Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/hdthFBGQl6Tdgvas7szmC1D1dYk.roa
File: hdthFBGQl6Tdgvas7szmC1D1dYk.roa (raw, json)
Hash identifier: Kq/fl4M5aHF/TKmzwXlNEl9am5wsl0CyN7/yG+f5gRk=
Subject key identifier: 85:DB:61:14:11:90:97:A4:DD:82:F6:AC:EE:CC:E6:0B:50:F5:75:89
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4329
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hdthFBGQl6Tdgvas7szmC1D1dYk.roa
Signing time: Mon 14 Feb 2022 00:30:09 +0000
ROA not before: Mon 14 Feb 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17193 (0x4329)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 14 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=85DB6114119097A4DD82F6ACEECCE60B50F57589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8c:08:c4:72:f0:99:17:37:76:66:b2:ad:e8:
58:e5:6b:52:cc:46:d2:af:ea:2b:bd:81:ac:40:b9:
6f:af:0d:0f:59:37:79:37:cb:ab:b8:80:53:4d:54:
ee:ee:76:e6:3b:84:13:ca:e2:09:fe:cd:5a:ac:a7:
5b:f8:50:24:ee:f2:1f:4a:ff:81:d9:76:c0:d6:c3:
d6:05:4d:bb:f3:06:47:8f:64:d4:13:84:c4:05:02:
50:20:62:4d:b1:05:78:e8:5c:8f:14:c8:b4:1d:91:
81:28:13:5c:8d:9b:a0:a0:1d:d5:f6:4a:b0:2c:81:
77:ed:d7:9b:06:7c:4c:09:e8:2a:11:32:fd:3f:89:
8f:fa:d7:45:54:5c:0b:51:35:ba:87:01:89:6c:04:
c8:b9:1b:ce:c3:6a:0a:9e:8c:e4:48:d8:76:92:f3:
47:58:1c:e3:fc:67:b3:05:39:8f:07:f0:54:08:09:
49:6e:cd:df:5f:2a:1f:db:34:e0:ec:3c:14:0d:79:
6e:d4:38:79:6a:3f:8c:a4:46:f6:36:4e:6c:a6:05:
2f:81:27:8e:dc:06:d3:fb:3f:57:a7:40:fd:83:d8:
15:25:15:47:be:8e:d7:b5:c4:ea:e0:db:25:95:d2:
27:6b:9c:e6:0d:d1:9d:21:0a:bf:28:7f:e9:b1:50:
06:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:DB:61:14:11:90:97:A4:DD:82:F6:AC:EE:CC:E6:0B:50:F5:75:89
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hdthFBGQl6Tdgvas7szmC1D1dYk.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:2c:75:e5:f5:d6:14:92:76:55:39:72:9f:bb:1b:41:f1:f0:
40:e3:25:a7:6e:08:9b:73:5e:10:1f:af:fb:65:80:09:63:8f:
70:7b:ec:8c:41:8e:52:a2:f7:96:50:0e:e7:c0:a0:84:09:6c:
34:54:c5:1a:04:b6:43:23:57:c0:1e:37:95:37:ba:6d:44:08:
80:97:b1:50:74:4c:ee:17:b4:e9:89:20:c4:a9:19:6e:e0:0a:
01:03:ce:ac:c1:65:1f:9f:f3:01:99:6e:e0:52:9b:aa:c8:30:
4a:b4:89:19:3d:bb:6a:db:0a:70:74:7a:a9:33:01:1d:1f:54:
4b:fa:b8:47:42:f9:e3:65:36:b4:95:11:32:3b:0e:1e:87:89:
41:18:eb:4d:2f:c1:cb:30:cf:ba:c2:99:1a:01:39:52:93:3b:
15:eb:b8:f4:a7:fc:3a:ee:41:ba:75:7a:38:a5:f6:06:bf:c6:
5b:93:0c:bd:11:70:ad:72:fb:f2:9d:b4:af:e5:e8:bc:9d:53:
bc:37:c1:67:e9:45:9e:77:28:92:ed:e6:28:cb:96:11:4f:af:
25:ee:1f:78:77:9e:f5:27:e7:d7:95:c7:9b:ff:6e:1d:c3:b3:
48:6e:64:cc:92:67:14:2b:b2:0e:2b:04:82:ec:33:3e:19:2d:
29:54:b1:30
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQykwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTQw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDg1REI2MTE0MTE5MDk3
QTRERDgyRjZBQ0VFQ0NFNjBCNTBGNTc1ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtjAjEcvCZFzd2ZrKt6Fjla1LMRtKv6iu9gaxAuW+vDQ9ZN3k3
y6u4gFNNVO7uduY7hBPK4gn+zVqsp1v4UCTu8h9K/4HZdsDWw9YFTbvzBkePZNQT
hMQFAlAgYk2xBXjoXI8UyLQdkYEoE1yNm6CgHdX2SrAsgXft15sGfEwJ6CoRMv0/
iY/610VUXAtRNbqHAYlsBMi5G87DagqejORI2HaS80dYHOP8Z7MFOY8H8FQICUlu
zd9fKh/bNODsPBQNeW7UOHlqP4ykRvY2TmymBS+BJ47cBtP7P1enQP2D2BUlFUe+
jte1xOrg2yWV0idrnOYN0Z0hCr8of+mxUAb7AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUhdthFBGQl6Tdgvas7szmC1D1dYkwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9oZHRoRkJHUWw2VGRndmFzN3N6bUMxRDFkWWsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AJ4sdeX11hSSdlU5cp+7G0Hx8EDjJaduCJtzXhAfr/tlgAljj3B77IxBjlKi95ZQ
DufAoIQJbDRUxRoEtkMjV8AeN5U3um1ECICXsVB0TO4XtOmJIMSpGW7gCgEDzqzB
ZR+f8wGZbuBSm6rIMEq0iRk9u2rbCnB0eqkzAR0fVEv6uEdC+eNlNrSVETI7Dh6H
iUEY600vwcswz7rCmRoBOVKTOxXruPSn/DruQbp1ejil9ga/xluTDL0RcK1y+/Kd
tK/l6LydU7w3wWfpRZ53KJLt5ijLlhFPryXuH3h3nvUn59eVx5v/bh3Ds0huZMyS
ZxQrsg4rBILsMz4ZLSlUsTA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org