Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/vFJD7ntF9DuqdSOIbrSYz9T2jrw.roa
File: vFJD7ntF9DuqdSOIbrSYz9T2jrw.roa (raw, json)
Hash identifier: 6Lt2wN1ZK7nPcm5mNd++t6gNSj/rvf3k/TyYZfOQwjo=
Subject key identifier: BC:52:43:EE:7B:45:F4:3B:AA:75:23:88:6E:B4:98:CF:D4:F6:8E:BC
Certificate issuer: /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial: D625
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/vFJD7ntF9DuqdSOIbrSYz9T2jrw.roa
Signing time: Fri 17 Jun 2022 00:05:09 +0000
ROA not before: Fri 17 Jun 2022 00:05:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3130
IP address blocks: 147.28.0.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54821 (0xd625)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Validity
Not Before: Jun 17 00:05:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=BC5243EE7B45F43BAA7523886EB498CFD4F68EBC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:30:68:ee:f0:f6:8f:92:67:c0:9f:e8:7e:d0:
03:b0:52:1f:83:5a:c5:24:ee:a8:29:d0:24:1f:4b:
63:7d:9a:5c:00:a2:20:45:e9:f5:9d:b3:3a:1d:be:
33:17:e0:cb:0d:bd:c7:13:ba:35:db:8e:32:b9:75:
55:c7:e7:68:43:e5:1c:15:84:c5:b4:d2:e6:a5:bb:
d7:17:a6:e6:33:0e:d7:0c:01:ae:cc:5b:d9:c7:60:
fc:fb:75:7a:8d:40:4d:43:ae:76:f3:cd:aa:8a:a3:
c5:83:8c:19:86:5c:fb:17:e8:b3:f7:37:c1:12:34:
f5:43:28:89:c7:ed:48:87:99:66:7d:99:52:da:66:
4c:d9:ae:a2:23:45:e5:35:41:ec:70:0f:66:17:8f:
d1:61:9e:7b:3a:53:39:74:36:28:0f:85:a8:ac:26:
30:1c:37:d8:e1:30:00:de:b7:e9:65:df:ae:42:91:
39:13:4c:70:a7:82:f6:e6:7e:17:fc:f4:38:1b:d8:
b2:51:7d:2a:f3:b1:4f:8a:f1:ed:ee:70:2f:95:84:
30:ac:a0:c5:a6:92:17:f8:41:ba:0f:3b:7d:d5:bf:
4e:3b:64:a6:09:f7:b9:08:38:85:ce:c1:64:ef:47:
0a:54:73:dc:51:e8:03:6c:3c:e9:eb:b0:c1:eb:38:
80:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:52:43:EE:7B:45:F4:3B:AA:75:23:88:6E:B4:98:CF:D4:F6:8E:BC
X509v3 Authority Key Identifier:
keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/vFJD7ntF9DuqdSOIbrSYz9T2jrw.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.0.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:16:d8:5f:3b:53:43:ec:a6:16:6c:b6:0c:b2:d9:70:b6:ed:
f2:22:72:74:b4:5b:a3:f3:9e:92:60:f0:df:f4:19:4f:9f:23:
e1:b7:f4:70:1b:c3:27:cd:8f:ae:60:e0:2e:77:24:a5:f0:ed:
81:7d:fb:0a:5e:31:ef:40:71:a6:ed:60:db:c8:03:80:c5:24:
4f:7d:d6:6e:cc:d7:80:71:83:c1:7e:47:37:e6:a8:12:19:bf:
87:fb:85:6c:6a:5e:60:8d:26:3a:fc:3d:7c:6d:fc:97:3c:df:
4e:0b:98:3b:dd:51:25:7b:c5:b7:fb:51:82:ab:b4:f7:65:c5:
a2:10:2e:93:27:01:d1:bb:9a:8b:e3:d9:e8:40:a3:6f:26:a4:
78:1d:f7:23:01:be:27:d6:ef:64:fc:5d:82:dc:97:21:35:d8:
9c:15:56:c7:26:94:9e:99:0a:8b:ff:8f:4d:3b:0c:99:02:0e:
bc:2d:b8:cb:83:3c:44:14:55:5b:20:e6:16:67:1d:c4:23:a5:
cb:20:b8:20:91:52:6f:2d:2d:fb:0f:eb:40:62:75:9d:a0:64:
63:82:fc:ed:a3:e6:58:78:44:ed:8c:71:69:ef:60:26:0a:a1:
c7:57:a2:25:9b:6f:60:3e:4e:21:04:7b:bf:ba:a4:44:cf:18:
41:fd:d0:83
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDANYlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjIwNjE3
MDAwNTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhCQzUyNDNFRTdCNDVG
NDNCQUE3NTIzODg2RUI0OThDRkQ0RjY4RUJDMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxjBo7vD2j5JnwJ/oftADsFIfg1rFJO6oKdAkH0tjfZpcAKIg
Ren1nbM6Hb4zF+DLDb3HE7o1244yuXVVx+doQ+UcFYTFtNLmpbvXF6bmMw7XDAGu
zFvZx2D8+3V6jUBNQ652882qiqPFg4wZhlz7F+iz9zfBEjT1QyiJx+1Ih5lmfZlS
2mZM2a6iI0XlNUHscA9mF4/RYZ57OlM5dDYoD4WorCYwHDfY4TAA3rfpZd+uQpE5
E0xwp4L25n4X/PQ4G9iyUX0q87FPivHt7nAvlYQwrKDFppIX+EG6Dzt91b9OO2Sm
Cfe5CDiFzsFk70cKVHPcUegDbDzp67DB6ziA6QIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFLxSQ+57RfQ7qnUjiG60mM/U9o68MB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VL3ZGSkQ3bnRGOUR1cWRTT0liclNZejlUMmpydy5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAZMcADANBgkqhkiG9w0BAQsFAAOCAQEAbRbY
XztTQ+ymFmy2DLLZcLbt8iJydLRbo/OekmDw3/QZT58j4bf0cBvDJ82PrmDgLnck
pfDtgX37Cl4x70Bxpu1g28gDgMUkT33WbszXgHGDwX5HN+aoEhm/h/uFbGpeYI0m
Ovw9fG38lzzfTguYO91RJXvFt/tRgqu092XFohAukycB0buai+PZ6ECjbyakeB33
IwG+J9bvZPxdgtyXITXYnBVWxyaUnpkKi/+PTTsMmQIOvC24y4M8RBRVWyDmFmcd
xCOlyyC4IJFSby0t+w/rQGJ1naBkY4L87aPmWHhE7Yxxae9gJgqhx1eiJZtvYD5O
IQR7v7qkRM8YQf3Qgw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org