Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/h0NG1eAfw0Z4RHMxgTCotalz8No.roa
File: h0NG1eAfw0Z4RHMxgTCotalz8No.roa (raw, json)
Hash identifier: 8RKtAvwut+GWrFaPZUn+J+QoE3bw54GZYemGTGqwSz4=
Subject key identifier: 87:43:46:D5:E0:1F:C3:46:78:44:73:31:81:30:A8:B5:A9:73:F0:DA
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 464F
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/h0NG1eAfw0Z4RHMxgTCotalz8No.roa
Signing time: Wed 13 Apr 2022 00:30:08 +0000
ROA not before: Wed 13 Apr 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17999 (0x464f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 13 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=874346D5E01FC346784473318130A8B5A973F0DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b7:6e:25:31:47:c3:55:a8:37:ef:ce:72:91:
b0:74:b6:20:dd:ee:55:42:ae:c7:ee:3c:0f:49:75:
66:a2:d8:d5:96:cb:10:e9:5a:34:8b:d2:1d:45:b8:
3b:69:03:57:02:7f:0c:ec:0d:18:7d:63:a9:fe:9e:
40:14:09:15:dc:cd:ca:d8:fb:94:82:21:6d:28:ba:
34:60:83:5d:90:89:ee:ff:cd:dc:ed:d6:6b:5a:21:
5f:b3:a8:03:c6:2d:20:ed:4f:5b:ac:dd:18:8f:b0:
14:59:b8:bc:fd:5e:4d:80:b6:07:b7:18:3d:d7:18:
0f:87:90:2e:5f:2d:2c:bd:bf:2e:6e:39:bf:4d:3e:
3c:28:20:63:ae:b3:52:76:71:34:1b:12:dc:ae:3b:
f9:0b:bc:ee:e5:80:80:92:34:ee:11:23:5c:31:d6:
c0:0b:3b:52:ff:89:29:0b:69:d8:01:56:49:6e:34:
5c:16:52:e2:e2:63:64:65:f6:71:53:2f:9a:dc:0b:
bd:81:f7:9c:92:78:b8:38:a7:d5:ff:d7:0d:2e:bd:
a2:89:dd:fc:f4:58:0f:9d:36:ab:5b:56:26:78:d7:
a7:59:22:27:95:29:7e:5c:c2:69:0e:87:38:a4:0a:
10:d4:e1:d2:c5:cc:0a:69:11:b0:3e:4a:e8:36:16:
db:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:43:46:D5:E0:1F:C3:46:78:44:73:31:81:30:A8:B5:A9:73:F0:DA
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/h0NG1eAfw0Z4RHMxgTCotalz8No.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:6d:b5:86:4d:8b:93:e3:0f:e1:2e:ec:16:06:09:3a:d9:4a:
a7:a4:be:a2:07:69:5e:85:a6:de:f9:d5:bb:99:79:eb:6d:63:
24:f9:ac:f4:28:ee:cd:ee:23:00:dd:9d:8c:6e:41:80:dd:27:
c2:13:21:93:21:00:7b:76:f5:2c:db:be:da:1b:d3:b0:f0:76:
1f:d8:3c:15:de:91:75:42:cc:20:8a:57:d0:55:22:5c:b8:18:
ff:80:5d:71:d6:ef:29:20:a4:3e:74:72:0b:7d:a1:d8:d0:3c:
4c:f8:b0:9f:89:c6:ac:5d:6f:6b:c7:11:f2:a5:20:92:49:66:
cb:93:f8:ea:f2:0e:b0:af:d7:03:9e:93:71:48:b8:db:8c:50:
b8:95:3a:be:bc:63:56:fa:9f:c6:3c:28:2a:1c:ee:e6:b9:7f:
ae:2d:7c:f8:dc:81:76:98:31:65:d0:49:b2:53:41:8c:7d:b1:
bd:2d:92:08:86:aa:61:9b:58:ea:15:6e:97:4c:d9:06:e2:0d:
97:f7:c8:95:ad:ae:0d:f5:ef:56:e9:74:e3:af:4f:c8:03:d4:
be:d9:83:db:c0:a3:3e:88:52:22:ac:8a:a8:45:5f:91:cf:b7:
e2:4b:e7:0c:aa:97:b8:fb:32:0f:c0:7a:6b:a5:0a:92:57:ba:
a6:3d:ce:f4
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRk8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MTMw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDg3NDM0NkQ1RTAxRkMz
NDY3ODQ0NzMzMTgxMzBBOEI1QTk3M0YwREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnt24lMUfDVag3785ykbB0tiDd7lVCrsfuPA9JdWai2NWWyxDp
WjSL0h1FuDtpA1cCfwzsDRh9Y6n+nkAUCRXczcrY+5SCIW0oujRgg12Qie7/zdzt
1mtaIV+zqAPGLSDtT1us3RiPsBRZuLz9Xk2Atge3GD3XGA+HkC5fLSy9vy5uOb9N
PjwoIGOus1J2cTQbEtyuO/kLvO7lgICSNO4RI1wx1sALO1L/iSkLadgBVkluNFwW
UuLiY2Rl9nFTL5rcC72B95ySeLg4p9X/1w0uvaKJ3fz0WA+dNqtbViZ416dZIieV
KX5cwmkOhzikChDU4dLFzAppEbA+Sug2FtvJAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUh0NG1eAfw0Z4RHMxgTCotalz8NowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9oME5HMWVBZncwWjRSSE14Z1RDb3RhbHo4Tm8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AA5ttYZNi5PjD+Eu7BYGCTrZSqekvqIHaV6Fpt751buZeettYyT5rPQo7s3uIwDd
nYxuQYDdJ8ITIZMhAHt29Szbvtob07Dwdh/YPBXekXVCzCCKV9BVIly4GP+AXXHW
7ykgpD50cgt9odjQPEz4sJ+Jxqxdb2vHEfKlIJJJZsuT+OryDrCv1wOek3FIuNuM
ULiVOr68Y1b6n8Y8KCoc7ua5f64tfPjcgXaYMWXQSbJTQYx9sb0tkgiGqmGbWOoV
bpdM2QbiDZf3yJWtrg3171bpdOOvT8gD1L7Zg9vAoz6IUiKsiqhFX5HPt+JL5wyq
l7j7Mg/AemulCpJXuqY9zvQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org