Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/rZCMZZGCPPgNdczWIH4FhdzpcMA.roa
File: rZCMZZGCPPgNdczWIH4FhdzpcMA.roa (raw, json)
Hash identifier: KD+u4GkHH0uNvMnkh+6RLsos17FgGUqFcFaAc6E8Hng=
Subject key identifier: AD:90:8C:65:91:82:3C:F8:0D:75:CC:D6:20:7E:05:85:DC:E9:70:C0
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4923
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/rZCMZZGCPPgNdczWIH4FhdzpcMA.roa
Signing time: Thu 02 Jun 2022 00:30:13 +0000
ROA not before: Thu 02 Jun 2022 00:30:13 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18723 (0x4923)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 2 00:30:13 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=AD908C6591823CF80D75CCD6207E0585DCE970C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:be:d1:92:c3:e7:8e:c6:23:67:83:d5:30:76:
df:2d:c2:de:a5:6e:06:4b:17:36:dc:ba:c8:44:1a:
79:db:c0:ac:d2:d3:91:77:1d:50:10:bb:67:d8:59:
25:58:39:d7:83:fe:01:2e:b5:11:50:d4:6b:9a:8b:
46:4a:db:63:bb:2d:a0:58:8a:b8:6e:0c:14:a0:8b:
04:df:e5:7a:b8:77:6c:75:52:8d:cf:4c:7c:88:30:
ec:2d:cf:28:32:1b:94:f8:30:2c:bf:4c:fe:92:82:
a6:73:82:4e:67:35:85:ac:83:47:5b:df:ea:ee:14:
8f:28:be:30:02:53:e2:b9:84:64:be:f5:cf:3f:96:
67:3d:bc:ff:61:88:62:d6:d7:c5:27:69:02:ae:2f:
c5:13:ba:8f:97:3a:49:b6:b1:e6:75:8a:3e:e3:32:
09:45:30:e4:8d:cf:10:64:6b:d7:74:5f:dd:3b:01:
db:fd:23:8a:89:4b:5a:fd:9e:a1:9e:17:a0:24:ed:
63:35:e7:95:3c:5b:60:63:f6:12:dc:ba:92:2f:30:
e3:63:f6:cb:28:ac:11:76:50:bf:63:d7:78:59:70:
ae:ff:5c:e3:5f:73:93:ee:c4:81:06:67:33:90:93:
74:a7:5d:59:6e:df:b4:4d:dd:02:8c:1f:9c:80:4c:
9a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:90:8C:65:91:82:3C:F8:0D:75:CC:D6:20:7E:05:85:DC:E9:70:C0
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/rZCMZZGCPPgNdczWIH4FhdzpcMA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.10.0/24
Signature Algorithm: sha256WithRSAEncryption
26:81:35:9b:ca:92:a0:e7:19:4c:5b:d2:a0:32:76:7b:71:a4:
18:6f:ac:76:8e:5f:7e:69:40:a0:4b:b8:41:10:50:61:52:b1:
16:f4:14:95:6a:a8:7e:26:e7:57:57:9a:06:11:f6:28:7b:df:
b7:67:8e:cc:45:5c:fb:0e:00:50:36:e9:8a:77:cf:54:b2:ee:
3c:da:86:be:8f:2f:16:44:87:0a:86:ac:ff:ab:30:b4:c9:c7:
c5:95:ab:c9:43:27:16:0d:83:53:db:ca:77:a5:80:e9:b0:c2:
fb:11:5e:68:19:40:0a:45:78:cf:8c:24:47:bc:74:bc:7a:4d:
5e:37:b3:3b:5f:98:6c:a7:44:fe:db:3e:67:19:7c:3b:3c:3d:
63:b3:2b:d5:5d:d8:bb:da:fd:fd:a6:6d:30:e7:be:09:70:79:
4e:2b:0d:e4:c0:b2:be:c3:c6:e9:73:75:3a:bc:fc:36:25:25:
32:e1:92:e5:a0:4d:52:44:54:0e:ed:9e:ee:0a:24:21:e7:a3:
e5:4d:12:d0:fa:5f:ab:43:7c:6d:72:6f:63:59:19:21:ac:d4:
da:28:37:bc:2d:17:00:55:81:37:ac:4a:eb:ab:d0:df:a6:f1:
e0:a2:a7:ee:d9:a8:3f:a7:fe:64:41:0b:1b:27:cc:81:fd:ea:
29:68:0e:d2
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSSMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDIw
MDMwMTNaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEFEOTA4QzY1OTE4MjND
RjgwRDc1Q0NENjIwN0UwNTg1RENFOTcwQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMvtGSw+eOxiNng9Uwdt8twt6lbgZLFzbcushEGnnbwKzS05F3
HVAQu2fYWSVYOdeD/gEutRFQ1Guai0ZK22O7LaBYirhuDBSgiwTf5Xq4d2x1Uo3P
THyIMOwtzygyG5T4MCy/TP6SgqZzgk5nNYWsg0db3+ruFI8ovjACU+K5hGS+9c8/
lmc9vP9hiGLW18UnaQKuL8UTuo+XOkm2seZ1ij7jMglFMOSNzxBka9d0X907Adv9
I4qJS1r9nqGeF6Ak7WM155U8W2Bj9hLcupIvMONj9ssorBF2UL9j13hZcK7/XONf
c5PuxIEGZzOQk3SnXVlu37RN3QKMH5yATJr5AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUrZCMZZGCPPgNdczWIH4FhdzpcMAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9yWkNNWlpHQ1BQZ05kY3pXSUg0RmhkenBjTUEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAowDQYJKoZIhvcNAQELBQADggEB
ACaBNZvKkqDnGUxb0qAydntxpBhvrHaOX35pQKBLuEEQUGFSsRb0FJVqqH4m51dX
mgYR9ih737dnjsxFXPsOAFA26Yp3z1Sy7jzahr6PLxZEhwqGrP+rMLTJx8WVq8lD
JxYNg1PbynelgOmwwvsRXmgZQApFeM+MJEe8dLx6TV43sztfmGynRP7bPmcZfDs8
PWOzK9Vd2Lva/f2mbTDnvglweU4rDeTAsr7DxulzdTq8/DYlJTLhkuWgTVJEVA7t
nu4KJCHno+VNEtD6X6tDfG1yb2NZGSGs1NooN7wtFwBVgTesSuur0N+m8eCip+7Z
qD+n/mRBCxsnzIH96iloDtI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org