Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/m_1FZrd3aNiPQ3NVXjTBbIYXNHk.roa
File: m_1FZrd3aNiPQ3NVXjTBbIYXNHk.roa (raw, json)
Hash identifier: 2z97ROg18RIoJinJ/40xnN7ZoZwAzYM0DThrCwTrMIU=
Subject key identifier: 9B:FD:45:66:B7:77:68:D8:8F:43:73:55:5E:34:C1:6C:86:17:34:79
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4396
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/m_1FZrd3aNiPQ3NVXjTBbIYXNHk.roa
Signing time: Tue 22 Feb 2022 00:30:10 +0000
ROA not before: Tue 22 Feb 2022 00:30:10 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17302 (0x4396)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 22 00:30:10 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=9BFD4566B77768D88F4373555E34C16C86173479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:a8:a2:74:53:72:be:eb:09:35:e6:8d:80:3d:
b7:04:e3:8f:73:3e:00:84:a4:f0:02:ad:f0:d8:53:
84:67:98:43:29:f7:30:f4:9a:2e:b3:9b:c9:4f:16:
41:b3:97:e0:78:14:e3:f3:ae:31:2d:04:f3:72:33:
49:3e:7b:37:50:41:1f:4a:d2:03:3d:a2:50:b6:47:
2c:83:53:65:21:3e:32:cc:28:86:2b:f5:42:a3:d3:
df:96:05:10:b5:aa:bd:d9:79:c4:de:d0:18:cf:b8:
97:1f:1d:4c:2d:47:10:e2:0c:e2:ee:e2:cb:27:93:
30:af:b9:e0:a1:1a:75:a7:5d:a2:0d:27:79:9a:33:
7c:68:60:08:05:9c:b2:20:8d:e8:0b:0a:c8:8e:fc:
35:f7:e2:7b:dd:c2:d3:76:c6:fd:f4:a3:99:5c:3a:
78:e4:77:85:0b:e9:d0:65:45:e3:4a:ca:7f:e3:03:
80:2f:a7:4c:47:d0:2c:d5:74:c4:01:38:4d:57:be:
2c:86:bc:b2:26:65:91:0d:27:0c:55:a2:b7:09:be:
11:b6:25:51:23:0e:d0:43:33:d5:80:c8:9b:82:58:
1a:7e:7f:63:69:dc:f1:80:b5:a0:26:3c:21:fd:9f:
11:2f:11:ea:0c:34:23:a7:63:3c:0f:d9:d6:25:74:
6c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:FD:45:66:B7:77:68:D8:8F:43:73:55:5E:34:C1:6C:86:17:34:79
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/m_1FZrd3aNiPQ3NVXjTBbIYXNHk.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:5b:a9:78:04:cf:12:c7:26:36:a3:62:44:13:39:a2:e9:2f:
42:79:b5:63:e3:44:f5:d7:22:b6:aa:1a:ba:a0:24:d8:ea:c0:
a5:cf:2a:cf:e3:15:28:f4:1e:a0:4c:28:8c:f9:cb:c6:87:7a:
d5:8d:57:1c:e8:cf:77:b2:74:01:bb:d7:5c:ae:a9:cc:ae:6f:
9a:a9:f1:a8:7b:c5:c3:7a:0e:b0:14:4d:d5:b8:f4:32:31:35:
ea:01:25:c6:0e:a8:08:9d:7b:74:d8:73:23:bb:19:74:33:92:
d3:db:d4:10:e4:01:b0:86:ff:67:d9:f2:8e:1b:16:7b:9a:8e:
38:79:ba:17:9a:41:32:72:05:ed:e9:35:d5:e0:bc:27:a0:70:
a5:e1:75:09:e5:e6:fd:0e:d4:22:f1:50:b5:1f:d8:78:f5:d6:
e8:71:25:31:0a:6e:1c:3c:0f:08:23:c1:d5:7c:43:3e:89:b3:
67:88:dd:1f:47:6d:de:c3:08:b3:03:ee:5f:6f:83:ec:e3:c1:
36:df:0b:47:01:ab:aa:c6:ac:db:30:76:24:25:61:a1:fd:6f:
45:ee:a7:81:6b:74:6b:e9:99:98:82:2f:4a:81:5e:86:3e:c3:
6c:b0:24:5b:26:68:60:f7:56:78:0d:2d:b4:0f:51:50:0a:c5:
f2:e2:ba:89
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ5YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjIw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDlCRkQ0NTY2Qjc3NzY4
RDg4RjQzNzM1NTVFMzRDMTZDODYxNzM0NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0qKJ0U3K+6wk15o2APbcE449zPgCEpPACrfDYU4RnmEMp9zD0
mi6zm8lPFkGzl+B4FOPzrjEtBPNyM0k+ezdQQR9K0gM9olC2RyyDU2UhPjLMKIYr
9UKj09+WBRC1qr3ZecTe0BjPuJcfHUwtRxDiDOLu4ssnkzCvueChGnWnXaINJ3ma
M3xoYAgFnLIgjegLCsiO/DX34nvdwtN2xv30o5lcOnjkd4UL6dBlReNKyn/jA4Av
p0xH0CzVdMQBOE1XviyGvLImZZENJwxVorcJvhG2JVEjDtBDM9WAyJuCWBp+f2Np
3PGAtaAmPCH9nxEvEeoMNCOnYzwP2dYldGxdAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUm/1FZrd3aNiPQ3NVXjTBbIYXNHkwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9tXzFGWnJkM2FOaVBRM05WWGpUQmJJWVhOSGsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AKVbqXgEzxLHJjajYkQTOaLpL0J5tWPjRPXXIraqGrqgJNjqwKXPKs/jFSj0HqBM
KIz5y8aHetWNVxzoz3eydAG711yuqcyub5qp8ah7xcN6DrAUTdW49DIxNeoBJcYO
qAide3TYcyO7GXQzktPb1BDkAbCG/2fZ8o4bFnuajjh5uheaQTJyBe3pNdXgvCeg
cKXhdQnl5v0O1CLxULUf2Hj11uhxJTEKbhw8DwgjwdV8Qz6Js2eI3R9Hbd7DCLMD
7l9vg+zjwTbfC0cBq6rGrNswdiQlYaH9b0Xup4FrdGvpmZiCL0qBXoY+w2ywJFsm
aGD3VngNLbQPUVAKxfLiuok=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org