Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/xPbDhoqsdnyPwjmbbdaoCOIt7pA.roa
File: xPbDhoqsdnyPwjmbbdaoCOIt7pA.roa (raw, json)
Hash identifier: 9nd0WIITwIXFsZ8O78LVm8Chd5g5WNhq757P83NixxE=
Subject key identifier: C4:F6:C3:86:8A:AC:76:7C:8F:C2:39:9B:6D:D6:A8:08:E2:2D:EE:90
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 451A
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/xPbDhoqsdnyPwjmbbdaoCOIt7pA.roa
Signing time: Tue 22 Mar 2022 00:30:08 +0000
ROA not before: Tue 22 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17690 (0x451a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 22 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=C4F6C3868AAC767C8FC2399B6DD6A808E22DEE90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f3:3b:89:3a:a9:8c:2e:ad:19:30:96:00:eb:
2f:8c:2f:b8:22:23:0c:a8:56:4e:a7:0c:ac:c2:20:
dc:f1:f9:2b:08:d4:ca:9e:47:ab:e7:d9:18:43:5f:
e7:de:98:80:9a:1a:85:e7:b9:f8:2b:39:79:49:b3:
7a:a7:ee:54:30:b8:95:ee:85:d5:28:49:c5:eb:bb:
34:fb:b6:8a:db:b7:d2:3c:c2:c1:8b:cb:a5:99:dd:
4b:74:f8:42:e2:7b:eb:f2:c6:e0:28:68:59:a6:d3:
a7:26:05:46:a4:8b:35:4d:dc:52:40:f9:70:13:7c:
90:ac:ac:eb:9c:83:ca:41:a5:d0:d3:17:a5:3e:40:
ec:ce:0d:bf:6f:05:bb:10:99:f9:27:6c:c0:98:0d:
d9:60:fd:23:58:3d:ed:09:52:b6:36:59:5f:86:18:
ff:b7:10:71:67:61:4a:5a:11:2a:82:02:b2:74:9a:
30:06:14:8d:e9:96:d5:8a:56:a5:45:f3:38:40:62:
22:8f:0e:3c:a9:aa:3c:10:87:96:0b:9f:c0:ca:09:
85:81:4f:79:38:69:73:08:1d:8b:16:2e:ba:19:fb:
b2:d1:ff:d2:50:5c:38:45:a5:ea:62:48:5b:33:4f:
f9:e7:83:5e:d0:1b:0f:45:f8:6e:cc:b6:74:ce:fb:
d2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F6:C3:86:8A:AC:76:7C:8F:C2:39:9B:6D:D6:A8:08:E2:2D:EE:90
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/xPbDhoqsdnyPwjmbbdaoCOIt7pA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:c8:de:fb:68:96:85:7a:fc:84:47:67:ca:cc:86:1d:b5:30:
59:0a:2d:eb:5b:8b:39:33:d1:4b:38:b3:77:6d:49:d4:90:6d:
6c:d7:e3:0d:4b:89:d2:20:6b:5f:35:da:74:71:01:8a:15:a1:
e5:67:f7:dd:f8:83:36:15:1a:2c:49:ef:66:ae:3f:8d:ff:84:
49:6d:67:f7:e5:e9:16:ec:83:77:36:01:40:f4:ec:6d:fa:85:
aa:b9:6f:a2:d3:46:55:43:49:cc:be:e5:d1:a6:d7:e9:d4:d0:
a7:af:83:77:cd:42:c7:80:e5:9c:91:b6:59:ff:e4:7a:07:72:
7f:b9:7f:46:1f:53:f7:5c:3f:3e:62:44:96:6d:1a:44:26:ac:
2f:5b:60:ce:32:fe:e4:06:79:85:ba:e7:40:6c:7b:e0:c7:e5:
2a:75:5c:b1:e9:5d:38:ba:3f:01:3d:e8:7f:45:7a:e0:2d:85:
34:10:f7:e8:a2:7a:3b:71:15:c2:79:75:d6:9a:59:0d:44:31:
19:6e:64:71:dd:b9:be:69:75:fa:c7:24:b9:93:fe:73:22:26:
c1:6a:84:ce:10:80:d1:ea:63:a8:98:d9:83:86:d8:6e:4d:f1:
28:08:5b:a7:b5:43:72:39:9e:8a:77:0c:1c:b4:c8:76:35:59:
e7:5d:40:0f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRRowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjIw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEM0RjZDMzg2OEFBQzc2
N0M4RkMyMzk5QjZERDZBODA4RTIyREVFOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT8zuJOqmMLq0ZMJYA6y+ML7giIwyoVk6nDKzCINzx+SsI1Mqe
R6vn2RhDX+femICaGoXnufgrOXlJs3qn7lQwuJXuhdUoScXruzT7torbt9I8wsGL
y6WZ3Ut0+ELie+vyxuAoaFmm06cmBUakizVN3FJA+XATfJCsrOucg8pBpdDTF6U+
QOzODb9vBbsQmfknbMCYDdlg/SNYPe0JUrY2WV+GGP+3EHFnYUpaESqCArJ0mjAG
FI3pltWKVqVF8zhAYiKPDjypqjwQh5YLn8DKCYWBT3k4aXMIHYsWLroZ+7LR/9JQ
XDhFpepiSFszT/nng17QGw9F+G7MtnTO+9I1AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUxPbDhoqsdnyPwjmbbdaoCOIt7pAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS94UGJEaG9xc2RueVB3am1iYmRhb0NPSXQ3cEEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AG/I3vtoloV6/IRHZ8rMhh21MFkKLetbizkz0Us4s3dtSdSQbWzX4w1LidIga181
2nRxAYoVoeVn9934gzYVGixJ72auP43/hEltZ/fl6Rbsg3c2AUD07G36haq5b6LT
RlVDScy+5dGm1+nU0Kevg3fNQseA5ZyRtln/5HoHcn+5f0YfU/dcPz5iRJZtGkQm
rC9bYM4y/uQGeYW650Bse+DH5Sp1XLHpXTi6PwE96H9FeuAthTQQ9+iiejtxFcJ5
ddaaWQ1EMRluZHHdub5pdfrHJLmT/nMiJsFqhM4QgNHqY6iY2YOG2G5N8SgIW6e1
Q3I5nop3DBy0yHY1WeddQA8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org