Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/KHrpJJSOsvPg-Fpz05EvgNt9Z2g.roa
File: KHrpJJSOsvPg-Fpz05EvgNt9Z2g.roa (raw, json)
Hash identifier: b/Fo+10u2nLfkbcte2fnhZVSjWPxLWLpnzDns1aSy5o=
Subject key identifier: 28:7A:E9:24:94:8E:B2:F3:E0:F8:5A:73:D3:91:2F:80:DB:7D:67:68
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4586
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KHrpJJSOsvPg-Fpz05EvgNt9Z2g.roa
Signing time: Wed 30 Mar 2022 00:30:08 +0000
ROA not before: Wed 30 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17798 (0x4586)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 30 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=287AE924948EB2F3E0F85A73D3912F80DB7D6768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c6:a3:5a:e1:11:22:9c:8b:27:f6:e9:fd:d0:
38:78:9e:62:50:aa:45:46:c0:18:8a:53:1b:25:c1:
f6:59:65:0e:40:49:fc:d1:0e:2c:4b:df:7a:c9:70:
cc:d2:d3:bf:b8:4e:4f:61:70:df:84:ac:85:f2:12:
79:f6:fe:b8:70:e9:08:37:49:ec:2d:18:77:49:fd:
55:ea:f7:f7:cb:ef:61:17:27:73:c8:d1:bf:cd:02:
50:f7:0b:e6:f9:e0:9d:b6:65:c7:c1:a2:af:1a:7d:
76:2b:69:f1:bc:13:2a:22:2d:94:95:e1:09:6d:4d:
a8:04:41:f8:0f:84:d9:0e:95:05:dc:92:c1:be:05:
0e:e4:ea:2b:80:48:33:29:5f:67:9c:59:d0:a1:db:
69:a5:83:7f:bc:ee:4c:53:17:f3:e6:29:78:73:24:
a7:b6:2c:10:6c:9a:16:c2:71:0f:7e:67:43:fd:82:
50:bd:0d:e7:44:8f:a8:46:71:0a:75:9a:02:89:a8:
d2:8e:67:b6:2b:21:dd:b5:56:80:96:d0:f3:46:41:
01:3c:3f:d7:1c:86:16:19:a5:9b:56:ea:98:96:c2:
44:ce:44:d0:19:b3:99:f6:08:5a:3e:5c:ab:11:fe:
7e:1e:ed:35:64:24:d7:49:1a:b6:0d:8f:c1:e9:ce:
e0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:7A:E9:24:94:8E:B2:F3:E0:F8:5A:73:D3:91:2F:80:DB:7D:67:68
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KHrpJJSOsvPg-Fpz05EvgNt9Z2g.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:9b:4e:6c:e1:7b:7e:98:f1:66:de:b4:a8:ca:21:a5:80:9c:
b6:18:72:e1:5b:49:ee:55:86:95:b5:a3:f3:86:2b:06:c2:a5:
0c:db:54:a3:7d:e3:8d:e8:71:05:99:55:a7:34:d0:58:ec:41:
ce:25:56:e0:85:47:e6:7d:53:2a:b5:ed:be:6b:ec:19:9b:fe:
4f:0f:65:92:99:3e:be:03:02:ba:5f:76:ef:af:fe:9b:52:08:
1b:3f:eb:b9:78:81:dc:fc:9f:86:11:19:9f:61:49:64:f4:dc:
25:89:3f:cc:4a:d5:7f:dd:14:4e:66:b4:44:ac:fc:ff:92:5b:
65:ee:6e:8a:8f:6c:97:7c:2f:21:7b:33:a8:88:66:7c:31:b0:
e0:52:38:05:41:a4:ca:ba:4d:42:59:4d:a2:49:00:2a:56:5b:
d3:fc:a6:0d:61:35:63:ad:79:e4:81:b0:7c:4c:c8:03:df:7d:
b7:fd:75:c0:cc:eb:62:50:81:cc:ae:39:25:c5:4a:2c:bb:80:
03:9a:74:cf:0a:80:df:18:77:80:a6:8b:ea:4e:82:10:32:2b:
39:bb:d4:c9:f0:55:ae:b5:c8:af:18:b1:e7:5b:8d:bb:1d:ac:
fa:da:e0:5d:7c:28:3b:88:f7:6b:c0:6e:20:97:14:b7:5e:43:
56:b9:ac:bf
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRYYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMzAw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDI4N0FFOTI0OTQ4RUIy
RjNFMEY4NUE3M0QzOTEyRjgwREI3RDY3NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVxqNa4REinIsn9un90Dh4nmJQqkVGwBiKUxslwfZZZQ5ASfzR
DixL33rJcMzS07+4Tk9hcN+ErIXyEnn2/rhw6Qg3SewtGHdJ/VXq9/fL72EXJ3PI
0b/NAlD3C+b54J22ZcfBoq8afXYrafG8EyoiLZSV4QltTagEQfgPhNkOlQXcksG+
BQ7k6iuASDMpX2ecWdCh22mlg3+87kxTF/PmKXhzJKe2LBBsmhbCcQ9+Z0P9glC9
DedEj6hGcQp1mgKJqNKOZ7YrId21VoCW0PNGQQE8P9cchhYZpZtW6piWwkTORNAZ
s5n2CFo+XKsR/n4e7TVkJNdJGrYNj8HpzuDhAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUKHrpJJSOsvPg+Fpz05EvgNt9Z2gwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LSHJwSkpTT3N2UGctRnB6MDVFdmdOdDlaMmcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
ALCbTmzhe36Y8WbetKjKIaWAnLYYcuFbSe5VhpW1o/OGKwbCpQzbVKN9443ocQWZ
Vac00FjsQc4lVuCFR+Z9Uyq17b5r7Bmb/k8PZZKZPr4DArpfdu+v/ptSCBs/67l4
gdz8n4YRGZ9hSWT03CWJP8xK1X/dFE5mtESs/P+SW2XuboqPbJd8LyF7M6iIZnwx
sOBSOAVBpMq6TUJZTaJJACpWW9P8pg1hNWOteeSBsHxMyAPffbf9dcDM62JQgcyu
OSXFSiy7gAOadM8KgN8Yd4Cmi+pOghAyKzm71MnwVa61yK8YsedbjbsdrPra4F18
KDuI92vAbiCXFLdeQ1a5rL8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org