Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/ahBIwuFgMjKD48ey5L3xqLV64po.roa
File: ahBIwuFgMjKD48ey5L3xqLV64po.roa (raw, json)
Hash identifier: kJ0WwP2SdaKyRIjKZad3s5kJb1CnDKMUlF0MHdolRGU=
Subject key identifier: 6A:10:48:C2:E1:60:32:32:83:E3:C7:B2:E4:BD:F1:A8:B5:7A:E2:9A
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4289
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ahBIwuFgMjKD48ey5L3xqLV64po.roa
Signing time: Thu 03 Feb 2022 00:30:06 +0000
ROA not before: Thu 03 Feb 2022 00:30:06 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17033 (0x4289)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 3 00:30:06 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=6A1048C2E160323283E3C7B2E4BDF1A8B57AE29A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d0:2a:22:8e:b0:1c:36:42:c4:ce:05:07:c7:
46:ed:11:55:6b:03:4d:bf:24:04:9a:83:e5:fe:b6:
a8:96:6b:94:e1:9c:97:3f:a0:a6:4d:71:cb:ac:a9:
6e:90:a3:d8:f9:a4:0f:19:78:6e:d2:14:cf:b7:cd:
a9:a1:66:a2:27:74:9d:cf:17:9a:dc:e8:7f:ee:2a:
d5:dc:65:62:4b:d1:53:04:51:7f:2b:e8:1a:91:96:
16:4b:b3:25:0d:07:25:f5:ce:54:65:dd:bb:ed:5a:
18:4a:6b:13:a9:39:70:b7:e0:26:f5:27:3c:ad:58:
f9:ab:99:a8:e0:de:bb:c1:65:49:79:87:a2:11:bc:
26:60:27:59:74:90:d0:49:57:af:5b:e2:dd:a1:a5:
6d:b4:a1:f2:12:b0:5e:53:c7:dd:72:79:7c:99:58:
26:86:59:5c:bb:e1:c3:6c:b4:95:e5:80:56:a0:6f:
65:06:de:3c:95:6a:94:c4:76:b6:1c:18:32:0d:24:
2f:fa:19:71:9e:6e:49:6f:59:03:06:4e:ed:e2:64:
0d:2e:0e:cb:63:b9:54:19:30:ee:21:1a:73:7a:e0:
c3:b7:4f:2d:24:f1:6b:42:80:db:68:5f:85:08:d1:
b8:29:70:ba:31:f6:f0:9b:06:aa:9b:64:e1:db:1a:
1a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:10:48:C2:E1:60:32:32:83:E3:C7:B2:E4:BD:F1:A8:B5:7A:E2:9A
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ahBIwuFgMjKD48ey5L3xqLV64po.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
41:12:6f:89:5e:8a:4c:f1:30:3b:8c:1d:b1:91:d8:1a:5b:dc:
fe:d9:1b:0f:54:c1:65:34:6b:3d:0f:82:ef:80:4e:88:b5:94:
90:07:1c:db:1c:b2:c9:60:4f:46:8b:77:96:86:57:2e:11:c3:
a2:a8:6d:14:76:28:b7:77:d2:bb:0c:96:ba:4a:9f:92:5f:10:
01:84:c6:b6:a7:59:73:89:c5:d6:20:32:35:12:f8:c0:27:cf:
41:30:c4:48:68:ce:24:7d:8e:c3:14:bf:19:05:76:b0:72:5c:
ae:4f:87:d8:6b:78:78:a0:c3:4d:78:a0:04:8c:65:ab:de:90:
4a:07:cd:98:48:19:1d:d8:91:95:04:90:1f:d4:08:aa:dd:4a:
24:77:c8:31:4f:51:0d:bc:a9:7f:ac:2a:44:e1:9a:23:33:96:
23:20:a2:1a:b9:41:e1:20:40:53:ee:a9:b8:60:61:0a:e4:33:
8f:a3:7f:6a:e5:6e:6f:ce:d4:25:e7:60:7c:4d:b7:03:b4:d0:
3f:d0:23:49:37:9a:6f:85:57:c6:c2:f2:dc:c4:8b:f8:b6:44:
f7:ce:e9:c4:7e:04:26:25:16:88:93:71:78:df:0c:85:d6:5a:
44:59:4e:5d:29:22:47:f4:13:82:c3:26:5c:a3:21:3b:67:58:
8e:03:b2:6b
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQokwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDMw
MDMwMDZaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDZBMTA0OEMyRTE2MDMy
MzI4M0UzQzdCMkU0QkRGMUE4QjU3QUUyOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCe0CoijrAcNkLEzgUHx0btEVVrA02/JASag+X+tqiWa5ThnJc/
oKZNccusqW6Qo9j5pA8ZeG7SFM+3zamhZqIndJ3PF5rc6H/uKtXcZWJL0VMEUX8r
6BqRlhZLsyUNByX1zlRl3bvtWhhKaxOpOXC34Cb1JzytWPmrmajg3rvBZUl5h6IR
vCZgJ1l0kNBJV69b4t2hpW20ofISsF5Tx91yeXyZWCaGWVy74cNstJXlgFagb2UG
3jyVapTEdrYcGDINJC/6GXGebklvWQMGTu3iZA0uDstjuVQZMO4hGnN64MO3Ty0k
8WtCgNtoX4UI0bgpcLox9vCbBqqbZOHbGhoFAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUahBIwuFgMjKD48ey5L3xqLV64powHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9haEJJd3VGZ01qS0Q0OGV5NUwzeHFMVjY0cG8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
AEESb4leikzxMDuMHbGR2Bpb3P7ZGw9UwWU0az0Pgu+AToi1lJAHHNscsslgT0aL
d5aGVy4Rw6KobRR2KLd30rsMlrpKn5JfEAGExranWXOJxdYgMjUS+MAnz0EwxEho
ziR9jsMUvxkFdrByXK5Ph9hreHigw014oASMZavekEoHzZhIGR3YkZUEkB/UCKrd
SiR3yDFPUQ28qX+sKkThmiMzliMgohq5QeEgQFPuqbhgYQrkM4+jf2rlbm/O1CXn
YHxNtwO00D/QI0k3mm+FV8bC8tzEi/i2RPfO6cR+BCYlFoiTcXjfDIXWWkRZTl0p
Ikf0E4LDJlyjITtnWI4Dsms=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org