Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/FNn1Q2OkHyquS-r8cbpDaWdcc7o.roa
File: FNn1Q2OkHyquS-r8cbpDaWdcc7o.roa (raw, json)
Hash identifier: k+p69ol9npzn6iklJNEaFYaqMH6onzfM+TvSxUQ4idU=
Subject key identifier: 14:D9:F5:43:63:A4:1F:2A:AE:4B:EA:FC:71:BA:43:69:67:5C:73:BA
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4296
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/FNn1Q2OkHyquS-r8cbpDaWdcc7o.roa
Signing time: Fri 04 Feb 2022 00:30:05 +0000
ROA not before: Fri 04 Feb 2022 00:30:05 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17046 (0x4296)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 4 00:30:05 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=14D9F54363A41F2AAE4BEAFC71BA4369675C73BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2a:a3:84:88:df:b3:47:1c:14:a2:5f:c3:8c:
f2:07:ed:27:2b:2d:49:81:17:d1:62:e1:f1:33:3e:
8e:49:e3:10:4d:6a:95:b6:d3:c5:83:e1:c1:c4:5c:
d1:8b:d3:ed:72:c9:61:aa:8a:ce:00:bd:47:73:10:
45:bf:be:89:05:a2:2e:8b:8b:f2:fc:fe:7f:1c:4e:
1a:6a:70:2f:7a:d0:f3:a6:0c:a1:2b:1f:63:45:6a:
f6:36:64:b6:4b:2b:f0:cf:14:f5:7f:c8:4b:f1:d0:
f7:2e:32:25:e6:69:a5:8d:83:84:20:80:91:5e:fa:
dc:a6:52:04:37:ad:0d:a7:34:fd:f9:f5:b5:92:24:
eb:c0:2d:93:2c:2a:80:cb:7d:f7:16:65:e4:e4:be:
08:c5:2f:a3:25:27:c2:7a:e2:fc:8f:ea:c0:de:6f:
c2:72:0d:ac:d8:ef:a0:94:7e:25:a9:53:71:ae:52:
81:66:bf:b6:04:b6:7f:e7:81:d8:41:22:4b:17:1f:
50:94:1a:d7:db:16:db:7d:a7:aa:0d:af:0f:cd:12:
53:04:bc:e4:61:12:fa:bf:68:10:19:3e:6a:17:1d:
bc:a1:da:57:9f:b7:18:85:a0:03:4b:51:75:0a:fc:
38:3f:90:d9:62:b2:35:71:6a:6e:2e:da:6b:94:dc:
d2:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D9:F5:43:63:A4:1F:2A:AE:4B:EA:FC:71:BA:43:69:67:5C:73:BA
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/FNn1Q2OkHyquS-r8cbpDaWdcc7o.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
80:7c:a0:39:7b:cc:be:ec:55:b4:2b:9d:5d:48:24:1f:e5:a4:
90:41:b4:6a:ed:08:37:22:07:52:0d:22:9f:21:84:29:04:59:
28:fa:af:3b:4d:ce:0c:d7:d0:28:4b:67:8c:61:a0:db:b5:02:
3a:5d:5e:e1:8c:e3:a3:41:8b:7d:fa:97:80:ee:46:05:93:9c:
61:b3:93:93:19:df:24:b0:1f:88:0f:41:06:ba:15:a1:c1:d5:
33:30:03:b4:3f:f2:46:8c:d9:2b:2f:e3:00:d8:e1:d8:b7:c1:
b1:3b:17:65:4b:f8:5e:42:c5:99:69:2a:57:c7:52:b6:8c:95:
53:c7:72:9a:b9:2e:f2:39:5d:94:14:13:9b:12:db:2e:57:d9:
11:76:2f:89:53:3e:82:eb:2d:4a:cb:98:98:b6:8f:f2:10:d8:
c7:91:ed:ce:5e:16:cb:de:4d:38:64:74:99:2a:c3:f5:0f:b1:
25:25:ce:99:2e:14:dc:5b:1b:d3:b6:b1:81:e0:06:0c:b6:25:
7d:21:63:0a:ed:b5:7d:cc:db:7d:54:92:10:de:5a:7c:5d:10:
5a:88:e7:f7:05:f3:1e:91:cb:10:1a:99:d4:73:62:be:43:38:
94:62:4c:d5:5f:74:84:a0:b7:a2:36:de:27:81:2f:ef:f3:5f:
26:38:79:e2
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQpYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDQw
MDMwMDVaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDE0RDlGNTQzNjNBNDFG
MkFBRTRCRUFGQzcxQkE0MzY5Njc1QzczQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLKqOEiN+zRxwUol/DjPIH7ScrLUmBF9Fi4fEzPo5J4xBNapW2
08WD4cHEXNGL0+1yyWGqis4AvUdzEEW/vokFoi6Li/L8/n8cThpqcC960POmDKEr
H2NFavY2ZLZLK/DPFPV/yEvx0PcuMiXmaaWNg4QggJFe+tymUgQ3rQ2nNP359bWS
JOvALZMsKoDLffcWZeTkvgjFL6MlJ8J64vyP6sDeb8JyDazY76CUfiWpU3GuUoFm
v7YEtn/ngdhBIksXH1CUGtfbFtt9p6oNrw/NElMEvORhEvq/aBAZPmoXHbyh2lef
txiFoANLUXUK/Dg/kNlisjVxam4u2muU3NLJAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUFNn1Q2OkHyquS+r8cbpDaWdcc7owHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9GTm4xUTJPa0h5cXVTLXI4Y2JwRGFXZGNjN28ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AIB8oDl7zL7sVbQrnV1IJB/lpJBBtGrtCDciB1INIp8hhCkEWSj6rztNzgzX0ChL
Z4xhoNu1AjpdXuGM46NBi336l4DuRgWTnGGzk5MZ3ySwH4gPQQa6FaHB1TMwA7Q/
8kaM2Ssv4wDY4di3wbE7F2VL+F5CxZlpKlfHUraMlVPHcpq5LvI5XZQUE5sS2y5X
2RF2L4lTPoLrLUrLmJi2j/IQ2MeR7c5eFsveTThkdJkqw/UPsSUlzpkuFNxbG9O2
sYHgBgy2JX0hYwrttX3M231UkhDeWnxdEFqI5/cF8x6RyxAamdRzYr5DOJRiTNVf
dISgt6I23ieBL+/zXyY4eeI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org