Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/BWhq98WLBV6L2B9fnUnFVwfJOlE.roa
File: BWhq98WLBV6L2B9fnUnFVwfJOlE.roa (raw, json)
Hash identifier: kFZ6ZYm4dYV8SovA+i4oXvflWovttePxXs1ZET/WIus=
Subject key identifier: 05:68:6A:F7:C5:8B:05:5E:8B:D8:1F:5F:9D:49:C5:57:07:C9:3A:51
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4844
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/BWhq98WLBV6L2B9fnUnFVwfJOlE.roa
Signing time: Thu 19 May 2022 00:30:08 +0000
ROA not before: Thu 19 May 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18500 (0x4844)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 19 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=05686AF7C58B055E8BD81F5F9D49C55707C93A51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a3:dd:fb:4c:1c:57:d5:d5:fa:ae:ef:2a:eb:
95:c7:87:94:2b:ba:c3:be:3a:4d:6b:60:6f:07:ca:
df:0d:ad:d6:04:01:58:e0:22:e2:03:7d:ed:a4:41:
fd:c3:7b:e4:05:cb:59:08:6c:9f:e0:bf:c0:6c:23:
dd:3e:f6:50:6e:7e:68:0d:4a:71:1b:47:b7:9a:a6:
01:a4:76:51:15:57:52:7e:bd:d3:d2:94:f3:42:d4:
f9:c1:21:cf:81:05:c4:41:06:21:40:62:d6:32:fd:
03:1c:56:62:35:8d:0f:ba:81:d2:3d:9e:dc:2b:56:
d6:b7:85:55:6f:32:8a:f0:d5:c5:63:12:e3:60:e6:
82:b6:01:59:6a:fe:11:c4:69:70:e5:cd:69:72:86:
23:c4:6c:10:71:1c:bc:50:b1:ee:e4:59:e7:2b:06:
44:48:48:10:c4:43:8a:61:84:f1:f6:96:99:a7:d7:
44:ec:14:69:7e:6d:2e:44:1b:64:84:f1:72:d1:5a:
57:8a:ef:c6:21:29:26:22:97:c2:e5:5b:f4:e5:3e:
c4:6c:0c:54:73:de:db:8c:6d:0a:67:6f:e5:89:89:
c2:b2:14:8d:7d:0b:ad:22:f5:d9:32:41:80:72:e3:
9d:01:fc:7d:86:63:bf:58:a1:be:8a:6f:4b:5a:b7:
96:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:68:6A:F7:C5:8B:05:5E:8B:D8:1F:5F:9D:49:C5:57:07:C9:3A:51
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/BWhq98WLBV6L2B9fnUnFVwfJOlE.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
93:e4:88:41:52:96:6f:6a:06:03:f6:ec:c4:60:02:0d:86:99:
34:c9:f8:b7:d1:d5:b0:4b:cb:d1:45:0f:84:43:14:20:69:cc:
58:e5:19:85:4f:00:53:6b:21:a4:e8:df:cb:7b:ea:9f:be:4e:
9d:b3:f1:34:a3:3a:79:7a:04:af:89:0c:a9:9d:27:58:00:6f:
3f:13:df:9c:1a:0a:43:de:4b:78:5b:6d:21:83:fc:ee:7f:94:
88:a7:b9:32:51:35:13:9a:8d:d7:57:6f:25:30:b9:8d:8a:8f:
32:f8:c4:b5:ff:77:9e:b8:3b:6a:a6:e8:a7:de:f9:24:82:fd:
ce:d6:d4:1f:5b:48:d9:9c:26:12:74:77:a5:a4:41:66:1e:96:
c8:f6:ff:ad:2e:8c:64:08:38:2b:fc:b3:4a:f7:19:55:ab:bd:
b8:5c:fc:e2:6a:d3:fa:66:6b:bf:ad:b9:91:dc:fb:97:b5:29:
20:fb:39:7b:16:ce:c7:80:cb:0e:ad:7f:a5:9e:75:1b:7e:2f:
0f:1f:85:95:5d:5c:33:51:21:29:c3:d8:52:e5:36:bf:1f:73:
d6:81:5e:96:70:93:30:d0:77:d3:62:23:f4:aa:e9:8b:c6:a4:
9a:08:95:50:f7:35:4b:0d:04:39:a5:06:90:07:9c:72:d4:dd:
09:7a:2a:bf
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSEQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MTkw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDA1Njg2QUY3QzU4QjA1
NUU4QkQ4MUY1RjlENDlDNTU3MDdDOTNBNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwo937TBxX1dX6ru8q65XHh5QrusO+Ok1rYG8Hyt8NrdYEAVjg
IuIDfe2kQf3De+QFy1kIbJ/gv8BsI90+9lBufmgNSnEbR7eapgGkdlEVV1J+vdPS
lPNC1PnBIc+BBcRBBiFAYtYy/QMcVmI1jQ+6gdI9ntwrVta3hVVvMorw1cVjEuNg
5oK2AVlq/hHEaXDlzWlyhiPEbBBxHLxQse7kWecrBkRISBDEQ4phhPH2lpmn10Ts
FGl+bS5EG2SE8XLRWleK78YhKSYil8LlW/TlPsRsDFRz3tuMbQpnb+WJicKyFI19
C60i9dkyQYBy450B/H2GY79Yob6Kb0tat5b1AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUBWhq98WLBV6L2B9fnUnFVwfJOlEwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9CV2hxOThXTEJWNkwyQjlmblVuRlZ3ZkpPbEUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AJPkiEFSlm9qBgP27MRgAg2GmTTJ+LfR1bBLy9FFD4RDFCBpzFjlGYVPAFNrIaTo
38t76p++Tp2z8TSjOnl6BK+JDKmdJ1gAbz8T35waCkPeS3hbbSGD/O5/lIinuTJR
NROajddXbyUwuY2KjzL4xLX/d564O2qm6Kfe+SSC/c7W1B9bSNmcJhJ0d6WkQWYe
lsj2/60ujGQIOCv8s0r3GVWrvbhc/OJq0/pma7+tuZHc+5e1KSD7OXsWzseAyw6t
f6WedRt+Lw8fhZVdXDNRISnD2FLlNr8fc9aBXpZwkzDQd9NiI/Sq6YvGpJoIlVD3
NUsNBDmlBpAHnHLU3Ql6Kr8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org