Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/t1gmXk2KmPzWII4LA0CFImo_tIo.roa
File: t1gmXk2KmPzWII4LA0CFImo_tIo.roa (raw, json)
Hash identifier: OSU1NNWabxSP/h/eysAg94xvz57U5Ck8f73gIl2i1xA=
Subject key identifier: B7:58:26:5E:4D:8A:98:FC:D6:20:8E:0B:03:40:85:22:6A:3F:B4:8A
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4327
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/t1gmXk2KmPzWII4LA0CFImo_tIo.roa
Signing time: Mon 14 Feb 2022 00:30:08 +0000
ROA not before: Mon 14 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17191 (0x4327)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 14 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=B758265E4D8A98FCD6208E0B034085226A3FB48A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:57:65:8f:db:f6:d6:ee:7c:92:e5:4f:1a:2f:
63:22:ca:c7:aa:e8:ef:f6:71:7c:a4:97:f7:c9:a8:
f0:7c:bf:9a:74:13:db:6f:ab:ee:81:a1:eb:f9:f4:
b7:fd:8f:c6:b7:d3:b4:f6:1e:6e:06:f8:76:73:7e:
d7:48:43:2e:d2:ec:93:83:b6:5c:14:0d:aa:6a:6d:
03:c3:a2:b8:b1:49:54:52:78:fb:80:f9:1c:b6:c6:
72:5c:a8:df:8f:44:7c:16:b8:18:f1:04:6b:05:0a:
1f:17:70:a7:0c:a7:12:7e:cf:13:2e:16:f5:86:ce:
e8:b6:bb:82:69:00:fd:a5:69:46:57:a0:50:5b:55:
87:ad:c5:ac:0f:53:f2:9e:ea:38:03:51:1e:8e:f1:
05:07:b4:a5:c3:e8:20:5f:54:6c:74:c2:68:1f:a1:
44:77:22:00:94:14:fc:4b:7f:be:39:7a:67:ed:89:
f9:79:7b:96:0e:95:92:be:59:65:5f:d2:40:1d:17:
48:ac:5e:4e:79:c2:5d:69:c9:52:9e:4a:28:fd:cf:
03:26:be:02:f1:d8:3f:1e:28:76:57:03:ec:89:9a:
63:c9:eb:18:e2:f9:17:d0:f6:ad:1c:21:c9:40:bf:
dd:04:7c:98:2a:a0:dc:ea:84:99:07:7b:0d:be:8f:
cf:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:58:26:5E:4D:8A:98:FC:D6:20:8E:0B:03:40:85:22:6A:3F:B4:8A
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/t1gmXk2KmPzWII4LA0CFImo_tIo.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:f8:1d:f4:3c:f8:14:7e:aa:63:0f:64:04:b5:07:c9:fb:db:
1e:8e:e6:61:3b:2c:f5:b8:23:8f:ca:89:c9:36:d6:c0:83:79:
f3:cd:6f:ab:47:e3:ea:d4:1f:ad:c5:6f:14:68:43:5b:53:e3:
f4:4f:2b:bc:be:84:20:97:2b:1a:3e:54:4a:b9:9a:62:4a:df:
3a:94:e2:98:90:34:a7:fe:fc:d0:e6:c7:76:57:c0:d0:50:43:
16:13:1a:84:5b:48:27:b7:3f:7e:01:b5:fc:e0:11:a8:bd:4a:
e0:18:37:c8:09:93:4a:e7:b2:41:93:d5:85:70:a0:db:e6:23:
ff:38:12:bb:52:97:db:b6:c4:1a:82:7b:07:d5:9a:bf:00:18:
95:f8:6d:0c:05:bb:12:c9:a6:01:7d:a9:cd:d9:95:80:86:78:
2b:fb:65:28:35:a9:6e:a7:11:02:4a:a0:18:75:c2:e0:ff:a0:
d8:ef:88:58:23:a7:1b:78:0d:76:09:2d:6d:61:ea:07:73:f3:
24:43:57:3f:5d:a6:3d:c0:78:12:de:6d:b8:ee:cb:63:83:aa:
c3:b4:b3:10:4c:06:78:96:6d:f6:bc:5b:07:7e:5e:5e:cb:4a:
92:72:ae:39:70:b2:b7:fd:32:ce:92:51:e3:2f:92:f5:bc:ae:
7e:2a:d1:60
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQycwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTQw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEI3NTgyNjVFNEQ4QTk4
RkNENjIwOEUwQjAzNDA4NTIyNkEzRkI0OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvV2WP2/bW7nyS5U8aL2Miyseq6O/2cXykl/fJqPB8v5p0E9tv
q+6Boev59Lf9j8a307T2Hm4G+HZzftdIQy7S7JODtlwUDapqbQPDorixSVRSePuA
+Ry2xnJcqN+PRHwWuBjxBGsFCh8XcKcMpxJ+zxMuFvWGzui2u4JpAP2laUZXoFBb
VYetxawPU/Ke6jgDUR6O8QUHtKXD6CBfVGx0wmgfoUR3IgCUFPxLf745emftifl5
e5YOlZK+WWVf0kAdF0isXk55wl1pyVKeSij9zwMmvgLx2D8eKHZXA+yJmmPJ6xji
+RfQ9q0cIclAv90EfJgqoNzqhJkHew2+j89nAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUt1gmXk2KmPzWII4LA0CFImo/tIowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS90MWdtWGsyS21QeldJSTRMQTBDRkltb190SW8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AJ/4HfQ8+BR+qmMPZAS1B8n72x6O5mE7LPW4I4/Kick21sCDefPNb6tH4+rUH63F
bxRoQ1tT4/RPK7y+hCCXKxo+VEq5mmJK3zqU4piQNKf+/NDmx3ZXwNBQQxYTGoRb
SCe3P34BtfzgEai9SuAYN8gJk0rnskGT1YVwoNvmI/84ErtSl9u2xBqCewfVmr8A
GJX4bQwFuxLJpgF9qc3ZlYCGeCv7ZSg1qW6nEQJKoBh1wuD/oNjviFgjpxt4DXYJ
LW1h6gdz8yRDVz9dpj3AeBLebbjuy2ODqsO0sxBMBniWbfa8Wwd+Xl7LSpJyrjlw
srf9Ms6SUeMvkvW8rn4q0WA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org