f9:56:
a8:1b:c9:94:6d:e1:38:c5:d1:17:ce:63:30:85:e7:f5:fa:fd:
e6:bd:e3:06
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjEw
MDMwMDVaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDY5QUIxMTI1NjEwRDM4
Rjg4OUFBQzQ1QzZFMTc3M0I0NkQwNEVGOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyWBv34IXBdoMmZrkXqkwAMqaUsmif4VcF6D/iHB6UfWZe0m1p
GiGx0StzllUsd7VD3nHIQg8pM7WQY6gJd0nfDCWypexYPmtuRaNlyNyMAOKfBkXH
tYTEhSRV5x0Xohgwp4FJ+WiRbF3K/lF5QuBMFG97lqVqiwyAPep1lLj6U4D3gdQ1
GrqDHliGepzqsIz8PK7pCVZtkGI3VCaP6ky/5dwX/XDiYOZ0U/Q+yjHopLMeI5lE
cqVXJGp01ic0ddaHHz6tgOkrh5d+TuHKjidSWC+F+WUilQJCfJHSjOvndYQFcuOZ
avos35fImrTKizgODxWdcF8f7CLAeMTfFiePAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUaasRJWENOPiJqsRcbhdztG0E75MwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9hYXNSSldFTk9QaUpxc1JjYmhkenRHMEU3NU0ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AAn7P6I64FIZ8UVQuhHMpQPQ94NF2TWba6JKzXtvfo/ulA9oYv7plaGteeRtVNAx
eOiPMPobNt4en2v/XQidd8Pi0LdNpggPhuwP/YN4/ZskQuF8W/ivZiW258UQ4N4L
+00dQOnRuCe7n1NZ4UjrDsOv6rzweaw/eU1FbBiS9DKV2Ljbat5chTUTqpcTAHhP
Ly7k+DbCfDx6bRmZ0A6hB3YDzUHdQbNscpXQqnx0a1jMOn1JeUUVavuGEmKjlkLW
ZdJGXUDxMCoBfDxjwy13LZkzn7CvmPMyw86dqKJQ5qZv6vYPfIGqEy75VqgbyZRt
4TjF0RfOYzCF5/X6/ea94wY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org