Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/gnh047bdy13RcOrFJV8WXrXQRCA.roa
File: gnh047bdy13RcOrFJV8WXrXQRCA.roa (raw, json)
Hash identifier: xNpkNC8dQ22HLQcFuDIZQb8G+V9X2UgzmMzxCvvuMwQ=
Subject key identifier: 82:78:74:E3:B6:DD:CB:5D:D1:70:EA:C5:25:5F:16:5E:B5:D0:44:20
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 431B
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/gnh047bdy13RcOrFJV8WXrXQRCA.roa
Signing time: Sun 13 Feb 2022 00:30:09 +0000
ROA not before: Sun 13 Feb 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17179 (0x431b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 13 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=827874E3B6DDCB5DD170EAC5255F165EB5D04420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e1:29:35:e4:d3:7e:fd:f9:97:30:b9:13:a2:
a7:9f:bf:f2:ff:4c:41:ec:0f:d9:6a:4b:9e:d5:6c:
d5:10:26:af:15:1a:38:07:55:ec:d8:9e:db:0d:ac:
99:ce:fa:6a:b7:31:76:2c:76:2f:13:c5:64:46:11:
bb:d8:4d:bb:02:32:72:d1:04:c7:cc:5b:b7:06:2a:
2a:a7:e2:bb:7a:33:99:52:a2:3d:45:a5:23:52:44:
d0:05:0f:3c:9a:7e:f5:83:dd:33:a2:cf:fb:93:3d:
05:29:03:81:97:02:43:c4:2e:57:50:8c:4b:93:aa:
b7:5e:45:53:8d:9e:5b:fa:ca:2a:2e:25:da:a3:0b:
44:13:17:5c:7c:20:33:22:b3:2f:02:cd:32:41:26:
2f:f6:df:4d:92:50:cd:65:93:66:b7:a3:e2:12:6d:
7e:65:82:ad:5d:0d:13:ee:3f:1d:36:40:57:fe:d7:
81:26:01:7c:cf:42:c6:34:6d:c3:5f:7b:4a:19:23:
f4:23:98:40:c0:4b:d9:a5:dd:69:1b:85:eb:36:10:
2f:31:98:82:eb:67:fb:4d:8f:a9:3d:99:f3:a9:3b:
6f:35:07:7b:5d:c7:07:5c:a6:5b:8d:e2:e8:ce:15:
6a:c6:90:9c:f1:ba:40:b9:0a:26:64:83:31:cf:e6:
2b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:78:74:E3:B6:DD:CB:5D:D1:70:EA:C5:25:5F:16:5E:B5:D0:44:20
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/gnh047bdy13RcOrFJV8WXrXQRCA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
11:e3:8d:86:b3:fc:81:a7:10:29:61:d5:61:df:c9:c9:e6:6b:
26:cc:6e:fd:6a:11:15:0d:ad:b2:9c:c2:91:d7:55:aa:0e:c8:
8a:37:75:db:0e:d7:12:41:30:2f:d3:93:54:e8:a4:32:e6:81:
47:e2:cb:67:87:1f:ef:37:15:4e:6b:64:45:08:2f:63:ff:b1:
d0:e1:b5:f6:7d:bf:1e:b0:34:b9:c6:ee:75:0e:4b:68:9b:27:
9c:90:bc:06:78:79:c7:53:29:3d:72:52:b7:91:9e:3a:69:0d:
3f:38:89:9f:8d:fd:4b:52:26:4f:ca:24:08:4d:5d:66:ce:6e:
43:e9:2d:fc:dd:30:e2:04:da:03:fc:5b:72:d8:76:85:4f:dc:
e4:e1:db:39:f7:54:60:51:43:20:2f:d4:2f:f2:d6:68:86:ea:
62:ba:fc:62:3b:a9:6a:5e:4b:b6:40:f5:63:3f:b8:38:60:e3:
de:b2:63:8f:bf:94:c5:40:6e:13:90:57:da:0c:58:31:56:c6:
1e:7c:c7:b2:fc:3b:ce:c4:e1:ad:e4:3e:ef:57:a7:96:bd:18:
5e:dd:77:9c:7d:10:2f:72:5b:de:fa:ca:6b:fe:d4:b9:8e:57:
13:fe:29:b3:55:54:e8:ab:8a:03:a1:fa:ad:0c:6d:49:b9:31:
c3:1f:02:86
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQxswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTMw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDgyNzg3NEUzQjZERENC
NUREMTcwRUFDNTI1NUYxNjVFQjVEMDQ0MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu4Sk15NN+/fmXMLkToqefv/L/TEHsD9lqS57VbNUQJq8VGjgH
VezYntsNrJnO+mq3MXYsdi8TxWRGEbvYTbsCMnLRBMfMW7cGKiqn4rt6M5lSoj1F
pSNSRNAFDzyafvWD3TOiz/uTPQUpA4GXAkPELldQjEuTqrdeRVONnlv6yiouJdqj
C0QTF1x8IDMisy8CzTJBJi/2302SUM1lk2a3o+ISbX5lgq1dDRPuPx02QFf+14Em
AXzPQsY0bcNfe0oZI/QjmEDAS9ml3Wkbhes2EC8xmILrZ/tNj6k9mfOpO281B3td
xwdcpluN4ujOFWrGkJzxukC5CiZkgzHP5ivlAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUgnh047bdy13RcOrFJV8WXrXQRCAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9nbmgwNDdiZHkxM1JjT3JGSlY4V1hyWFFSQ0Eucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
ABHjjYaz/IGnEClh1WHfycnmaybMbv1qERUNrbKcwpHXVaoOyIo3ddsO1xJBMC/T
k1TopDLmgUfiy2eHH+83FU5rZEUIL2P/sdDhtfZ9vx6wNLnG7nUOS2ibJ5yQvAZ4
ecdTKT1yUreRnjppDT84iZ+N/UtSJk/KJAhNXWbObkPpLfzdMOIE2gP8W3LYdoVP
3OTh2zn3VGBRQyAv1C/y1miG6mK6/GI7qWpeS7ZA9WM/uDhg496yY4+/lMVAbhOQ
V9oMWDFWxh58x7L8O87E4a3kPu9Xp5a9GF7dd5x9EC9yW976ymv+1LmOVxP+KbNV
VOirigOh+q0MbUm5McMfAoY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org