Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/ocKNHXRG8QMw5jrLup2c7_ZU_3E.roa
File: ocKNHXRG8QMw5jrLup2c7_ZU_3E.roa (raw, json)
Hash identifier: bBA2UooFAMOMHm3tb5guOkXHBHC08OjToN4kyuijsSk=
Subject key identifier: A1:C2:8D:1D:74:46:F1:03:30:E6:3A:CB:BA:9D:9C:EF:F6:54:FF:71
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4887
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ocKNHXRG8QMw5jrLup2c7_ZU_3E.roa
Signing time: Tue 24 May 2022 00:30:06 +0000
ROA not before: Tue 24 May 2022 00:30:06 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18567 (0x4887)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 24 00:30:06 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=A1C28D1D7446F10330E63ACBBA9D9CEFF654FF71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4b:c2:08:f8:b2:49:43:c0:b3:60:1d:37:93:
a4:c1:17:12:9a:d8:a0:78:2d:13:50:30:e5:3f:38:
14:3c:79:75:6b:6d:c4:06:97:94:f6:e3:38:e9:ee:
43:4a:36:ea:60:c2:2e:be:75:2b:1a:d7:41:8d:22:
a4:97:bf:32:83:09:20:54:f2:d3:a9:e0:64:ed:26:
89:65:a0:75:2a:89:03:8f:4b:95:f2:0b:51:ff:93:
61:30:7b:7a:8f:83:c4:31:d0:fa:0e:20:60:5d:8c:
95:87:9a:ed:d3:40:32:95:3b:de:b4:5c:36:7c:a3:
ab:03:44:f5:1f:e5:b5:dc:72:4f:ae:83:aa:47:dc:
c8:c1:d6:38:ca:08:e5:a7:78:a8:82:ed:b1:43:cc:
e2:25:7c:67:f8:44:57:43:67:69:ed:42:66:23:93:
17:3d:88:bc:1a:6a:1c:08:73:b5:56:81:55:c9:32:
40:4e:4c:8d:10:71:d6:13:74:87:8e:c2:90:08:06:
92:0a:ed:fb:16:43:e4:25:18:15:a6:22:fd:81:98:
f0:7b:69:57:b3:e2:8f:ca:75:37:69:b6:19:5f:1e:
cd:a7:ae:1a:14:ca:ef:a4:6d:df:95:ff:a2:4f:49:
fc:72:d8:f7:55:6b:b8:d4:4e:00:cc:c6:12:6e:16:
e3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C2:8D:1D:74:46:F1:03:30:E6:3A:CB:BA:9D:9C:EF:F6:54:FF:71
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ocKNHXRG8QMw5jrLup2c7_ZU_3E.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:43:8b:aa:ed:9e:19:56:01:14:23:ec:40:53:a3:61:ab:5f:
88:a2:a4:32:94:87:db:80:b0:c5:1b:76:c2:52:7b:5a:14:3d:
75:14:84:3d:04:1a:17:e4:5f:4e:02:0c:f2:1d:17:33:a6:3f:
dc:1c:4a:5a:e9:e5:90:de:2b:7c:8b:eb:1e:4a:fd:a1:cc:49:
88:ef:e9:63:8f:92:60:66:25:a1:30:7a:67:7e:7e:45:d2:ac:
9e:d6:50:54:33:90:1f:39:50:3a:89:8f:8f:15:84:7c:80:14:
00:df:7f:c3:b0:86:72:78:99:4e:47:3f:56:1f:63:69:e1:5b:
7f:1d:78:ca:68:64:8f:2a:19:b6:f5:dd:53:13:ba:4f:aa:a9:
bc:9a:f7:15:44:e0:cb:d7:e4:16:6a:78:5a:e0:4d:84:d1:60:
4e:eb:3d:23:7b:d7:67:f3:dd:48:2e:88:e5:e6:bd:f1:79:08:
ea:37:c3:e5:a3:7b:e0:09:10:71:d4:a2:70:1c:44:d9:62:1c:
19:e4:f0:57:7f:e7:eb:ff:3c:5c:24:50:da:8e:a5:18:18:1e:
39:57:95:e7:ba:ae:13:c9:3b:40:2a:ab:30:e1:d9:3f:b8:0b:
16:54:de:be:dd:35:18:12:1b:42:ba:e9:26:dd:47:26:70:5e:
10:be:ed:1d
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSIcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MjQw
MDMwMDZaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEExQzI4RDFENzQ0NkYx
MDMzMEU2M0FDQkJBOUQ5Q0VGRjY1NEZGNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFS8II+LJJQ8CzYB03k6TBFxKa2KB4LRNQMOU/OBQ8eXVrbcQG
l5T24zjp7kNKNupgwi6+dSsa10GNIqSXvzKDCSBU8tOp4GTtJolloHUqiQOPS5Xy
C1H/k2Ewe3qPg8Qx0PoOIGBdjJWHmu3TQDKVO960XDZ8o6sDRPUf5bXcck+ug6pH
3MjB1jjKCOWneKiC7bFDzOIlfGf4RFdDZ2ntQmYjkxc9iLwaahwIc7VWgVXJMkBO
TI0QcdYTdIeOwpAIBpIK7fsWQ+QlGBWmIv2BmPB7aVez4o/KdTdpthlfHs2nrhoU
yu+kbd+V/6JPSfxy2PdVa7jUTgDMxhJuFuNTAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUocKNHXRG8QMw5jrLup2c7/ZU/3EwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9vY0tOSFhSRzhRTXc1anJMdXAyYzdfWlVfM0Uucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
AC1Di6rtnhlWARQj7EBTo2GrX4iipDKUh9uAsMUbdsJSe1oUPXUUhD0EGhfkX04C
DPIdFzOmP9wcSlrp5ZDeK3yL6x5K/aHMSYjv6WOPkmBmJaEwemd+fkXSrJ7WUFQz
kB85UDqJj48VhHyAFADff8OwhnJ4mU5HP1YfY2nhW38deMpoZI8qGbb13VMTuk+q
qbya9xVE4MvX5BZqeFrgTYTRYE7rPSN712fz3UguiOXmvfF5COo3w+Wje+AJEHHU
onAcRNliHBnk8Fd/5+v/PFwkUNqOpRgYHjlXlee6rhPJO0AqqzDh2T+4CxZU3r7d
NRgSG0K66SbdRyZwXhC+7R0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org