Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/vk2YWOcqdp4ZzIUH41RkkLYWk8w.roa
File: vk2YWOcqdp4ZzIUH41RkkLYWk8w.roa (raw, json)
Hash identifier: nF1ArRX2GpgebcvZN1/3V2rbxM90qT6RKTMxbSglBS4=
Subject key identifier: BE:4D:98:58:E7:2A:76:9E:19:CC:85:07:E3:54:64:90:B6:16:93:CC
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4933
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/vk2YWOcqdp4ZzIUH41RkkLYWk8w.roa
Signing time: Fri 03 Jun 2022 00:30:10 +0000
ROA not before: Fri 03 Jun 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18739 (0x4933)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 3 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=BE4D9858E72A769E19CC8507E3546490B61693CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ed:a7:cc:5d:00:6e:1f:bb:b8:19:d9:2d:1e:
b6:66:f7:49:fe:a7:79:25:04:18:e6:cf:8f:f2:8c:
ce:83:ec:b6:5c:16:50:33:f6:ae:9b:4e:23:67:4f:
02:9b:fe:0c:c3:4a:0a:f3:04:23:d7:ad:fe:0f:0d:
cf:13:5f:45:3b:cf:3b:d2:9f:b1:7f:f1:26:33:7f:
94:ed:f8:0e:ce:4a:e3:ae:8d:80:29:7c:82:03:79:
b5:60:2a:ca:55:64:f7:b1:8a:c0:b2:32:ec:4f:b7:
6a:16:32:de:50:2f:59:97:ce:88:76:a7:ee:19:20:
97:11:c3:67:8e:d9:81:0d:55:69:1f:eb:9e:1a:f9:
0c:d7:22:4c:8d:e9:3d:c1:90:0a:c2:06:66:2c:70:
83:ab:a1:27:11:51:a7:02:45:c3:c9:8d:d0:a7:d5:
18:13:39:9f:ac:bd:3e:06:6d:fa:39:48:04:e7:24:
8f:9f:86:35:79:e5:c8:30:72:6d:7d:51:11:58:90:
3c:e6:72:50:7e:bd:10:de:7c:ce:35:dd:a4:45:b2:
09:94:56:ce:26:2d:3a:74:6b:b2:33:51:3c:5c:ed:
71:2b:8b:5a:77:ef:68:46:21:2c:40:47:f8:c8:8a:
62:26:8c:1d:15:77:3c:6d:03:6f:88:9e:4b:52:59:
fc:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:4D:98:58:E7:2A:76:9E:19:CC:85:07:E3:54:64:90:B6:16:93:CC
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/vk2YWOcqdp4ZzIUH41RkkLYWk8w.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:9d:ba:59:c2:07:28:87:29:49:68:54:bc:da:db:ed:34:ad:
ca:41:d9:1f:c2:7f:3f:df:39:78:41:af:95:6b:d5:ad:81:fe:
25:3a:45:b8:93:ac:7a:11:33:f5:b3:f2:ea:c0:31:b6:5f:0d:
b3:55:29:a8:19:05:de:32:54:8a:c7:cd:cc:cb:0d:70:84:71:
41:e0:d7:1e:42:1f:f5:e0:a8:1b:c9:cd:44:06:6e:50:3a:67:
58:a9:91:a5:7b:c7:a4:fc:07:f9:96:36:2d:6f:1e:0b:f4:2e:
f1:4a:9f:f3:a6:b5:b1:05:48:6e:d4:70:7e:b2:9e:27:f9:46:
ad:99:af:ea:f4:5b:02:43:54:85:b7:e3:a3:21:bb:17:45:25:
b0:80:30:10:b9:47:9e:ab:26:88:51:d9:12:b7:b8:c1:03:cf:
bc:25:35:8a:1a:f6:b9:56:fc:92:6e:b8:aa:33:a4:63:8a:a4:
f8:a5:32:30:f5:d9:b6:bb:6b:80:58:9a:de:5c:16:dd:d2:ec:
7a:71:f6:8b:e8:02:da:c9:d6:70:37:2e:17:8e:fd:19:13:98:
34:b2:11:46:b0:fc:ac:c2:c4:36:f2:c3:5b:51:90:d4:58:78:
10:d0:16:a1:ed:5d:84:9a:e5:ea:78:28:ea:f6:e7:77:f3:16:
c5:17:cd:42
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSTMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDMw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEJFNEQ5ODU4RTcyQTc2
OUUxOUNDODUwN0UzNTQ2NDkwQjYxNjkzQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCc7afMXQBuH7u4GdktHrZm90n+p3klBBjmz4/yjM6D7LZcFlAz
9q6bTiNnTwKb/gzDSgrzBCPXrf4PDc8TX0U7zzvSn7F/8SYzf5Tt+A7OSuOujYAp
fIIDebVgKspVZPexisCyMuxPt2oWMt5QL1mXzoh2p+4ZIJcRw2eO2YENVWkf654a
+QzXIkyN6T3BkArCBmYscIOroScRUacCRcPJjdCn1RgTOZ+svT4Gbfo5SATnJI+f
hjV55cgwcm19URFYkDzmclB+vRDefM413aRFsgmUVs4mLTp0a7IzUTxc7XEri1p3
72hGISxAR/jIimImjB0VdzxtA2+InktSWfztAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUvk2YWOcqdp4ZzIUH41RkkLYWk8wwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS92azJZV09jcWRwNFp6SVVINDFSa2tMWVdrOHcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
ACqdulnCByiHKUloVLza2+00rcpB2R/Cfz/fOXhBr5Vr1a2B/iU6RbiTrHoRM/Wz
8urAMbZfDbNVKagZBd4yVIrHzczLDXCEcUHg1x5CH/XgqBvJzUQGblA6Z1ipkaV7
x6T8B/mWNi1vHgv0LvFKn/OmtbEFSG7UcH6ynif5Rq2Zr+r0WwJDVIW346MhuxdF
JbCAMBC5R56rJohR2RK3uMEDz7wlNYoa9rlW/JJuuKozpGOKpPilMjD12ba7a4BY
mt5cFt3S7Hpx9ovoAtrJ1nA3LheO/RkTmDSyEUaw/KzCxDbyw1tRkNRYeBDQFqHt
XYSa5ep4KOr253fzFsUXzUI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org