Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/HftqcXcg_eZzKw5NLxqGPTQgPpI.roa
File: HftqcXcg_eZzKw5NLxqGPTQgPpI.roa (raw, json)
Hash identifier: nAk5NWGXZ7qW1FtIP21vJgPVwslaJm5CtWiCvoZxHqU=
Subject key identifier: 1D:FB:6A:71:77:20:FD:E6:73:2B:0E:4D:2F:1A:86:3D:34:20:3E:92
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 33EA
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/HftqcXcg_eZzKw5NLxqGPTQgPpI.roa
Signing time: Wed 14 Apr 2021 10:34:49 +0000
ROA not before: Wed 14 Apr 2021 10:34:49 +0000
ROA not after: Fri 01 Apr 2022 01:01:03 +0000
asID: 47065
IP address blocks: 147.28.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13290 (0x33ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 14 10:34:49 2021 GMT
Not After : Apr 1 01:01:03 2022 GMT
Subject: CN=1DFB6A717720FDE6732B0E4D2F1A863D34203E92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c3:a9:0a:0a:b9:61:2d:39:d0:0e:af:0e:a8:
96:c0:d4:66:24:d6:13:81:db:a6:f0:40:45:06:77:
eb:3a:80:e3:0e:71:b8:b7:db:aa:73:d6:88:52:9f:
91:60:e3:a0:f8:59:eb:06:6f:dd:31:bc:18:4f:cc:
67:cb:b7:93:6f:a4:2a:6c:48:ef:d9:37:66:75:35:
f1:3a:89:3d:44:7c:40:8f:1e:48:db:92:ae:23:b9:
0a:5c:e1:aa:12:a7:5e:76:60:bb:e7:01:d6:3f:e7:
03:d6:35:02:28:a2:e9:e2:6b:95:29:5f:5c:b1:c0:
de:ac:b0:5a:f5:45:a8:1e:be:80:59:ea:a8:e9:8a:
c2:6e:d0:53:cc:e2:67:c5:ff:c7:f8:dc:f1:c7:9d:
94:84:33:1d:33:55:ac:a8:e2:73:5d:dc:01:4d:d5:
bb:35:86:a7:5d:e6:49:c8:6b:5b:c4:c6:20:cb:37:
ca:29:aa:c4:61:53:4e:05:35:14:66:e3:31:23:20:
3b:51:ab:29:d9:79:27:fc:c4:1f:b8:dd:11:70:5a:
bf:b1:79:60:63:09:c6:28:2f:48:09:1d:c5:1f:b7:
37:e3:16:69:d2:75:c1:ad:f3:4e:85:7c:78:38:32:
29:0d:05:c8:bb:30:1b:73:d6:0a:01:68:d4:ad:0e:
e3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FB:6A:71:77:20:FD:E6:73:2B:0E:4D:2F:1A:86:3D:34:20:3E:92
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/HftqcXcg_eZzKw5NLxqGPTQgPpI.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.4.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:f7:56:48:0c:f8:d0:ce:bf:0f:b3:a8:d8:eb:6d:ad:7a:fd:
5b:50:53:45:85:87:fb:11:4b:1a:17:b3:75:2f:c1:46:40:f1:
e9:56:01:b9:33:36:e5:b6:41:0a:64:2f:ea:78:60:77:73:ec:
16:15:97:4a:a1:3f:7c:a8:db:69:3b:66:c6:d0:da:5b:e7:1b:
c9:c1:d9:a3:b0:6b:f2:d2:33:f8:b0:ee:c2:ed:9f:90:53:f2:
1d:10:76:da:6e:41:d7:d7:90:24:8a:49:3b:c6:d9:cd:7b:ca:
3d:63:11:14:4e:f2:19:f9:9b:ab:6c:43:c7:b9:89:f2:8d:6d:
a8:f2:45:71:e9:ca:07:33:e5:af:52:55:b6:0f:ec:92:71:cb:
ca:6b:16:33:4c:cd:0c:6f:5c:f5:d7:e7:92:08:29:80:c7:bf:
65:a6:38:e0:03:31:bd:e3:c0:4a:39:a9:c9:a1:7c:6d:b6:e8:
2f:21:1e:dc:3e:10:4d:de:8e:2b:bc:e1:81:bd:36:f4:77:e9:
37:09:8b:51:1f:b0:10:a3:7c:00:d1:a5:2b:7b:0b:e1:9f:f9:
15:e1:0e:47:56:37:47:da:75:86:16:2d:62:3d:c6:fe:b3:07:
7a:17:d5:1c:1c:b1:79:d2:53:80:12:bc:eb:a2:19:51:41:17:
11:fb:88:39
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICM+owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMTA0MTQx
MDM0NDlaFw0yMjA0MDEwMTAxMDNaMDMxMTAvBgNVBAMTKDFERkI2QTcxNzcyMEZE
RTY3MzJCMEU0RDJGMUE4NjNEMzQyMDNFOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKw6kKCrlhLTnQDq8OqJbA1GYk1hOB26bwQEUGd+s6gOMOcbi3
26pz1ohSn5Fg46D4WesGb90xvBhPzGfLt5NvpCpsSO/ZN2Z1NfE6iT1EfECPHkjb
kq4juQpc4aoSp152YLvnAdY/5wPWNQIoounia5UpX1yxwN6ssFr1RagevoBZ6qjp
isJu0FPM4mfF/8f43PHHnZSEMx0zVayo4nNd3AFN1bs1hqdd5knIa1vExiDLN8op
qsRhU04FNRRm4zEjIDtRqynZeSf8xB+43RFwWr+xeWBjCcYoL0gJHcUftzfjFmnS
dcGt806FfHg4MikNBci7MBtz1goBaNStDuONAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUHftqcXcg/eZzKw5NLxqGPTQgPpIwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9IZnRxY1hjZ19lWnpLdzVOTHhxR1BUUWdQcEkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAQwDQYJKoZIhvcNAQELBQADggEB
ALH3VkgM+NDOvw+zqNjrba16/VtQU0WFh/sRSxoXs3UvwUZA8elWAbkzNuW2QQpk
L+p4YHdz7BYVl0qhP3yo22k7ZsbQ2lvnG8nB2aOwa/LSM/iw7sLtn5BT8h0Qdtpu
QdfXkCSKSTvG2c17yj1jERRO8hn5m6tsQ8e5ifKNbajyRXHpygcz5a9SVbYP7JJx
y8prFjNMzQxvXPXX55IIKYDHv2WmOOADMb3jwEo5qcmhfG226C8hHtw+EE3ejiu8
4YG9NvR36TcJi1EfsBCjfADRpSt7C+Gf+RXhDkdWN0fadYYWLWI9xv6zB3oX1Rwc
sXnSU4ASvOuiGVFBFxH7iDk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org