Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/itHM61NjqupSP4v5-emKX9NFfFU.roa
File: itHM61NjqupSP4v5-emKX9NFfFU.roa (raw, json)
Hash identifier: YrOblWSL8RynashcO4BpdvhisVoxlmBo4Fr97zXeHDo=
Subject key identifier: 8A:D1:CC:EB:53:63:AA:EA:52:3F:8B:F9:F9:E9:8A:5F:D3:45:7C:55
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4576
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/itHM61NjqupSP4v5-emKX9NFfFU.roa
Signing time: Tue 29 Mar 2022 00:30:08 +0000
ROA not before: Tue 29 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17782 (0x4576)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 29 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=8AD1CCEB5363AAEA523F8BF9F9E98A5FD3457C55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1d:c6:05:97:71:9b:c2:f1:49:40:df:d2:2a:
65:b0:ce:1a:eb:9a:79:b0:c3:cf:95:32:ea:18:f6:
7a:67:14:14:30:bd:31:e9:75:e4:03:ba:c3:9e:ae:
68:6e:54:96:b2:c1:1a:38:f7:76:74:80:1b:11:19:
81:98:4c:11:80:bd:d5:af:43:23:80:2d:e1:73:ec:
e4:c8:09:3f:3e:75:9a:9c:0a:ff:dc:97:2f:41:9a:
a6:bd:de:e8:ec:95:27:13:92:6a:11:c4:48:6f:52:
23:0b:24:25:3c:35:1e:03:7b:e3:62:d4:01:bb:91:
f2:40:fc:20:e9:0c:6c:4c:78:e5:bf:c6:e2:b9:56:
5c:49:30:3b:75:14:b2:34:ab:f4:ac:96:02:ba:44:
97:24:ee:0b:d9:09:f1:a1:1c:86:a3:51:35:28:8e:
aa:5e:4c:90:ac:a3:5f:2a:cb:0a:cd:a5:a8:4f:ea:
b2:bf:77:ac:86:52:11:5e:f8:44:6e:a9:20:f7:e3:
a1:01:36:7c:35:1e:bb:aa:cc:9e:5c:24:5b:4d:91:
2a:ae:6d:3b:a9:c4:e6:6e:c1:d8:39:1e:c2:ef:3a:
ff:4a:74:52:45:45:a6:14:08:6c:d0:2c:f5:5d:b8:
72:c4:e3:e0:fc:fb:05:61:e0:8c:bb:c0:0e:d5:96:
41:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D1:CC:EB:53:63:AA:EA:52:3F:8B:F9:F9:E9:8A:5F:D3:45:7C:55
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/itHM61NjqupSP4v5-emKX9NFfFU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
38:2f:e2:72:3e:14:50:06:e2:92:e2:f9:a4:4c:00:a0:9b:e2:
2b:33:37:6e:67:6e:14:a8:45:ca:6c:e9:11:69:5c:f7:01:35:
63:8c:cd:99:91:d3:60:76:f7:67:ac:47:86:7b:fa:99:92:e9:
06:00:57:06:18:68:24:f2:ef:10:9d:42:22:21:1f:65:cb:a1:
6a:a8:a8:8e:a5:ac:26:7e:d6:99:5e:ad:34:bc:99:c5:28:cf:
f1:db:63:7a:8b:d3:ea:33:19:2e:c1:6f:74:a1:24:03:ca:08:
76:b9:26:1a:e0:9a:3d:d6:2e:26:26:8f:95:53:0b:da:4c:03:
be:aa:e9:3c:e8:53:b1:8a:20:31:1d:ef:d1:f0:8e:da:d1:2a:
8c:84:bb:8a:03:63:39:37:34:05:70:f6:d0:90:09:b5:7f:f6:
60:23:24:27:72:f7:96:a7:1d:50:52:11:99:89:53:01:af:b0:
f1:72:8e:2c:97:d4:04:2b:a5:3e:51:d0:18:de:8e:ad:b5:cf:
29:8e:f0:d8:4a:ca:82:75:09:d7:95:89:94:89:12:0c:b4:28:
3c:57:a8:32:06:05:d7:29:b7:35:36:01:3a:d5:e4:e9:3d:7a:
c6:dd:a9:e7:d5:3e:6a:88:ef:63:a3:35:a1:3e:5c:a0:f5:67:
1d:ef:d4:aa
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjkw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDhBRDFDQ0VCNTM2M0FB
RUE1MjNGOEJGOUY5RTk4QTVGRDM0NTdDNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7HcYFl3GbwvFJQN/SKmWwzhrrmnmww8+VMuoY9npnFBQwvTHp
deQDusOermhuVJaywRo493Z0gBsRGYGYTBGAvdWvQyOALeFz7OTICT8+dZqcCv/c
ly9Bmqa93ujslScTkmoRxEhvUiMLJCU8NR4De+Ni1AG7kfJA/CDpDGxMeOW/xuK5
VlxJMDt1FLI0q/SslgK6RJck7gvZCfGhHIajUTUojqpeTJCso18qywrNpahP6rK/
d6yGUhFe+ERuqSD346EBNnw1HruqzJ5cJFtNkSqubTupxOZuwdg5HsLvOv9KdFJF
RaYUCGzQLPVduHLE4+D8+wVh4Iy7wA7VlkGZAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUitHM61NjqupSP4v5+emKX9NFfFUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9pdEhNNjFOanF1cFNQNHY1LWVtS1g5TkZmRlUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
ADgv4nI+FFAG4pLi+aRMAKCb4iszN25nbhSoRcps6RFpXPcBNWOMzZmR02B292es
R4Z7+pmS6QYAVwYYaCTy7xCdQiIhH2XLoWqoqI6lrCZ+1plerTS8mcUoz/HbY3qL
0+ozGS7Bb3ShJAPKCHa5Jhrgmj3WLiYmj5VTC9pMA76q6TzoU7GKIDEd79HwjtrR
KoyEu4oDYzk3NAVw9tCQCbV/9mAjJCdy95anHVBSEZmJUwGvsPFyjiyX1AQrpT5R
0Bjejq21zymO8NhKyoJ1CdeViZSJEgy0KDxXqDIGBdcptzU2ATrV5Ok9esbdqefV
PmqI72OjNaE+XKD1Zx3v1Ko=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org