Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/o3pSMdJXOq1Jqm-2ZR0lgD603RI.roa
File: o3pSMdJXOq1Jqm-2ZR0lgD603RI.roa (raw, json)
Hash identifier: RtY5wOSpYrYKHISdFVYNFBqOXchICbPxYvF+sJhWgKE=
Subject key identifier: A3:7A:52:31:D2:57:3A:AD:49:AA:6F:B6:65:1D:25:80:3E:B4:DD:12
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 429D
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/o3pSMdJXOq1Jqm-2ZR0lgD603RI.roa
Signing time: Fri 04 Feb 2022 00:30:08 +0000
ROA not before: Fri 04 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17053 (0x429d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 4 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=A37A5231D2573AAD49AA6FB6651D25803EB4DD12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1c:04:e4:b2:a0:34:7b:68:80:76:8a:eb:f7:
ce:6d:1d:45:28:9f:1a:8c:b1:0d:fc:07:fc:1d:91:
14:83:5b:94:a7:0c:05:f6:0d:81:96:8b:bf:1b:f4:
d4:d7:4f:55:fd:a2:40:6b:25:c0:c2:09:28:4e:c0:
db:7e:b6:08:4d:d9:a1:a9:77:d5:e6:2f:3e:56:f8:
04:5c:a8:70:d2:cb:ab:4c:c8:78:4c:8e:83:2b:b5:
c6:23:d5:a3:35:d2:65:ee:16:8d:ae:8c:2b:e3:22:
ea:5b:ea:1b:ac:db:66:3c:ba:2c:cd:7e:7b:0d:c9:
3b:ff:ce:34:0c:d9:ba:9d:b3:28:13:33:31:c2:b3:
74:cc:59:22:6a:8c:92:65:bd:20:63:cc:7e:db:f4:
7d:ba:21:a3:da:c0:6b:37:5c:97:33:ab:4f:e1:a1:
fc:dd:a8:e6:72:3b:a2:5c:c5:34:a2:58:76:d3:e3:
63:9c:de:18:8e:68:92:03:43:07:af:74:af:25:f3:
b3:67:e0:7d:d6:d3:5b:33:2c:35:d6:c4:26:5f:a0:
4c:df:2d:c2:5f:b9:8e:20:95:97:9b:eb:7c:f1:6a:
eb:9e:28:37:08:bd:74:c2:57:ba:d5:7f:bc:b3:c5:
e2:43:22:89:0a:ba:2a:30:17:09:27:c0:8e:dd:ad:
04:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:7A:52:31:D2:57:3A:AD:49:AA:6F:B6:65:1D:25:80:3E:B4:DD:12
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/o3pSMdJXOq1Jqm-2ZR0lgD603RI.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:6a:ee:dd:19:4b:6a:52:97:7f:64:3f:2d:c7:08:64:51:b5:
3a:6e:7a:d9:88:7d:a5:e2:32:55:39:fb:68:dc:9f:5f:a1:29:
d0:15:dc:e6:27:43:b4:0b:63:3d:3f:78:fc:6b:00:0f:6c:48:
67:bb:b8:30:3b:22:82:75:b8:e8:f2:68:0c:99:80:3e:5b:b9:
2f:b2:44:0d:3c:01:cb:b1:ba:c8:cc:31:cf:3f:3f:56:a0:03:
b3:fe:d3:9d:9b:27:a6:52:32:0d:5d:f3:3a:38:d7:de:77:32:
b8:c0:55:ff:ad:f0:f4:57:63:63:4a:35:f0:9f:5f:44:bc:64:
8e:16:74:e4:66:b9:9b:e9:7b:7e:63:ad:dd:30:14:0c:55:64:
bc:7c:eb:bc:35:46:d7:c4:3b:8b:21:b7:2d:55:f4:92:cd:b4:
10:1d:5e:c1:f4:dc:e0:b7:98:08:5a:fa:84:ba:41:af:1a:05:
47:ad:3c:9e:00:ea:cf:e0:07:21:ee:f0:d7:40:1e:15:84:2c:
e4:7d:12:8f:7f:cb:7e:5f:c5:f6:fc:a9:cc:47:a5:a7:ce:2b:
cd:29:b9:17:37:14:8b:bb:67:52:4f:98:59:0f:8b:64:14:fb:
82:ec:d1:fe:cf:05:e5:1d:67:5d:79:03:d6:38:69:d1:16:92:
41:26:6c:64
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQp0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDQw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEEzN0E1MjMxRDI1NzNB
QUQ0OUFBNkZCNjY1MUQyNTgwM0VCNEREMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrHATksqA0e2iAdorr985tHUUonxqMsQ38B/wdkRSDW5SnDAX2
DYGWi78b9NTXT1X9okBrJcDCCShOwNt+tghN2aGpd9XmLz5W+ARcqHDSy6tMyHhM
joMrtcYj1aM10mXuFo2ujCvjIupb6hus22Y8uizNfnsNyTv/zjQM2bqdsygTMzHC
s3TMWSJqjJJlvSBjzH7b9H26IaPawGs3XJczq0/hofzdqOZyO6JcxTSiWHbT42Oc
3hiOaJIDQwevdK8l87Nn4H3W01szLDXWxCZfoEzfLcJfuY4glZeb63zxauueKDcI
vXTCV7rVf7yzxeJDIokKuiowFwknwI7drQRfAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUo3pSMdJXOq1Jqm+2ZR0lgD603RIwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9vM3BTTWRKWE9xMUpxbS0yWlIwbGdENjAzUkkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
ACtq7t0ZS2pSl39kPy3HCGRRtTpuetmIfaXiMlU5+2jcn1+hKdAV3OYnQ7QLYz0/
ePxrAA9sSGe7uDA7IoJ1uOjyaAyZgD5buS+yRA08AcuxusjMMc8/P1agA7P+052b
J6ZSMg1d8zo41953MrjAVf+t8PRXY2NKNfCfX0S8ZI4WdORmuZvpe35jrd0wFAxV
ZLx867w1RtfEO4shty1V9JLNtBAdXsH03OC3mAha+oS6Qa8aBUetPJ4A6s/gByHu
8NdAHhWELOR9Eo9/y35fxfb8qcxHpafOK80puRc3FIu7Z1JPmFkPi2QU+4Ls0f7P
BeUdZ115A9Y4adEWkkEmbGQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org