Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/qMYfCrOd3ZkL5VmrLv0W_hKGMqQ.roa
File: qMYfCrOd3ZkL5VmrLv0W_hKGMqQ.roa (raw, json)
Hash identifier: jWN79JhlGwKdV2jnwjYR7lAYFWfhTKi8QFGluSPhhcY=
Subject key identifier: A8:C6:1F:0A:B3:9D:DD:99:0B:E5:59:AB:2E:FD:16:FE:12:86:32:A4
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43F5
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/qMYfCrOd3ZkL5VmrLv0W_hKGMqQ.roa
Signing time: Tue 01 Mar 2022 00:30:10 +0000
ROA not before: Tue 01 Mar 2022 00:30:10 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17397 (0x43f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 1 00:30:10 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=A8C61F0AB39DDD990BE559AB2EFD16FE128632A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8b:df:f6:2a:38:90:e5:62:4d:3c:77:1b:fd:
33:0c:6b:86:38:a8:55:b2:d1:eb:1e:0f:80:b8:95:
eb:df:95:2f:e8:97:0c:ca:b3:f7:f2:fa:d0:b9:6e:
52:5c:47:53:f4:39:95:32:39:4a:ee:2c:30:9a:f1:
e3:a0:d1:92:ff:6f:98:e5:be:4a:2a:be:ca:37:92:
07:82:26:37:29:41:0e:fe:75:4c:13:d5:80:5c:64:
d1:f9:9e:0f:f0:d5:59:49:60:d5:92:a7:34:dd:73:
a8:cb:52:90:16:f8:85:59:43:5e:dc:09:4d:71:9c:
28:fe:36:bf:6a:a6:10:6f:e3:d8:4e:7c:ef:b8:40:
e1:51:a1:02:36:e2:53:6f:62:b2:1c:42:25:5f:03:
f4:84:cd:2f:19:26:61:e3:13:0d:cd:59:15:a6:eb:
c1:cc:07:04:ec:c6:30:eb:e6:22:67:bc:8b:26:b6:
ef:63:7d:c1:aa:79:ac:b6:ec:38:8c:10:43:f6:e3:
d7:c4:d3:91:dc:a2:7a:1a:8c:91:1a:42:0a:b1:a0:
83:70:ce:8a:b2:8a:df:f6:30:f4:86:30:27:25:52:
32:90:f9:4f:6a:d7:e7:c8:60:23:40:88:a0:99:f3:
50:47:26:dc:4a:ff:57:2f:32:a9:88:a5:72:4b:bf:
b4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C6:1F:0A:B3:9D:DD:99:0B:E5:59:AB:2E:FD:16:FE:12:86:32:A4
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/qMYfCrOd3ZkL5VmrLv0W_hKGMqQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:92:ce:f5:74:bb:3c:71:45:59:3c:d5:2d:af:d1:b2:2d:5f:
81:1c:e2:76:ed:97:61:75:dd:09:ba:86:f6:8a:24:64:de:b3:
4d:d4:33:44:49:5e:8d:14:c2:6d:44:a6:42:fd:73:58:0d:be:
e6:54:47:49:08:82:65:4c:36:37:15:41:58:0a:11:2a:99:e5:
8d:7a:3f:9f:04:14:24:71:2e:a5:07:06:ea:d2:23:4c:23:51:
3a:b8:0b:bd:ef:12:23:20:b7:02:10:d5:7b:f3:e9:0a:5b:e6:
6b:35:e4:8a:84:8d:db:de:70:fc:5f:f3:19:2e:62:91:87:fb:
b8:ce:ac:a2:0a:d4:62:dc:3a:b7:06:d1:62:1e:64:04:dc:c6:
c3:e3:e9:7a:b4:43:40:6b:49:30:91:8e:14:20:45:6d:e8:7f:
fc:28:3e:31:34:d4:b1:28:a8:39:99:85:37:a9:58:a1:84:db:
45:a0:ff:4d:96:97:a5:a3:b2:64:c4:98:c5:87:59:8d:3e:87:
6a:e6:40:f5:fd:0f:db:d4:55:c8:75:b4:e3:d3:99:ab:42:72:
b9:fc:42:33:61:c8:fa:cf:ab:f4:0c:f9:19:d2:c3:b9:e0:2b:
15:5e:cf:84:e6:01:37:87:85:49:01:3d:37:fe:65:e5:dd:8f:
d5:1c:2c:e5
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ/UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDEw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEE4QzYxRjBBQjM5RERE
OTkwQkU1NTlBQjJFRkQxNkZFMTI4NjMyQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJi9/2KjiQ5WJNPHcb/TMMa4Y4qFWy0eseD4C4levflS/olwzK
s/fy+tC5blJcR1P0OZUyOUruLDCa8eOg0ZL/b5jlvkoqvso3kgeCJjcpQQ7+dUwT
1YBcZNH5ng/w1VlJYNWSpzTdc6jLUpAW+IVZQ17cCU1xnCj+Nr9qphBv49hOfO+4
QOFRoQI24lNvYrIcQiVfA/SEzS8ZJmHjEw3NWRWm68HMBwTsxjDr5iJnvIsmtu9j
fcGqeay27DiMEEP249fE05HconoajJEaQgqxoINwzoqyit/2MPSGMCclUjKQ+U9q
1+fIYCNAiKCZ81BHJtxK/1cvMqmIpXJLv7QlAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUqMYfCrOd3ZkL5VmrLv0W/hKGMqQwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9xTVlmQ3JPZDNaa0w1Vm1yTHYwV19oS0dNcVEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AAySzvV0uzxxRVk81S2v0bItX4Ec4nbtl2F13Qm6hvaKJGTes03UM0RJXo0Uwm1E
pkL9c1gNvuZUR0kIgmVMNjcVQVgKESqZ5Y16P58EFCRxLqUHBurSI0wjUTq4C73v
EiMgtwIQ1Xvz6Qpb5ms15IqEjdvecPxf8xkuYpGH+7jOrKIK1GLcOrcG0WIeZATc
xsPj6Xq0Q0BrSTCRjhQgRW3of/woPjE01LEoqDmZhTepWKGE20Wg/02Wl6WjsmTE
mMWHWY0+h2rmQPX9D9vUVch1tOPTmatCcrn8QjNhyPrPq/QM+RnSw7ngKxVez4Tm
ATeHhUkBPTf+ZeXdj9UcLOU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org