Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/KCxejrmw-mrePz8M5mr3EdmkrmM.roa
File: KCxejrmw-mrePz8M5mr3EdmkrmM.roa (raw, json)
Hash identifier: +zNX2LgsneftbCkOP7UtBOprwrF2qk7d9Yh6P4ZKvmo=
Subject key identifier: 28:2C:5E:8E:B9:B0:FA:6A:DE:3F:3F:0C:E6:6A:F7:11:D9:A4:AE:63
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 427A
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KCxejrmw-mrePz8M5mr3EdmkrmM.roa
Signing time: Wed 02 Feb 2022 00:30:05 +0000
ROA not before: Wed 02 Feb 2022 00:30:05 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17018 (0x427a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 2 00:30:05 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=282C5E8EB9B0FA6ADE3F3F0CE66AF711D9A4AE63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:78:90:9c:24:3d:53:bd:43:29:76:90:10:28:
a4:2e:5c:97:9b:72:93:2d:4e:73:e7:5e:2c:e6:9f:
b0:c1:06:13:e7:07:67:ce:32:13:5d:76:0e:c0:7a:
7c:c2:5f:9c:49:a1:0e:ba:7b:c9:a7:f9:7a:1c:c4:
b9:54:f7:8b:3a:e1:01:a6:b9:36:b6:d1:c5:2e:e4:
4c:79:b1:e1:44:86:3f:63:83:08:37:b3:f3:c6:28:
e7:27:91:e3:80:26:f1:aa:58:c4:13:6e:1d:f7:e5:
7f:98:61:b1:a4:a0:c7:e6:6f:86:84:b5:dd:02:76:
23:99:b3:8c:18:84:1e:5b:f6:7a:86:e0:8a:7c:57:
be:a5:3e:b1:8d:67:38:0e:cc:7d:f7:f4:ad:ee:71:
92:f3:a5:59:06:b9:88:92:81:9d:21:6a:43:8d:36:
98:65:88:ae:5a:02:be:3a:cb:75:a1:63:77:1f:34:
d1:95:7f:eb:62:33:86:9f:92:fd:64:e2:97:57:de:
0a:b3:96:45:b2:43:ba:ac:22:37:54:63:9d:30:7b:
36:4d:33:07:5a:bf:8a:cb:8d:bb:b2:14:1b:b3:8f:
a3:6d:96:3f:c2:8a:eb:65:5d:8c:d1:d7:53:01:dc:
18:11:09:ce:40:82:da:83:a2:1c:20:df:d0:6d:d0:
a1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:2C:5E:8E:B9:B0:FA:6A:DE:3F:3F:0C:E6:6A:F7:11:D9:A4:AE:63
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KCxejrmw-mrePz8M5mr3EdmkrmM.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:b3:a7:72:46:77:5f:f5:08:9c:f2:a2:96:84:da:9f:b4:bf:
70:c4:e1:d9:44:8a:1d:28:05:21:63:b2:8f:cd:00:9c:d1:5c:
c1:df:1c:a9:07:2a:c1:60:ca:e7:11:59:dd:48:2c:56:0d:91:
11:82:15:a8:94:97:f9:4d:cf:6f:c5:85:9a:1e:83:b4:2d:1a:
ec:f3:04:a0:bc:ff:f9:da:99:88:52:2e:78:a9:7f:97:6b:bc:
8c:d7:22:52:f8:89:d7:80:60:e5:c1:d0:28:aa:96:ed:dc:fd:
1a:be:35:78:f8:ad:b7:a6:75:52:10:19:65:bc:1a:97:3a:e6:
07:64:4c:43:33:41:39:71:e0:4e:09:7f:f1:8f:bb:99:4a:82:
8e:23:ad:0e:f2:e4:b4:3f:28:b5:29:6f:85:c8:f5:a8:53:a1:
f4:fd:af:64:d1:93:90:77:e0:21:1a:20:40:7e:20:00:09:00:
b8:55:12:dd:51:16:ca:90:87:9a:54:42:6a:5f:cb:81:d8:5f:
6d:6e:6f:2d:dd:47:06:d5:fd:d2:41:c8:08:52:98:46:c2:a9:
c3:e5:90:ff:8e:ac:1b:5d:77:06:5d:8a:5c:b0:b0:1f:b7:8c:
d6:bb:04:ac:df:25:60:f8:4d:74:79:84:0b:7e:61:5d:54:b6:
0d:ab:c6:e2
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQnowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDIw
MDMwMDVaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDI4MkM1RThFQjlCMEZB
NkFERTNGM0YwQ0U2NkFGNzExRDlBNEFFNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBeJCcJD1TvUMpdpAQKKQuXJebcpMtTnPnXizmn7DBBhPnB2fO
MhNddg7AenzCX5xJoQ66e8mn+XocxLlU94s64QGmuTa20cUu5Ex5seFEhj9jgwg3
s/PGKOcnkeOAJvGqWMQTbh335X+YYbGkoMfmb4aEtd0CdiOZs4wYhB5b9nqG4Ip8
V76lPrGNZzgOzH339K3ucZLzpVkGuYiSgZ0hakONNphliK5aAr46y3WhY3cfNNGV
f+tiM4afkv1k4pdX3gqzlkWyQ7qsIjdUY50wezZNMwdav4rLjbuyFBuzj6Ntlj/C
iutlXYzR11MB3BgRCc5AgtqDohwg39Bt0KGlAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUKCxejrmw+mrePz8M5mr3EdmkrmMwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LQ3hlanJtdy1tcmVQejhNNW1yM0VkbWtybU0ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AGyzp3JGd1/1CJzyopaE2p+0v3DE4dlEih0oBSFjso/NAJzRXMHfHKkHKsFgyucR
Wd1ILFYNkRGCFaiUl/lNz2/FhZoeg7QtGuzzBKC8//namYhSLnipf5drvIzXIlL4
ideAYOXB0Ciqlu3c/Rq+NXj4rbemdVIQGWW8Gpc65gdkTEMzQTlx4E4Jf/GPu5lK
go4jrQ7y5LQ/KLUpb4XI9ahTofT9r2TRk5B34CEaIEB+IAAJALhVEt1RFsqQh5pU
Qmpfy4HYX21uby3dRwbV/dJByAhSmEbCqcPlkP+OrBtddwZdilywsB+3jNa7BKzf
JWD4TXR5hAt+YV1Utg2rxuI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org