Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/KtYnu4071NocFOeHCcIE2T5U_9o.roa
File: KtYnu4071NocFOeHCcIE2T5U_9o.roa (raw, json)
Hash identifier: Q2Xpx1ygIilLi1gofD00o7bZ07/alqxdmwO5nw25Lm8=
Subject key identifier: 2A:D6:27:BB:8D:3B:D4:DA:1C:14:E7:87:09:C2:04:D9:3E:54:FF:DA
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43A0
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KtYnu4071NocFOeHCcIE2T5U_9o.roa
Signing time: Wed 23 Feb 2022 00:30:08 +0000
ROA not before: Wed 23 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17312 (0x43a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 23 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=2AD627BB8D3BD4DA1C14E78709C204D93E54FFDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2f:19:7c:a6:01:07:4f:82:4e:bd:cd:a2:df:
f0:29:6f:30:58:1d:df:5e:08:6c:d8:4d:29:f7:b3:
26:07:2b:96:5c:7c:6c:44:02:c4:4d:5b:5a:bf:93:
78:76:f2:fd:47:8b:75:a7:e1:c4:42:97:e5:1b:58:
e3:36:40:6f:15:2e:d8:ae:90:42:bf:6c:f2:76:6b:
07:87:9b:97:85:2f:b6:61:3b:9a:87:3b:c8:16:ca:
d0:81:71:5a:26:cd:3c:84:eb:a7:90:b8:e7:f5:d1:
57:a5:d2:7c:20:d9:68:93:65:02:4b:5e:0a:7a:f9:
ab:f8:7c:a3:bc:6c:7c:9b:fc:ae:e2:eb:66:bc:84:
be:66:8b:12:8e:6b:79:8f:80:6f:65:8e:74:57:9a:
5e:fe:6d:12:a0:ca:be:50:4a:90:d9:71:43:f1:de:
90:7b:48:a3:93:bf:f0:cb:3e:ba:c3:74:8c:9c:7a:
6b:40:13:eb:e8:95:57:20:f0:f6:5b:4f:4a:e8:60:
3f:7a:28:f8:e7:69:d4:ff:f2:28:22:f9:ca:d8:31:
6c:67:47:3b:a7:a8:e1:a2:8e:1f:20:3d:ab:10:21:
b6:d4:1b:1b:89:e7:51:cf:35:b5:95:69:eb:c2:d7:
5c:d8:69:30:49:5a:04:35:3e:4d:f5:cc:ba:86:eb:
c0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D6:27:BB:8D:3B:D4:DA:1C:14:E7:87:09:C2:04:D9:3E:54:FF:DA
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KtYnu4071NocFOeHCcIE2T5U_9o.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:e8:98:b1:7e:b9:b5:af:cc:b4:45:28:6a:2d:6e:57:ab:2f:
01:5d:31:d4:2d:c2:b8:1f:1b:3f:8d:ff:c8:70:0d:03:ee:20:
b5:06:6e:8c:6f:01:d0:ba:6c:38:98:db:45:53:79:12:42:e5:
8d:4a:76:0b:ea:c8:bb:7a:fe:3e:2d:99:9d:8b:52:a8:ec:35:
a5:df:d1:8a:48:5f:07:07:63:a3:30:98:01:a5:02:d8:bb:47:
84:2f:b1:43:38:29:7f:3b:f9:40:4c:5b:74:81:1a:eb:ee:91:
5a:18:b4:4d:f0:f0:3b:f0:18:60:0a:2f:b1:62:8c:74:d6:88:
3b:df:cd:b6:80:05:43:d7:94:9e:48:5e:7b:ce:be:e1:5b:f8:
91:fd:f0:37:dd:94:8e:cd:4d:17:e8:bf:ff:54:d1:93:ee:1e:
50:f5:fd:97:6c:46:cb:74:0f:b5:f0:96:cf:fc:92:62:bf:39:
0e:1a:b7:87:7e:40:8d:c4:a3:b0:55:8f:f3:62:14:33:ce:70:
e8:38:f7:78:29:0c:d6:f0:eb:9f:30:35:98:66:c4:bf:53:84:
45:1e:e0:73:7f:1c:35:02:43:10:db:57:35:62:9d:71:4c:c2:
16:34:de:a3:02:97:c0:29:25:11:9f:56:2a:ea:48:b1:d9:41:
80:93:0e:a5
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ6AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjMw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDJBRDYyN0JCOEQzQkQ0
REExQzE0RTc4NzA5QzIwNEQ5M0U1NEZGREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6Lxl8pgEHT4JOvc2i3/ApbzBYHd9eCGzYTSn3syYHK5ZcfGxE
AsRNW1q/k3h28v1Hi3Wn4cRCl+UbWOM2QG8VLtiukEK/bPJ2aweHm5eFL7ZhO5qH
O8gWytCBcVomzTyE66eQuOf10Vel0nwg2WiTZQJLXgp6+av4fKO8bHyb/K7i62a8
hL5mixKOa3mPgG9ljnRXml7+bRKgyr5QSpDZcUPx3pB7SKOTv/DLPrrDdIycemtA
E+volVcg8PZbT0roYD96KPjnadT/8igi+crYMWxnRzunqOGijh8gPasQIbbUGxuJ
51HPNbWVaevC11zYaTBJWgQ1Pk31zLqG68BfAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUKtYnu4071NocFOeHCcIE2T5U/9owHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LdFludTQwNzFOb2NGT2VIQ2NJRTJUNVVfOW8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
AG3omLF+ubWvzLRFKGotblerLwFdMdQtwrgfGz+N/8hwDQPuILUGboxvAdC6bDiY
20VTeRJC5Y1KdgvqyLt6/j4tmZ2LUqjsNaXf0YpIXwcHY6MwmAGlAti7R4QvsUM4
KX87+UBMW3SBGuvukVoYtE3w8DvwGGAKL7FijHTWiDvfzbaABUPXlJ5IXnvOvuFb
+JH98DfdlI7NTRfov/9U0ZPuHlD1/ZdsRst0D7Xwls/8kmK/OQ4at4d+QI3Eo7BV
j/NiFDPOcOg493gpDNbw658wNZhmxL9ThEUe4HN/HDUCQxDbVzVinXFMwhY03qMC
l8ApJRGfVirqSLHZQYCTDqU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org