Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/jYP7Z55gJHGqEM0Vm6XUet1w3po.roa
File: jYP7Z55gJHGqEM0Vm6XUet1w3po.roa (raw, json)
Hash identifier: eNgVU0dSV3BrDtjoJQmB90bIhipysQBPB3W0DcKwSws=
Subject key identifier: 8D:83:FB:67:9E:60:24:71:AA:10:CD:15:9B:A5:D4:7A:DD:70:DE:9A
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 478B
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/jYP7Z55gJHGqEM0Vm6XUet1w3po.roa
Signing time: Fri 06 May 2022 00:30:05 +0000
ROA not before: Fri 06 May 2022 00:30:05 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18315 (0x478b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 6 00:30:05 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=8D83FB679E602471AA10CD159BA5D47ADD70DE9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ee:94:fc:58:97:84:5a:5c:73:21:c4:a7:9e:
5b:89:a5:81:6e:cb:ce:d6:f5:f0:37:9d:e8:47:64:
1b:46:18:bf:fe:e3:9f:1d:b8:a6:5f:10:a0:53:7a:
63:b2:f0:62:57:fc:7b:55:84:ed:4d:35:04:8f:60:
19:e5:78:fe:ed:ac:b2:a1:e1:8f:50:48:43:21:48:
3e:72:64:3a:5f:48:d1:a9:2e:64:0a:8d:58:05:17:
08:14:74:f6:98:f1:dd:07:c7:ce:12:32:ae:b5:d3:
d0:50:8e:2e:2c:e6:7e:cf:bb:0d:10:8f:2d:7e:e5:
13:01:40:e3:54:8d:d8:3a:d8:19:05:ba:88:f7:95:
58:41:8b:cd:52:21:6a:6d:36:cf:1e:97:a6:aa:f6:
c8:1d:bf:5a:e3:ec:69:2d:a3:12:bf:2d:6f:55:eb:
24:2f:54:0e:d9:6a:c3:11:7b:bd:67:95:d9:28:f3:
d7:03:e9:78:e6:f0:03:8a:e1:de:a2:34:71:f2:d3:
9c:38:39:0a:54:50:31:6b:8a:fc:35:7e:e5:7f:c9:
79:21:ec:ac:d3:5e:ac:d3:a9:1f:01:2d:71:6e:2c:
af:81:16:09:7b:bc:57:0c:dc:cb:ea:f7:4d:99:88:
83:3f:66:12:71:39:a1:63:37:2c:fa:82:1c:5e:44:
3d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:83:FB:67:9E:60:24:71:AA:10:CD:15:9B:A5:D4:7A:DD:70:DE:9A
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/jYP7Z55gJHGqEM0Vm6XUet1w3po.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
66:36:5e:30:00:3c:f1:f0:07:86:fb:1b:38:a6:1d:71:7e:0b:
d2:64:35:57:87:ab:6e:50:cf:2c:07:36:d5:09:60:4a:f0:09:
47:a1:7c:e0:20:8f:82:10:eb:21:95:59:75:89:f9:e4:f1:19:
4f:a9:ec:31:c3:74:7d:e4:96:70:80:b3:d0:4a:36:d2:f7:87:
b7:2c:8a:2b:54:f5:5f:f2:95:fd:ab:e8:48:d0:ec:4b:cb:25:
cf:8d:1b:70:0c:33:f5:85:86:d3:b2:5d:69:27:88:d6:29:5c:
bd:f5:72:53:58:61:47:14:10:c8:02:5b:88:b7:0e:85:fd:a9:
fa:4e:31:16:be:61:55:55:c8:6c:d7:cf:71:19:82:6b:07:64:
17:e6:9d:b1:24:59:8e:75:69:c8:9e:17:6c:ef:eb:96:16:49:
01:58:e3:d0:6a:3a:b6:ad:83:73:d6:5b:3f:2d:66:81:52:8d:
0c:f3:99:ef:48:63:67:3f:4e:da:b4:1a:8b:dc:f2:32:d1:90:
b9:d3:8e:3c:c3:c7:74:00:ed:4c:06:32:c2:37:23:fe:45:9b:
92:fb:1e:b4:ef:57:94:8e:21:57:d4:02:8f:3e:a6:a7:47:c2:
f3:fe:4e:4a:8d:00:6d:7b:71:0b:55:29:e5:5b:5f:60:ea:c8:
a8:05:f6:85
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR4swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MDYw
MDMwMDVaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDhEODNGQjY3OUU2MDI0
NzFBQTEwQ0QxNTlCQTVENDdBREQ3MERFOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt7pT8WJeEWlxzIcSnnluJpYFuy87W9fA3nehHZBtGGL/+458d
uKZfEKBTemOy8GJX/HtVhO1NNQSPYBnleP7trLKh4Y9QSEMhSD5yZDpfSNGpLmQK
jVgFFwgUdPaY8d0Hx84SMq6109BQji4s5n7Puw0Qjy1+5RMBQONUjdg62BkFuoj3
lVhBi81SIWptNs8el6aq9sgdv1rj7GktoxK/LW9V6yQvVA7ZasMRe71nldko89cD
6Xjm8AOK4d6iNHHy05w4OQpUUDFrivw1fuV/yXkh7KzTXqzTqR8BLXFuLK+BFgl7
vFcM3Mvq902ZiIM/ZhJxOaFjNyz6ghxeRD0VAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUjYP7Z55gJHGqEM0Vm6XUet1w3powHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9qWVA3WjU1Z0pIR3FFTTBWbTZYVWV0MXczcG8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
AGY2XjAAPPHwB4b7GzimHXF+C9JkNVeHq25QzywHNtUJYErwCUehfOAgj4IQ6yGV
WXWJ+eTxGU+p7DHDdH3klnCAs9BKNtL3h7csiitU9V/ylf2r6EjQ7EvLJc+NG3AM
M/WFhtOyXWkniNYpXL31clNYYUcUEMgCW4i3DoX9qfpOMRa+YVVVyGzXz3EZgmsH
ZBfmnbEkWY51acieF2zv65YWSQFY49BqOratg3PWWz8tZoFSjQzzme9IY2c/Ttq0
Govc8jLRkLnTjjzDx3QA7UwGMsI3I/5Fm5L7HrTvV5SOIVfUAo8+pqdHwvP+TkqN
AG17cQtVKeVbX2DqyKgF9oU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org