Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/v40jj3siUqfZE_zFL1hNh1vUkOw.roa
File: v40jj3siUqfZE_zFL1hNh1vUkOw.roa (raw, json)
Hash identifier: +M/wVcHIWom6uvXH5/5pjg/uTA9llzsZTHpFs8rr4Ss=
Subject key identifier: BF:8D:23:8F:7B:22:52:A7:D9:13:FC:C5:2F:58:4D:87:5B:D4:90:EC
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 42D5
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/v40jj3siUqfZE_zFL1hNh1vUkOw.roa
Signing time: Tue 08 Feb 2022 00:30:07 +0000
ROA not before: Tue 08 Feb 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17109 (0x42d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 8 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=BF8D238F7B2252A7D913FCC52F584D875BD490EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:9a:9b:da:30:f5:f5:72:c8:72:6e:f7:b3:e2:
b0:1b:6e:bd:5d:46:70:5e:af:d5:a8:59:f8:59:d9:
18:bc:cf:ea:41:fe:76:20:7a:f4:55:fd:96:41:2f:
e5:93:93:22:1a:dc:f4:10:d7:ad:4c:b3:ce:1b:77:
2f:28:23:80:12:72:a5:be:8d:c5:a2:5e:bb:b4:a1:
8b:3b:8d:db:c9:3d:32:a9:af:a9:12:c8:a3:a9:fe:
c5:8c:98:9a:fb:08:2f:cc:33:ee:f7:a3:41:3a:7b:
bd:51:e8:e8:e3:18:84:03:bd:8b:32:31:50:c5:66:
dd:cf:d4:e8:e9:be:39:f8:de:b2:f9:77:4b:3e:f3:
4b:8a:9e:82:a1:c8:85:9c:a8:4d:71:72:40:d9:4a:
64:6a:cd:e0:ec:4d:8a:fd:46:8e:d8:4a:f7:f6:7c:
c6:09:53:2c:d7:34:83:40:9e:46:f0:fe:63:28:dd:
0a:32:ea:21:e0:c3:2d:94:12:68:a2:8a:53:e3:fb:
c0:2d:58:e9:1d:d4:ee:4c:c0:b9:60:80:da:4e:6d:
d3:4f:f1:84:d5:f0:48:06:b3:09:6b:e2:14:57:1e:
08:76:67:72:c6:75:b5:8a:e2:51:08:e6:d8:79:16:
b9:69:9f:cd:c8:d9:b0:5f:b4:9e:ec:7a:a0:26:5a:
48:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8D:23:8F:7B:22:52:A7:D9:13:FC:C5:2F:58:4D:87:5B:D4:90:EC
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/v40jj3siUqfZE_zFL1hNh1vUkOw.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:05:3a:eb:00:0b:29:43:8d:64:02:bc:69:c6:8a:a2:df:c0:
f1:6d:fe:81:28:26:c8:a4:fa:c8:d4:fc:6e:38:b0:d6:71:66:
72:c6:54:1f:c1:f0:98:00:9d:f8:39:15:71:a6:2b:4b:94:62:
3f:ea:08:25:a8:cb:37:27:0d:3e:df:f5:97:10:d3:76:c2:33:
12:55:aa:33:da:1c:bd:0a:44:75:3a:f3:9e:8f:56:fa:1f:4d:
fc:d5:46:44:93:d0:5a:9f:a8:12:7e:8e:d6:83:58:29:ce:4c:
b1:fe:e0:c5:99:17:10:d6:84:ac:60:56:58:bb:89:b0:4d:d6:
69:68:8c:06:77:13:45:4c:39:24:e3:25:7c:66:36:17:c6:60:
5c:a7:4d:1b:20:42:cf:67:13:45:46:77:1b:2f:eb:fa:61:06:
93:3b:0b:e8:9c:38:77:77:4d:53:b2:6c:92:d7:eb:f7:80:75:
b1:f8:2b:fd:8d:f9:98:49:b0:16:02:77:66:1c:89:4f:95:bd:
a7:27:f4:27:c2:e4:0a:a1:4c:9a:e3:cf:61:e9:ea:ba:29:50:
7c:d5:21:ca:cb:25:b2:9b:d8:d7:84:0d:16:30:bf:12:19:91:
c9:f5:86:6d:5e:0c:7e:6f:22:3b:f8:d2:6a:00:96:d8:e5:68:
58:be:68:15
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQtUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDgw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEJGOEQyMzhGN0IyMjUy
QTdEOTEzRkNDNTJGNTg0RDg3NUJENDkwRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZmpvaMPX1cshybvez4rAbbr1dRnBer9WoWfhZ2Ri8z+pB/nYg
evRV/ZZBL+WTkyIa3PQQ161Ms84bdy8oI4AScqW+jcWiXru0oYs7jdvJPTKpr6kS
yKOp/sWMmJr7CC/MM+73o0E6e71R6OjjGIQDvYsyMVDFZt3P1Ojpvjn43rL5d0s+
80uKnoKhyIWcqE1xckDZSmRqzeDsTYr9Ro7YSvf2fMYJUyzXNINAnkbw/mMo3Qoy
6iHgwy2UEmiiilPj+8AtWOkd1O5MwLlggNpObdNP8YTV8EgGswlr4hRXHgh2Z3LG
dbWK4lEI5th5Frlpn83I2bBftJ7seqAmWki9AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUv40jj3siUqfZE/zFL1hNh1vUkOwwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS92NDBqajNzaVVxZlpFX3pGTDFoTmgxdlVrT3cucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AAoFOusACylDjWQCvGnGiqLfwPFt/oEoJsik+sjU/G44sNZxZnLGVB/B8JgAnfg5
FXGmK0uUYj/qCCWoyzcnDT7f9ZcQ03bCMxJVqjPaHL0KRHU6856PVvofTfzVRkST
0FqfqBJ+jtaDWCnOTLH+4MWZFxDWhKxgVli7ibBN1mlojAZ3E0VMOSTjJXxmNhfG
YFynTRsgQs9nE0VGdxsv6/phBpM7C+icOHd3TVOybJLX6/eAdbH4K/2N+ZhJsBYC
d2YciU+Vvacn9CfC5AqhTJrjz2Hp6ropUHzVIcrLJbKb2NeEDRYwvxIZkcn1hm1e
DH5vIjv40moAltjlaFi+aBU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org