Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/zKlHhm5unRTpfZpr5bI8EUfr4J0.roa
File: zKlHhm5unRTpfZpr5bI8EUfr4J0.roa (raw, json)
Hash identifier: guvI5r/jVhEkAA1e7Od3SAYEmfxtgtuvjLt8qaPwY4E=
Subject key identifier: CC:A9:47:86:6E:6E:9D:14:E9:7D:9A:6B:E5:B2:3C:11:47:EB:E0:9D
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 42C7
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/zKlHhm5unRTpfZpr5bI8EUfr4J0.roa
Signing time: Mon 07 Feb 2022 00:30:10 +0000
ROA not before: Mon 07 Feb 2022 00:30:10 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17095 (0x42c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 7 00:30:10 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=CCA947866E6E9D14E97D9A6BE5B23C1147EBE09D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:15:47:d4:6b:25:69:7f:8b:9d:94:c4:93:f3:
2b:39:d4:a1:3f:ef:40:6c:bb:7b:55:2c:89:08:b1:
61:03:5e:0c:88:a5:e2:0a:f3:66:96:e5:32:29:bc:
86:7b:2c:ae:72:b7:56:bd:4b:1c:eb:78:09:50:bf:
71:fe:20:5e:c7:a8:9f:b2:6e:19:e5:c1:c9:00:33:
87:2c:aa:88:88:2d:7c:2b:6f:d6:1e:f0:9e:f0:e7:
8e:54:af:d9:9a:e8:34:64:54:f5:c8:64:b1:88:6b:
ad:37:3f:63:9c:98:3a:ea:eb:71:54:13:24:b4:4e:
cd:07:7b:f8:85:85:3f:f2:2d:0e:4c:b5:0c:b4:52:
08:48:63:aa:3d:62:bb:6e:f4:fe:35:02:32:b8:f5:
b1:97:a5:9e:9a:f6:f9:1c:ea:7f:9c:ed:7d:ec:48:
81:bb:36:28:81:d0:bf:d0:08:21:a9:22:c4:5d:21:
98:32:82:b3:25:01:09:43:4a:a8:d1:ae:98:a6:ce:
50:34:39:53:c0:75:77:3c:03:51:d7:74:d2:7b:64:
23:5c:e8:5f:c6:df:95:71:8d:ea:57:bd:ab:25:83:
3b:fa:dc:1f:5f:d6:f1:6e:53:72:79:ab:50:0f:84:
7a:d5:e0:9d:af:5c:12:6a:95:83:78:ac:f7:34:dc:
96:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A9:47:86:6E:6E:9D:14:E9:7D:9A:6B:E5:B2:3C:11:47:EB:E0:9D
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/zKlHhm5unRTpfZpr5bI8EUfr4J0.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:2d:11:72:ab:f0:e8:c2:e7:a4:22:c8:93:30:64:31:78:68:
88:8b:d0:76:b9:d2:49:e8:b8:c4:7c:10:ba:8c:03:e9:33:de:
fa:29:47:f8:61:a1:73:1f:96:cd:b7:c0:03:0c:94:70:72:d3:
55:25:0a:c1:da:d0:8b:9e:32:b7:8e:8c:cd:d1:6d:30:a7:6a:
ba:07:5f:1b:fd:af:43:32:b1:08:f4:b0:f7:0b:69:eb:a1:58:
fa:c0:43:b1:64:ce:bb:2a:d2:c1:19:4e:15:01:9d:98:f6:f1:
74:68:24:68:38:1a:6d:a9:8e:75:01:0a:02:d1:0e:d6:0f:cf:
18:c6:27:f0:6b:9e:ba:de:46:9f:7d:77:6b:58:1f:7e:71:9f:
8b:ba:6a:ae:4a:9d:71:91:a8:99:52:3a:21:71:94:cb:65:cf:
0d:c9:f0:90:4a:05:98:14:4d:1b:18:fa:b7:8c:be:fb:3d:63:
4e:c8:5a:59:97:8a:74:a8:58:f2:8b:de:11:bf:02:67:b2:6f:
40:ae:df:09:a2:6e:2c:c8:f5:73:2a:bb:10:57:3d:92:d4:25:
a2:02:71:cf:aa:4b:68:39:f1:35:e8:15:5d:b2:fa:a3:03:cb:
3f:88:2a:3b:4a:7a:c5:da:0d:6b:60:06:1c:e3:38:63:fa:f0:
99:6e:58:3d
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQscwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDcw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKENDQTk0Nzg2NkU2RTlE
MTRFOTdEOUE2QkU1QjIzQzExNDdFQkUwOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMFUfUayVpf4udlMST8ys51KE/70Bsu3tVLIkIsWEDXgyIpeIK
82aW5TIpvIZ7LK5yt1a9SxzreAlQv3H+IF7HqJ+ybhnlwckAM4csqoiILXwrb9Ye
8J7w545Ur9ma6DRkVPXIZLGIa603P2OcmDrq63FUEyS0Ts0He/iFhT/yLQ5MtQy0
UghIY6o9Yrtu9P41AjK49bGXpZ6a9vkc6n+c7X3sSIG7NiiB0L/QCCGpIsRdIZgy
grMlAQlDSqjRrpimzlA0OVPAdXc8A1HXdNJ7ZCNc6F/G35VxjepXvaslgzv63B9f
1vFuU3J5q1APhHrV4J2vXBJqlYN4rPc03JZbAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUzKlHhm5unRTpfZpr5bI8EUfr4J0wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS96S2xIaG01dW5SVHBmWnByNWJJOEVVZnI0SjAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
ALktEXKr8OjC56QiyJMwZDF4aIiL0Ha50knouMR8ELqMA+kz3vopR/hhoXMfls23
wAMMlHBy01UlCsHa0IueMreOjM3RbTCnaroHXxv9r0MysQj0sPcLaeuhWPrAQ7Fk
zrsq0sEZThUBnZj28XRoJGg4Gm2pjnUBCgLRDtYPzxjGJ/BrnrreRp99d2tYH35x
n4u6aq5KnXGRqJlSOiFxlMtlzw3J8JBKBZgUTRsY+reMvvs9Y07IWlmXinSoWPKL
3hG/Ameyb0Cu3wmibizI9XMquxBXPZLUJaICcc+qS2g58TXoFV2y+qMDyz+IKjtK
esXaDWtgBhzjOGP68JluWD0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org