Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/ojif1sgmZ_pHoRHqDMFZAMghgds.roa
File: ojif1sgmZ_pHoRHqDMFZAMghgds.roa (raw, json)
Hash identifier: r9TAiYLZqOxg9Q2G/2Rw9OKdjmpnYZIF1b88ewI6PlA=
Subject key identifier: A2:38:9F:D6:C8:26:67:FA:47:A1:11:EA:0C:C1:59:00:C8:21:81:DB
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43BE
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ojif1sgmZ_pHoRHqDMFZAMghgds.roa
Signing time: Fri 25 Feb 2022 00:30:09 +0000
ROA not before: Fri 25 Feb 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17342 (0x43be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 25 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=A2389FD6C82667FA47A111EA0CC15900C82181DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:16:27:4a:00:36:a0:e5:7b:d7:a8:4e:f9:51:
0e:ce:cf:21:9e:4e:06:0c:cf:4e:6a:25:f3:7b:c5:
0b:18:7a:93:e7:22:66:5f:ac:0d:2f:9d:d1:c8:9f:
7e:f0:d1:9e:97:81:3b:e4:85:b9:28:2b:c4:c8:94:
48:02:a4:e2:e1:6a:d9:bc:04:40:75:98:47:c2:79:
66:e1:ba:18:12:4b:89:80:d7:be:2f:9c:c8:a6:10:
bf:34:3d:a1:6e:60:95:3b:56:02:51:06:13:87:b1:
4c:76:8d:6a:9f:e7:8c:f8:46:9b:10:8b:ef:b9:eb:
31:fa:ef:b7:25:69:57:10:8e:af:6b:46:70:d1:46:
c1:22:c1:8e:16:2f:22:09:3c:b3:a9:3a:26:72:dd:
98:e9:be:17:10:83:10:bd:aa:fe:71:d8:fb:79:6e:
58:91:5b:76:7c:a9:73:d1:ba:4a:55:17:80:a9:c3:
6a:a3:7f:7a:fd:95:a4:b7:a1:98:6a:5c:e0:8e:7d:
be:6f:02:2a:69:c4:0b:4a:ee:90:7b:c8:67:4a:7c:
3a:f2:66:2f:11:35:a0:f3:6e:10:ca:6d:22:26:80:
40:3b:af:19:85:e8:ee:9c:03:86:4f:00:55:71:32:
af:11:59:45:c1:3b:2e:50:43:a6:c2:e7:6d:c1:ef:
9f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:38:9F:D6:C8:26:67:FA:47:A1:11:EA:0C:C1:59:00:C8:21:81:DB
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ojif1sgmZ_pHoRHqDMFZAMghgds.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
34:b9:e8:7b:42:ba:08:c2:a0:e3:41:86:0e:60:d7:f8:16:6d:
7b:05:22:c0:2a:c1:d8:0d:64:17:ef:b0:09:5b:b3:08:57:eb:
a5:a6:18:ad:4f:cc:3a:ed:cd:8c:fb:6b:25:22:53:0c:d6:69:
c1:7e:8f:45:48:3c:0f:50:c3:e4:5f:e1:03:84:25:37:12:05:
de:bb:a7:20:a7:72:21:41:2d:c0:58:76:35:4f:e6:5c:3d:b5:
b6:54:a2:b9:a0:96:ae:3c:ed:2f:fa:11:b8:00:dc:cc:f0:0c:
d1:34:3c:0d:8d:b6:fc:c2:52:ac:29:06:8e:58:9d:26:1c:2d:
77:d1:32:aa:0f:8f:3f:e9:a0:65:4a:48:0b:19:f4:07:6f:8a:
47:0f:40:8f:29:35:7e:2b:52:cd:6e:9c:cf:e6:f6:4f:00:3f:
24:2d:ed:d5:67:8d:69:83:2a:76:3a:2d:c9:d4:02:5d:f2:fe:
af:d6:cf:56:22:0c:b3:ca:1a:de:f0:87:95:67:54:6a:6b:69:
b4:22:89:c3:eb:40:5d:9c:5e:6e:ff:b4:f7:a6:e1:d3:2d:c8:
e3:f9:4d:ec:82:ad:5d:9d:fc:4c:22:2d:b9:c3:91:fa:e6:eb:
21:80:a5:16:24:0a:b3:81:22:75:fc:41:c6:22:61:b5:06:5c:
fe:e7:8f:38
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ74wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjUw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEEyMzg5RkQ2QzgyNjY3
RkE0N0ExMTFFQTBDQzE1OTAwQzgyMTgxREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9FidKADag5XvXqE75UQ7OzyGeTgYMz05qJfN7xQsYepPnImZf
rA0vndHIn37w0Z6XgTvkhbkoK8TIlEgCpOLhatm8BEB1mEfCeWbhuhgSS4mA174v
nMimEL80PaFuYJU7VgJRBhOHsUx2jWqf54z4RpsQi++56zH677claVcQjq9rRnDR
RsEiwY4WLyIJPLOpOiZy3ZjpvhcQgxC9qv5x2Pt5bliRW3Z8qXPRukpVF4Cpw2qj
f3r9laS3oZhqXOCOfb5vAippxAtK7pB7yGdKfDryZi8RNaDzbhDKbSImgEA7rxmF
6O6cA4ZPAFVxMq8RWUXBOy5QQ6bC523B759bAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUojif1sgmZ/pHoRHqDMFZAMghgdswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9vamlmMXNnbVpfcEhvUkhxRE1GWkFNZ2hnZHMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ADS56HtCugjCoONBhg5g1/gWbXsFIsAqwdgNZBfvsAlbswhX66WmGK1PzDrtzYz7
ayUiUwzWacF+j0VIPA9Qw+Rf4QOEJTcSBd67pyCnciFBLcBYdjVP5lw9tbZUormg
lq487S/6EbgA3MzwDNE0PA2NtvzCUqwpBo5YnSYcLXfRMqoPjz/poGVKSAsZ9Adv
ikcPQI8pNX4rUs1unM/m9k8APyQt7dVnjWmDKnY6LcnUAl3y/q/Wz1YiDLPKGt7w
h5VnVGprabQiicPrQF2cXm7/tPem4dMtyOP5TeyCrV2d/EwiLbnDkfrm6yGApRYk
CrOBInX8QcYiYbUGXP7njzg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org