Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Fpg6l2KPL7XmJDRfKYqb0V7vrZo.roa
File: Fpg6l2KPL7XmJDRfKYqb0V7vrZo.roa (raw, json)
Hash identifier: JJ5FQJ/Ikj6rc2q1ttGPPmIxxxQiKgHWVpUZDnWsVuk=
Subject key identifier: 16:98:3A:97:62:8F:2F:B5:E6:24:34:5F:29:8A:9B:D1:5E:EF:AD:9A
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 448A
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Fpg6l2KPL7XmJDRfKYqb0V7vrZo.roa
Signing time: Sat 12 Mar 2022 00:30:08 +0000
ROA not before: Sat 12 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17546 (0x448a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 12 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=16983A97628F2FB5E624345F298A9BD15EEFAD9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d7:4a:d5:c1:7b:d2:2e:4b:3c:bf:fa:8d:3a:
b8:2a:6a:4b:32:ea:aa:b1:2b:c4:e1:2f:6a:ab:b9:
06:a4:32:81:87:e9:0e:9c:d6:a1:fc:b8:bf:d8:7f:
16:fb:19:74:2b:43:9f:45:e5:72:c5:59:c6:5c:29:
f2:bf:54:21:26:58:26:5f:ed:d4:f5:ce:cf:e7:a7:
fc:10:60:64:97:f5:a9:bb:6f:9b:a0:f5:69:fc:60:
1f:50:c1:64:af:96:b1:85:4a:b0:c1:45:83:c7:f0:
f1:2e:d4:6e:7b:b9:9e:ab:80:9d:05:39:7d:6b:a2:
94:19:09:94:2f:e7:95:8f:8e:32:89:f9:1f:9b:9a:
1c:7d:82:22:78:e2:ba:9e:69:be:3e:0d:c2:2f:9d:
37:de:dc:56:e5:86:c3:dd:3e:89:84:73:02:f3:65:
71:4c:fe:cb:53:72:aa:6c:f3:11:c4:48:ab:7e:94:
61:69:f7:f0:43:8f:fa:f4:86:fc:29:30:2b:13:c0:
88:eb:d0:51:0c:75:11:01:d5:70:d9:aa:f3:59:2e:
86:b4:25:2b:71:96:cf:d0:e9:9a:34:99:8e:43:e9:
a4:5a:10:8b:c4:c2:62:e9:87:b6:1a:13:b5:86:c3:
a6:c5:52:54:e5:2b:6a:f2:0b:ce:e6:05:8b:42:61:
be:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:98:3A:97:62:8F:2F:B5:E6:24:34:5F:29:8A:9B:D1:5E:EF:AD:9A
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Fpg6l2KPL7XmJDRfKYqb0V7vrZo.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:bb:b9:1f:fd:c4:1a:d5:b9:7d:02:a6:47:17:1b:d7:5d:71:
bc:9b:93:25:45:7b:85:af:a7:ee:6c:3a:ec:43:0a:39:3a:0b:
1d:76:01:61:15:60:d0:49:c3:27:5a:d6:09:5d:d1:f0:14:73:
ea:a8:b5:26:7a:92:47:75:13:e4:c9:3d:6b:42:7b:ee:12:cb:
8f:3e:a6:7a:b2:22:27:40:86:75:86:33:68:90:ee:56:46:59:
8c:98:de:ea:95:6e:2e:52:76:7a:85:6c:75:42:72:d2:94:f4:
69:6d:b1:bc:0a:c6:e3:46:73:ef:32:e6:74:b0:2f:34:0e:8f:
6e:30:1d:29:17:a1:97:1b:3d:19:85:a0:a5:1e:bd:3e:4e:ef:
0c:81:1d:3c:5b:33:c3:73:9b:ba:bc:cf:19:50:1e:9d:10:61:
b7:3a:59:30:f4:1e:92:de:aa:bf:59:9b:5a:22:ff:36:54:b5:
60:fe:95:84:81:63:60:7f:4d:77:23:42:a1:67:b6:8a:47:12:
9d:44:dd:dc:c4:e1:5a:28:dc:31:2c:b2:00:96:41:c0:d9:db:
e9:d1:f6:17:b2:52:83:83:06:fd:2d:bf:ea:46:59:33:99:84:
11:d0:e9:f1:e0:c8:bb:3a:59:7e:23:1b:83:3e:2b:51:e0:8f:
b5:8d:0a:29
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRIowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTIw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDE2OTgzQTk3NjI4RjJG
QjVFNjI0MzQ1RjI5OEE5QkQxNUVFRkFEOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDR10rVwXvSLks8v/qNOrgqaksy6qqxK8ThL2qruQakMoGH6Q6c
1qH8uL/Yfxb7GXQrQ59F5XLFWcZcKfK/VCEmWCZf7dT1zs/np/wQYGSX9am7b5ug
9Wn8YB9QwWSvlrGFSrDBRYPH8PEu1G57uZ6rgJ0FOX1ropQZCZQv55WPjjKJ+R+b
mhx9giJ44rqeab4+DcIvnTfe3FblhsPdPomEcwLzZXFM/stTcqps8xHESKt+lGFp
9/BDj/r0hvwpMCsTwIjr0FEMdREB1XDZqvNZLoa0JStxls/Q6Zo0mY5D6aRaEIvE
wmLph7YaE7WGw6bFUlTlK2ryC87mBYtCYb7ZAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUFpg6l2KPL7XmJDRfKYqb0V7vrZowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9GcGc2bDJLUEw3WG1KRFJmS1lxYjBWN3ZyWm8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AGu7uR/9xBrVuX0CpkcXG9ddcbybkyVFe4Wvp+5sOuxDCjk6Cx12AWEVYNBJwyda
1gld0fAUc+qotSZ6kkd1E+TJPWtCe+4Sy48+pnqyIidAhnWGM2iQ7lZGWYyY3uqV
bi5SdnqFbHVCctKU9GltsbwKxuNGc+8y5nSwLzQOj24wHSkXoZcbPRmFoKUevT5O
7wyBHTxbM8Nzm7q8zxlQHp0QYbc6WTD0HpLeqr9Zm1oi/zZUtWD+lYSBY2B/TXcj
QqFntopHEp1E3dzE4Voo3DEssgCWQcDZ2+nR9heyUoODBv0tv+pGWTOZhBHQ6fHg
yLs6WX4jG4M+K1Hgj7WNCik=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org