Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/ocLDgLtkFwxtSl65plTVD8KyCUw.roa
File: ocLDgLtkFwxtSl65plTVD8KyCUw.roa (raw, json)
Hash identifier: z2givEbUEeYUErAxxvZJ37MLCYx+p989DpOFXMx7uuc=
Subject key identifier: A1:C2:C3:80:BB:64:17:0C:6D:4A:5E:B9:A6:54:D5:0F:C2:B2:09:4C
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43D7
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ocLDgLtkFwxtSl65plTVD8KyCUw.roa
Signing time: Sun 27 Feb 2022 00:30:12 +0000
ROA not before: Sun 27 Feb 2022 00:30:12 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17367 (0x43d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 27 00:30:12 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=A1C2C380BB64170C6D4A5EB9A654D50FC2B2094C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:36:8e:64:3e:ac:8b:bf:c4:47:ba:17:4e:38:
68:9a:fb:17:6a:12:a5:6c:d9:a5:82:d9:e4:f2:f6:
28:16:d7:1d:8a:ee:d5:11:cb:71:36:66:9b:13:8b:
ba:8e:0f:90:53:ca:29:38:1d:89:12:a7:7a:a0:6b:
48:d3:8c:a3:bc:75:df:53:a1:ce:d7:63:77:85:8a:
f6:38:09:d9:78:24:e5:ca:7b:32:23:f2:a9:25:77:
56:14:23:dc:e7:d7:60:49:e4:b6:9d:4d:5a:7b:d3:
ef:80:5f:03:33:73:60:de:30:a6:79:56:c0:e8:8d:
e7:14:cc:61:03:1c:42:00:a0:9e:d2:c8:7a:44:ce:
0c:0c:20:91:1f:5c:d1:f9:8f:c7:6a:09:9e:07:53:
48:8d:61:fd:b4:c0:ea:93:a4:06:b7:4b:34:c2:d7:
0a:f5:4f:ad:01:49:a7:d9:0e:c1:4b:d2:64:49:56:
f6:1c:b4:2b:03:aa:12:6b:f6:8b:c6:00:5d:3a:9f:
7a:e4:02:3b:86:2f:0a:44:84:6f:a0:4c:0c:e5:a9:
19:0c:77:93:c0:d5:a6:fd:cd:62:eb:8b:76:a8:ae:
de:10:11:4e:ca:b2:28:fb:6e:a9:3a:03:43:ce:da:
1f:5e:95:89:c5:af:a1:45:03:de:21:2e:69:e9:76:
e0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C2:C3:80:BB:64:17:0C:6D:4A:5E:B9:A6:54:D5:0F:C2:B2:09:4C
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ocLDgLtkFwxtSl65plTVD8KyCUw.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
79:1b:1f:0c:4f:81:dd:77:b0:06:6a:4f:52:d4:b6:db:33:40:
2d:b1:b5:cd:3e:5d:03:cd:97:d0:d6:06:c6:e9:68:d2:b8:e0:
96:5c:1c:6f:c8:41:0d:14:6b:6f:5d:1e:08:ae:e9:1b:73:48:
b3:5b:d5:c3:57:13:07:ca:69:f7:0c:36:dd:e9:6d:2f:44:b8:
a9:74:9a:47:eb:c2:e6:aa:9c:f1:57:9c:09:da:7f:5e:10:29:
72:1a:32:dd:88:a7:9d:ad:27:e5:55:66:23:fc:96:9a:1c:e9:
49:5e:57:0a:94:51:bf:5e:f6:6a:a5:7e:be:fb:e9:8b:57:8f:
98:fd:49:a2:ea:13:3b:d5:fc:f3:97:f2:74:0b:30:d7:c3:2d:
14:6f:b2:49:60:a9:d0:61:5b:71:7e:50:e2:7e:b6:ce:62:45:
a5:4f:45:9f:9c:71:d9:bc:83:8b:fc:33:81:24:e6:fd:78:a4:
a6:71:6d:54:de:46:b8:85:ad:5b:39:cd:2d:93:01:76:3f:bb:
d6:99:ef:7b:bc:87:3f:67:a0:6f:b5:7e:61:54:7c:38:f5:eb:
86:29:b0:7c:3f:85:76:ad:52:f4:5f:0d:ac:61:94:07:7b:06:
8e:f8:f0:78:ac:d3:33:3f:93:97:5a:ef:98:0b:cf:e7:3b:c8:
78:26:8e:d7
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ9cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjcw
MDMwMTJaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEExQzJDMzgwQkI2NDE3
MEM2RDRBNUVCOUE2NTRENTBGQzJCMjA5NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6No5kPqyLv8RHuhdOOGia+xdqEqVs2aWC2eTy9igW1x2K7tUR
y3E2ZpsTi7qOD5BTyik4HYkSp3qga0jTjKO8dd9Toc7XY3eFivY4Cdl4JOXKezIj
8qkld1YUI9zn12BJ5LadTVp70++AXwMzc2DeMKZ5VsDojecUzGEDHEIAoJ7SyHpE
zgwMIJEfXNH5j8dqCZ4HU0iNYf20wOqTpAa3SzTC1wr1T60BSafZDsFL0mRJVvYc
tCsDqhJr9ovGAF06n3rkAjuGLwpEhG+gTAzlqRkMd5PA1ab9zWLri3aort4QEU7K
sij7bqk6A0PO2h9elYnFr6FFA94hLmnpduC5AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUocLDgLtkFwxtSl65plTVD8KyCUwwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9vY0xEZ0x0a0Z3eHRTbDY1cGxUVkQ4S3lDVXcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AHkbHwxPgd13sAZqT1LUttszQC2xtc0+XQPNl9DWBsbpaNK44JZcHG/IQQ0Ua29d
Hgiu6RtzSLNb1cNXEwfKafcMNt3pbS9EuKl0mkfrwuaqnPFXnAnaf14QKXIaMt2I
p52tJ+VVZiP8lpoc6UleVwqUUb9e9mqlfr776YtXj5j9SaLqEzvV/POX8nQLMNfD
LRRvsklgqdBhW3F+UOJ+ts5iRaVPRZ+ccdm8g4v8M4Ek5v14pKZxbVTeRriFrVs5
zS2TAXY/u9aZ73u8hz9noG+1fmFUfDj164YpsHw/hXatUvRfDaxhlAd7Bo748His
0zM/k5da75gLz+c7yHgmjtc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org