Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/rz1bt4DQHs7GtkQdHox4Hv3Ij1A.roa
File: rz1bt4DQHs7GtkQdHox4Hv3Ij1A.roa (raw, json)
Hash identifier: fhwGI+OK7W4HCluz657VKv/v8vwvNq73xTR1DRJJKhM=
Subject key identifier: AF:3D:5B:B7:80:D0:1E:CE:C6:B6:44:1D:1E:8C:78:1E:FD:C8:8F:50
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44F7
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/rz1bt4DQHs7GtkQdHox4Hv3Ij1A.roa
Signing time: Sun 20 Mar 2022 00:30:17 +0000
ROA not before: Sun 20 Mar 2022 00:30:17 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17655 (0x44f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 20 00:30:17 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=AF3D5BB780D01ECEC6B6441D1E8C781EFDC88F50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:39:b3:19:18:41:df:e8:d7:79:a0:2e:99:94:
ae:e2:a4:96:77:16:a4:2a:eb:ab:e5:92:4a:49:31:
54:a7:79:9a:f0:2a:05:ac:ec:a6:92:ef:f4:81:dd:
8b:d6:c9:d8:7b:38:82:4e:3d:eb:1e:a8:f9:92:d7:
5c:7b:21:23:32:d3:50:2c:32:be:cf:66:de:12:32:
c9:a8:60:7a:f1:30:84:3c:8e:ea:7a:c6:01:13:c7:
b3:a4:1f:93:12:c4:73:d9:49:b7:4e:e8:94:24:9f:
d5:75:7b:5c:71:b4:fe:2b:41:9b:20:64:e3:6e:a5:
56:25:2c:81:82:ec:09:b9:8e:ed:8c:3d:98:13:4c:
5a:8e:06:15:97:4c:ef:20:69:91:0b:50:a2:ac:57:
61:98:cf:36:ce:cf:ce:52:9c:94:3b:00:81:be:aa:
0f:6f:81:95:5b:f2:40:6b:65:b3:e8:16:42:e4:0c:
7c:9a:f1:2a:45:35:b2:07:15:5a:8c:31:f8:8c:83:
00:51:c9:bc:69:ce:57:bb:ed:a9:a1:32:9b:1f:3f:
06:5f:25:6a:60:ff:82:34:64:b2:06:e6:3a:b4:20:
f8:85:52:08:96:f5:d6:c6:ef:69:62:1d:a2:bc:e9:
15:da:45:c0:0e:a9:42:31:0f:bb:47:63:25:9c:bf:
a5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3D:5B:B7:80:D0:1E:CE:C6:B6:44:1D:1E:8C:78:1E:FD:C8:8F:50
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/rz1bt4DQHs7GtkQdHox4Hv3Ij1A.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:53:08:1e:91:e3:e0:cc:18:58:58:78:c3:14:a9:4f:c1:d7:
6d:91:fe:b6:80:87:d8:6f:76:6a:dd:26:a0:5e:e9:3b:01:76:
2f:62:4a:ed:f6:77:42:52:ff:a4:ef:48:b1:93:1c:80:7b:12:
18:ec:e8:f0:18:15:14:52:b0:60:47:88:ee:87:d3:3f:af:c3:
b4:15:ef:d8:6b:8f:f7:a8:d5:19:52:15:05:62:62:6c:5d:a5:
ba:75:b3:63:e5:d7:b3:13:43:e4:39:b4:9f:00:bf:62:74:7d:
e9:75:5f:de:7e:25:c4:f9:75:d9:fc:b2:0f:15:2b:a7:82:73:
70:b0:2e:fe:bc:35:0d:a4:ad:bd:03:8b:1d:18:d2:f5:df:f7:
31:0d:d1:af:ed:92:2a:a6:4c:45:fd:e2:8d:7e:02:fd:bc:93:
e4:85:cb:4d:52:ff:82:5d:53:32:91:01:cd:95:19:e7:86:eb:
ef:65:6c:ad:21:1c:08:c9:da:d5:54:70:ba:a5:03:22:ec:8b:
75:be:c9:2d:be:dd:86:c9:a6:1b:f1:70:63:76:a8:d9:1f:23:
81:3d:9c:6b:28:07:fc:86:c4:7c:1b:33:d3:62:00:8d:ed:87:
c7:11:4b:4e:96:b2:47:d4:ea:c8:56:d1:a6:b0:a2:b8:06:c7:
20:7f:d9:de
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRPcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjAw
MDMwMTdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEFGM0Q1QkI3ODBEMDFF
Q0VDNkI2NDQxRDFFOEM3ODFFRkRDODhGNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdObMZGEHf6Nd5oC6ZlK7ipJZ3FqQq66vlkkpJMVSneZrwKgWs
7KaS7/SB3YvWydh7OIJOPeseqPmS11x7ISMy01AsMr7PZt4SMsmoYHrxMIQ8jup6
xgETx7OkH5MSxHPZSbdO6JQkn9V1e1xxtP4rQZsgZONupVYlLIGC7Am5ju2MPZgT
TFqOBhWXTO8gaZELUKKsV2GYzzbOz85SnJQ7AIG+qg9vgZVb8kBrZbPoFkLkDHya
8SpFNbIHFVqMMfiMgwBRybxpzle77amhMpsfPwZfJWpg/4I0ZLIG5jq0IPiFUgiW
9dbG72liHaK86RXaRcAOqUIxD7tHYyWcv6UjAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUrz1bt4DQHs7GtkQdHox4Hv3Ij1AwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9yejFidDREUUhzN0d0a1FkSG94NEh2M0lqMUEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AKNTCB6R4+DMGFhYeMMUqU/B122R/raAh9hvdmrdJqBe6TsBdi9iSu32d0JS/6Tv
SLGTHIB7Ehjs6PAYFRRSsGBHiO6H0z+vw7QV79hrj/eo1RlSFQViYmxdpbp1s2Pl
17MTQ+Q5tJ8Av2J0fel1X95+JcT5ddn8sg8VK6eCc3CwLv68NQ2krb0Dix0Y0vXf
9zEN0a/tkiqmTEX94o1+Av28k+SFy01S/4JdUzKRAc2VGeeG6+9lbK0hHAjJ2tVU
cLqlAyLsi3W+yS2+3YbJphvxcGN2qNkfI4E9nGsoB/yGxHwbM9NiAI3th8cRS06W
skfU6shW0aaworgGxyB/2d4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org