Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/h5ir3-AMt7aEz2puyc_bav94FbE.roa
File: h5ir3-AMt7aEz2puyc_bav94FbE.roa (raw, json)
Hash identifier: GcLBXRA7SpPFAI+MDKAvEPSqZVHsTacMAaoyyXzOvJg=
Subject key identifier: 87:98:AB:DF:E0:0C:B7:B6:84:CF:6A:6E:C9:CF:DB:6A:FF:78:15:B1
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43F7
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/h5ir3-AMt7aEz2puyc_bav94FbE.roa
Signing time: Tue 01 Mar 2022 00:30:11 +0000
ROA not before: Tue 01 Mar 2022 00:30:11 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17399 (0x43f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 1 00:30:11 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=8798ABDFE00CB7B684CF6A6EC9CFDB6AFF7815B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:14:92:5d:90:f1:cb:85:be:a6:f0:ab:99:d2:
52:2e:92:52:2d:6c:e0:cd:a5:11:41:88:01:10:f0:
31:22:94:90:7e:e3:0b:db:db:9d:30:58:9e:c7:d0:
6a:2b:11:54:61:f2:77:d2:10:5f:41:f2:c8:8a:06:
96:84:0e:21:de:f8:e8:01:fd:64:4b:38:fb:8e:3d:
a1:c9:c6:f7:4c:6e:4e:df:d5:97:be:68:0c:3a:b4:
e8:47:ef:19:d5:74:f2:2e:0f:a3:11:d3:3c:f5:fc:
68:b4:8f:4a:0b:2d:b3:89:85:6b:2e:d1:58:db:6d:
5f:fc:2f:09:22:e1:4f:7d:7f:32:ab:8c:22:b8:6b:
a8:a2:fd:03:53:8d:a8:db:7f:ee:bc:34:75:ec:ba:
79:b5:1a:54:1e:70:bb:b3:a7:bb:32:00:f7:70:a9:
e1:0c:69:70:7a:a0:a0:cd:93:bd:a2:fd:b7:20:30:
e5:a7:98:3c:df:43:cd:df:7b:98:c5:b0:1f:1b:47:
ed:72:ff:13:36:5c:fc:28:ad:44:81:de:4d:f4:75:
1d:e7:18:e4:93:77:61:36:f2:34:4c:03:d1:86:75:
b3:ee:9b:ab:77:8c:6d:d9:87:40:3f:8a:b0:2a:70:
9d:50:af:9b:50:1b:33:22:b0:d3:23:02:38:8e:c2:
8e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:98:AB:DF:E0:0C:B7:B6:84:CF:6A:6E:C9:CF:DB:6A:FF:78:15:B1
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/h5ir3-AMt7aEz2puyc_bav94FbE.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:d0:d7:76:b8:e2:d4:d0:8c:4e:3e:25:08:01:2a:0b:7e:8f:
40:12:24:e6:33:04:f5:fd:5b:83:bc:c5:2d:90:22:aa:d9:3d:
ba:bf:df:7c:b2:95:f7:f4:02:29:0c:66:cd:db:25:8a:a6:d2:
df:42:79:cb:9f:b1:d6:60:bf:73:99:d3:a0:29:4f:b8:e9:fb:
01:59:16:1f:39:b1:ad:24:3e:83:87:f7:ea:13:ef:d2:f2:b6:
bf:a3:25:9d:29:dc:a1:ad:5d:83:90:fa:f9:fd:a7:67:80:05:
15:11:99:70:7d:eb:04:38:36:5e:4f:75:dd:0d:54:78:cb:3c:
80:93:94:a3:be:37:f7:89:e8:16:f5:06:28:36:d3:5b:f2:9d:
6e:50:dd:10:aa:1d:3a:ae:6c:93:cd:ef:ad:97:18:05:d2:4e:
bc:41:24:c0:f2:4e:c8:5f:64:22:d8:a9:c9:ee:e4:3c:85:ed:
55:2d:10:83:65:66:6a:c3:e7:8f:e9:56:26:55:b2:16:79:71:
59:8d:5a:4a:e0:10:97:49:1d:e6:17:6a:96:cc:d9:a4:1e:a9:
4a:52:1d:33:ed:20:f5:ad:54:2c:8e:fa:54:8f:1b:87:ec:c1:
7f:89:2f:b3:e0:78:3f:64:b8:e0:78:82:49:e1:c2:24:3c:4e:
f0:57:5f:a7
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ/cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDEw
MDMwMTFaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDg3OThBQkRGRTAwQ0I3
QjY4NENGNkE2RUM5Q0ZEQjZBRkY3ODE1QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1FJJdkPHLhb6m8KuZ0lIuklItbODNpRFBiAEQ8DEilJB+4wvb
250wWJ7H0GorEVRh8nfSEF9B8siKBpaEDiHe+OgB/WRLOPuOPaHJxvdMbk7f1Ze+
aAw6tOhH7xnVdPIuD6MR0zz1/Gi0j0oLLbOJhWsu0VjbbV/8Lwki4U99fzKrjCK4
a6ii/QNTjajbf+68NHXsunm1GlQecLuzp7syAPdwqeEMaXB6oKDNk72i/bcgMOWn
mDzfQ83fe5jFsB8bR+1y/xM2XPworUSB3k30dR3nGOSTd2E28jRMA9GGdbPum6t3
jG3Zh0A/irAqcJ1Qr5tQGzMisNMjAjiOwo5rAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUh5ir3+AMt7aEz2puyc/bav94FbEwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9oNWlyMy1BTXQ3YUV6MnB1eWNfYmF2OTRGYkUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AKLQ13a44tTQjE4+JQgBKgt+j0ASJOYzBPX9W4O8xS2QIqrZPbq/33yylff0AikM
Zs3bJYqm0t9CecufsdZgv3OZ06ApT7jp+wFZFh85sa0kPoOH9+oT79Lytr+jJZ0p
3KGtXYOQ+vn9p2eABRURmXB96wQ4Nl5Pdd0NVHjLPICTlKO+N/eJ6Bb1Big201vy
nW5Q3RCqHTqubJPN762XGAXSTrxBJMDyTshfZCLYqcnu5DyF7VUtEINlZmrD54/p
ViZVshZ5cVmNWkrgEJdJHeYXapbM2aQeqUpSHTPtIPWtVCyO+lSPG4fswX+JL7Pg
eD9kuOB4gknhwiQ8TvBXX6c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org