Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/HJ8el6CvdAUyfJpYJP59_IEGcOc.roa
File: HJ8el6CvdAUyfJpYJP59_IEGcOc.roa (raw, json)
Hash identifier: V0MuGpo5CQ5FnkhEkR2BvRnuVprkd5TUwuenhOY9rtY=
Subject key identifier: 1C:9F:1E:97:A0:AF:74:05:32:7C:9A:58:24:FE:7D:FC:81:06:70:E7
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4384
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/HJ8el6CvdAUyfJpYJP59_IEGcOc.roa
Signing time: Mon 21 Feb 2022 00:30:05 +0000
ROA not before: Mon 21 Feb 2022 00:30:05 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17284 (0x4384)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 21 00:30:05 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=1C9F1E97A0AF7405327C9A5824FE7DFC810670E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:35:64:2f:32:c2:d0:d8:85:b3:a3:41:e8:5e:
30:69:b4:2e:d9:a8:8f:5e:54:3f:af:1a:59:c6:9e:
25:10:5c:52:dd:06:82:09:b6:08:88:87:ec:33:20:
e4:f5:6c:a6:93:57:93:a8:37:33:42:08:37:8f:53:
7e:0f:c5:47:f2:a7:03:6b:1e:39:ca:21:f6:da:cc:
2b:70:72:be:61:94:08:fe:8c:d1:06:8b:f2:b5:07:
71:e1:18:2a:22:08:fd:ba:4e:0f:b5:59:e8:9b:d6:
ac:1d:59:10:6f:77:20:20:03:a6:e0:d8:06:b6:a5:
97:b8:f5:92:1d:fa:32:dc:c5:76:76:67:da:51:cc:
b1:43:04:30:89:04:1e:0d:97:aa:6b:76:0d:e0:14:
32:ca:7e:6f:be:e2:ee:07:80:1d:98:9c:d4:f9:8c:
32:21:c0:85:e5:a2:a1:da:22:a0:50:02:f2:ee:e4:
ad:9e:0c:79:a8:eb:64:c4:f3:79:81:49:07:6b:e3:
c7:e1:06:b7:41:21:ef:ff:07:39:be:dd:73:58:04:
20:c4:4c:98:16:a7:93:5a:7c:10:28:b9:15:9a:19:
bb:70:e2:62:6f:f2:b4:35:16:2c:e8:67:dd:c2:72:
0a:0d:9c:d3:1a:68:50:18:79:f1:f7:4b:10:5a:b6:
4b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:9F:1E:97:A0:AF:74:05:32:7C:9A:58:24:FE:7D:FC:81:06:70:E7
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/HJ8el6CvdAUyfJpYJP59_IEGcOc.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
96:03:8b:bb:92:1b:50:ae:d5:e0:6d:ca:b3:52:03:30:44:24:
b2:05:95:d3:34:03:a6:a6:84:d0:3b:4b:21:f5:3d:34:09:27:
78:63:35:16:52:33:aa:fe:ee:33:0b:8d:42:3a:9b:ac:b8:f5:
d3:a4:72:b9:3b:4f:b1:15:26:b6:86:7b:57:47:0e:c6:ca:3b:
e1:f3:ab:6c:c9:0e:39:53:88:9e:47:4e:f7:f5:f8:1a:b8:dc:
a5:02:ef:2c:59:35:94:2b:4c:59:88:c0:3a:d6:cb:84:86:e3:
78:df:da:08:ea:7c:8f:55:20:6d:85:05:c8:1a:43:6f:99:b4:
17:3e:8d:39:5f:89:78:e7:12:81:65:dd:1f:98:ba:f1:84:15:
bb:1a:de:5f:92:bc:d5:cf:14:0a:01:d1:d4:2a:43:72:81:bb:
d5:c8:dd:ed:ed:e3:68:00:8f:05:49:98:51:5c:66:73:d6:c2:
80:03:3e:7a:2e:48:a8:c5:cf:82:d8:2b:2b:a9:3a:1b:00:a9:
86:a9:93:10:8d:7e:27:49:7f:9f:9d:91:12:a2:42:05:86:4a:
c4:c4:33:58:77:8f:e7:93:4a:60:3f:7e:f8:8a:11:1b:79:87:
6f:a6:fe:d4:e3:50:34:6c:3b:69:06:88:a4:b4:83:3a:66:0c:
e6:ff:93:87
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ4QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjEw
MDMwMDVaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDFDOUYxRTk3QTBBRjc0
MDUzMjdDOUE1ODI0RkU3REZDODEwNjcwRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+NWQvMsLQ2IWzo0HoXjBptC7ZqI9eVD+vGlnGniUQXFLdBoIJ
tgiIh+wzIOT1bKaTV5OoNzNCCDePU34PxUfypwNrHjnKIfbazCtwcr5hlAj+jNEG
i/K1B3HhGCoiCP26Tg+1Weib1qwdWRBvdyAgA6bg2Aa2pZe49ZId+jLcxXZ2Z9pR
zLFDBDCJBB4Nl6prdg3gFDLKfm++4u4HgB2YnNT5jDIhwIXloqHaIqBQAvLu5K2e
DHmo62TE83mBSQdr48fhBrdBIe//Bzm+3XNYBCDETJgWp5NafBAouRWaGbtw4mJv
8rQ1FizoZ93CcgoNnNMaaFAYefH3SxBatkt9AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUHJ8el6CvdAUyfJpYJP59/IEGcOcwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ISjhlbDZDdmRBVXlmSnBZSlA1OV9JRUdjT2Mucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
AJYDi7uSG1Cu1eBtyrNSAzBEJLIFldM0A6amhNA7SyH1PTQJJ3hjNRZSM6r+7jML
jUI6m6y49dOkcrk7T7EVJraGe1dHDsbKO+Hzq2zJDjlTiJ5HTvf1+Bq43KUC7yxZ
NZQrTFmIwDrWy4SG43jf2gjqfI9VIG2FBcgaQ2+ZtBc+jTlfiXjnEoFl3R+YuvGE
Fbsa3l+SvNXPFAoB0dQqQ3KBu9XI3e3t42gAjwVJmFFcZnPWwoADPnouSKjFz4LY
KyupOhsAqYapkxCNfidJf5+dkRKiQgWGSsTEM1h3j+eTSmA/fviKERt5h2+m/tTj
UDRsO2kGiKS0gzpmDOb/k4c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org