Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/kdFMBPvc0Hgl9kauYDnSKu6WoJY.roa
File: kdFMBPvc0Hgl9kauYDnSKu6WoJY.roa (raw, json)
Hash identifier: o9FmPr5q6Z4b4npThGItAVWfhnP8xBI2GsFENBVaOzM=
Subject key identifier: 91:D1:4C:04:FB:DC:D0:78:25:F6:46:AE:60:39:D2:2A:EE:96:A0:96
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 42AB
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/kdFMBPvc0Hgl9kauYDnSKu6WoJY.roa
Signing time: Sat 05 Feb 2022 00:30:09 +0000
ROA not before: Sat 05 Feb 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17067 (0x42ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 5 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=91D14C04FBDCD07825F646AE6039D22AEE96A096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ec:db:77:40:4b:5f:62:48:45:fa:3e:55:73:
33:83:a1:3a:99:a1:f0:51:d2:1f:a6:5c:ed:31:3e:
83:c1:e5:fc:90:7d:47:15:ee:a9:a5:9d:cb:c1:ab:
85:7b:b7:63:de:ab:b2:eb:5e:57:89:bc:09:1e:54:
f9:fa:09:bf:ad:0d:2f:db:3b:88:d2:c0:d9:aa:fe:
03:ba:af:3b:e6:cf:2a:b7:f2:02:b1:20:a0:92:99:
09:73:e9:09:96:7d:48:3b:1d:0c:a9:2e:9f:d3:d5:
ad:91:ac:c8:93:7c:e5:39:d7:6b:2d:d3:b7:aa:3c:
1b:72:2a:cf:e5:da:2b:5f:75:ef:29:01:8c:a8:4b:
53:ad:11:f8:a5:fc:e9:06:c3:73:0b:bc:40:63:0a:
09:74:d2:e8:b1:84:96:ea:06:be:3b:dc:e2:f5:90:
5e:a7:9a:2e:1b:a6:33:4e:fe:49:96:b6:72:61:63:
7d:10:4c:74:c7:ec:04:1d:2d:66:f7:1e:58:7b:05:
4e:7c:c7:02:b8:25:08:24:ee:68:36:cc:08:ff:5b:
7e:cd:a1:32:c0:3b:5a:17:2a:c4:ff:1b:5a:ae:ac:
c0:2e:9b:96:c5:7d:84:aa:7a:ce:4f:4a:06:66:a4:
a7:5d:c9:d1:cf:21:a0:ef:65:6d:ff:2c:65:aa:27:
87:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D1:4C:04:FB:DC:D0:78:25:F6:46:AE:60:39:D2:2A:EE:96:A0:96
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/kdFMBPvc0Hgl9kauYDnSKu6WoJY.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:d8:2f:dd:be:ce:f9:82:95:1d:91:a7:34:c1:09:80:7b:d0:
3e:2f:0c:8b:c3:5a:3d:52:f5:a4:b7:19:e6:d7:e7:88:ed:8e:
54:01:8c:97:f4:62:d3:d2:2f:6c:67:b0:d1:d3:3b:81:33:ef:
02:c4:f2:f2:f3:c6:8b:16:cc:b5:77:00:4a:7a:00:68:d5:c1:
9e:ba:76:2f:d4:e4:b2:47:b6:3a:f3:74:23:c3:60:88:3d:1c:
f4:79:8e:a4:cc:25:57:ba:3b:16:b1:aa:9a:d1:3f:ff:ad:48:
c2:7c:d0:a0:4a:2a:da:9c:7c:62:f0:e1:81:b8:54:d5:50:bb:
e2:4c:ef:08:20:c4:8e:11:4d:b0:56:39:81:1f:d2:61:a9:ab:
3a:d8:e6:e0:8b:61:6b:34:e5:a6:df:6b:0e:ca:70:84:c6:f4:
d8:f9:ab:be:91:44:dc:c1:a2:21:1d:88:98:25:b7:5d:5a:ed:
da:05:86:30:b6:b5:20:c7:cd:0b:a2:35:71:58:da:a3:c6:c7:
ce:7c:d7:31:6b:ad:86:9d:aa:7d:18:eb:80:db:a6:7f:47:48:
29:79:cf:c0:60:c7:d1:b9:8b:aa:ae:f5:22:a0:14:89:81:64:
f0:6c:06:6b:34:85:dd:08:b6:9a:b4:41:2c:d3:41:9a:21:02:
05:97:3b:49
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQqswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDUw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDkxRDE0QzA0RkJEQ0Qw
NzgyNUY2NDZBRTYwMzlEMjJBRUU5NkEwOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC47Nt3QEtfYkhF+j5VczODoTqZofBR0h+mXO0xPoPB5fyQfUcV
7qmlncvBq4V7t2Peq7LrXleJvAkeVPn6Cb+tDS/bO4jSwNmq/gO6rzvmzyq38gKx
IKCSmQlz6QmWfUg7HQypLp/T1a2RrMiTfOU512st07eqPBtyKs/l2itfde8pAYyo
S1OtEfil/OkGw3MLvEBjCgl00uixhJbqBr473OL1kF6nmi4bpjNO/kmWtnJhY30Q
THTH7AQdLWb3Hlh7BU58xwK4JQgk7mg2zAj/W37NoTLAO1oXKsT/G1qurMAum5bF
fYSqes5PSgZmpKddydHPIaDvZW3/LGWqJ4d7AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUkdFMBPvc0Hgl9kauYDnSKu6WoJYwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9rZEZNQlB2YzBIZ2w5a2F1WURuU0t1NldvSlkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AAvYL92+zvmClR2RpzTBCYB70D4vDIvDWj1S9aS3GebX54jtjlQBjJf0YtPSL2xn
sNHTO4Ez7wLE8vLzxosWzLV3AEp6AGjVwZ66di/U5LJHtjrzdCPDYIg9HPR5jqTM
JVe6OxaxqprRP/+tSMJ80KBKKtqcfGLw4YG4VNVQu+JM7wggxI4RTbBWOYEf0mGp
qzrY5uCLYWs05abfaw7KcITG9Nj5q76RRNzBoiEdiJglt11a7doFhjC2tSDHzQui
NXFY2qPGx8581zFrrYadqn0Y64Dbpn9HSCl5z8Bgx9G5i6qu9SKgFImBZPBsBms0
hd0Itpq0QSzTQZohAgWXO0k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:37 2023 by rpki-client on console-fra.rpki-client.org