Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/KKYOL7OnrrxvwSN5hQG_2E9GhLU.roa
File: KKYOL7OnrrxvwSN5hQG_2E9GhLU.roa (raw, json)
Hash identifier: x9LXGvzd6AJvuAU3lNhblEhE1XWu72596M6bDSpj858=
Subject key identifier: 28:A6:0E:2F:B3:A7:AE:BC:6F:C1:23:79:85:01:BF:D8:4F:46:84:B5
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 48EF
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KKYOL7OnrrxvwSN5hQG_2E9GhLU.roa
Signing time: Tue 31 May 2022 00:30:09 +0000
ROA not before: Tue 31 May 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18671 (0x48ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 31 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=28A60E2FB3A7AEBC6FC123798501BFD84F4684B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ba:a2:17:da:b9:77:97:54:e3:84:c3:b3:03:
1e:48:bd:43:0e:08:bb:4d:b9:0d:45:2e:63:8a:62:
b5:7b:73:0b:18:60:74:7e:33:6e:56:bc:3d:34:ff:
25:e9:b3:49:00:02:e0:75:3b:d7:2c:51:73:56:bb:
98:a8:07:2f:c8:17:e6:d7:bc:ba:b4:2d:40:12:17:
7a:94:97:c0:34:52:08:dd:a8:fb:33:e8:ed:c2:b5:
8f:fb:ce:51:c6:3b:57:c4:99:70:8d:ac:82:d2:ad:
0c:b2:ec:ea:61:b0:7d:40:b0:92:6e:bc:7e:31:27:
33:1a:02:e6:52:ea:ce:48:c7:dc:27:8e:da:bc:2e:
49:65:79:81:86:d0:f9:3c:64:17:ee:7e:43:69:67:
c3:62:f8:e3:26:14:fd:44:90:0f:b6:d1:af:d2:6d:
de:30:3f:fb:48:16:23:d7:ad:0f:be:1f:53:b4:a4:
08:76:02:b6:26:06:18:e8:e4:42:a0:f3:9e:e4:c3:
b5:53:2d:b6:ad:c4:43:50:80:a4:cd:0b:c6:37:39:
7a:e7:2a:14:8c:46:56:c8:e5:02:53:68:75:43:5e:
94:a7:17:86:43:c0:c7:76:07:77:b8:dd:83:ac:34:
f1:a7:5a:3a:a0:16:0a:85:c5:02:cd:9d:c3:94:3a:
55:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A6:0E:2F:B3:A7:AE:BC:6F:C1:23:79:85:01:BF:D8:4F:46:84:B5
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KKYOL7OnrrxvwSN5hQG_2E9GhLU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.2.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:42:d3:18:92:c1:28:4e:42:42:b2:93:b4:89:e3:f5:27:c0:
d6:f3:a6:c6:79:94:bd:d5:a6:2a:b2:10:31:68:b9:e0:92:9b:
ce:10:ec:bb:bd:75:81:03:d0:88:2c:72:8c:5b:c6:26:ef:26:
9b:26:5c:d7:f2:26:d4:55:33:b1:2e:cc:ca:05:51:08:ad:98:
d8:23:ef:cc:25:c0:4e:d1:c7:76:af:2f:33:45:51:b5:bf:f0:
74:ec:ac:cc:ea:3d:d8:db:f5:b2:27:08:60:9e:ea:4d:3b:74:
05:be:b5:b8:f3:84:77:10:e7:0e:58:21:ee:14:00:6f:c1:45:
cb:99:85:15:bc:7c:1c:dd:a1:28:95:83:14:18:80:b7:46:6b:
f7:b0:aa:13:3c:28:1c:37:70:2b:06:7b:60:dd:39:ae:70:54:
c4:50:89:c2:83:0c:4b:30:6a:a9:99:6c:1b:53:76:08:ec:49:
61:fe:dd:5a:4b:13:a7:96:b5:ef:94:00:91:e0:0f:f8:35:60:
2a:42:bd:b9:c6:7b:bf:f0:9f:57:6a:8d:a1:07:c4:76:a1:30:
17:99:e8:3a:cf:88:77:83:78:23:41:7c:51:f7:97:de:eb:b1:
7e:24:88:be:f0:b0:68:f1:be:83:c8:3c:9a:25:16:08:ee:d5:
a7:6f:4a:a0
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSO8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MzEw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDI4QTYwRTJGQjNBN0FF
QkM2RkMxMjM3OTg1MDFCRkQ4NEY0Njg0QjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiuqIX2rl3l1TjhMOzAx5IvUMOCLtNuQ1FLmOKYrV7cwsYYHR+
M25WvD00/yXps0kAAuB1O9csUXNWu5ioBy/IF+bXvLq0LUASF3qUl8A0UgjdqPsz
6O3CtY/7zlHGO1fEmXCNrILSrQyy7OphsH1AsJJuvH4xJzMaAuZS6s5Ix9wnjtq8
LklleYGG0Pk8ZBfufkNpZ8Ni+OMmFP1EkA+20a/Sbd4wP/tIFiPXrQ++H1O0pAh2
ArYmBhjo5EKg857kw7VTLbatxENQgKTNC8Y3OXrnKhSMRlbI5QJTaHVDXpSnF4ZD
wMd2B3e43YOsNPGnWjqgFgqFxQLNncOUOlXhAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUKKYOL7OnrrxvwSN5hQG/2E9GhLUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LS1lPTDdPbnJyeHZ3U041aFFHXzJFOUdoTFUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAIwDQYJKoZIhvcNAQELBQADggEB
ALBC0xiSwShOQkKyk7SJ4/UnwNbzpsZ5lL3VpiqyEDFoueCSm84Q7Lu9dYED0Igs
coxbxibvJpsmXNfyJtRVM7EuzMoFUQitmNgj78wlwE7Rx3avLzNFUbW/8HTsrMzq
Pdjb9bInCGCe6k07dAW+tbjzhHcQ5w5YIe4UAG/BRcuZhRW8fBzdoSiVgxQYgLdG
a/ewqhM8KBw3cCsGe2DdOa5wVMRQicKDDEswaqmZbBtTdgjsSWH+3VpLE6eWte+U
AJHgD/g1YCpCvbnGe7/wn1dqjaEHxHahMBeZ6DrPiHeDeCNBfFH3l97rsX4kiL7w
sGjxvoPIPJolFgju1advSqA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org