Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/KTFwQMEgenoiiVvGsn8COAKhZks.roa
File: KTFwQMEgenoiiVvGsn8COAKhZks.roa (raw, json)
Hash identifier: aGBAhgQEbJwk/GYNCQP2UXLRopdfFI43kCwpVxTxZRk=
Subject key identifier: 29:31:70:40:C1:20:7A:7A:22:89:5B:C6:B2:7F:02:38:02:A1:66:4B
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4568
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KTFwQMEgenoiiVvGsn8COAKhZks.roa
Signing time: Mon 28 Mar 2022 00:30:09 +0000
ROA not before: Mon 28 Mar 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17768 (0x4568)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 28 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=29317040C1207A7A22895BC6B27F023802A1664B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:98:9f:87:21:fd:f4:54:66:c3:e7:42:2a:6b:
59:60:f6:0a:ca:d3:5b:9e:2f:f3:48:f9:77:26:80:
20:b1:35:62:99:69:e4:99:21:df:71:7e:d5:53:5e:
30:ea:f6:a4:a4:fd:81:bc:a9:d8:4c:e8:d9:74:70:
99:5d:d4:3c:4e:19:a3:24:ea:a7:d9:dc:74:7e:9c:
e0:56:d2:e1:bc:43:eb:11:10:7d:d1:41:c2:97:f6:
e9:94:b6:6f:6b:50:7d:f9:83:89:d5:5f:e1:5f:42:
8f:c1:db:18:3d:36:de:1c:4f:da:84:b7:fc:1f:b7:
68:a3:d2:ea:72:c9:a7:48:89:30:17:fd:e6:6e:40:
25:76:6d:9f:71:56:cb:b9:cd:80:31:f4:d8:63:7f:
63:37:6b:7d:4b:5f:e7:0b:44:b7:bf:24:1b:06:1f:
78:75:dc:d0:84:82:d6:28:63:6d:45:c7:0d:df:53:
de:4a:0e:7e:f0:a5:f6:26:16:46:92:61:56:ab:44:
ca:e3:07:4b:be:54:ee:4a:c7:08:a4:bf:04:31:a3:
be:6c:36:8e:13:19:4d:93:cc:19:29:aa:1d:89:1c:
fb:37:83:a8:51:4c:b1:12:fd:fa:04:79:4c:69:b2:
ad:58:51:17:93:83:c9:98:c6:2a:b3:c8:26:1e:9a:
16:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:31:70:40:C1:20:7A:7A:22:89:5B:C6:B2:7F:02:38:02:A1:66:4B
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KTFwQMEgenoiiVvGsn8COAKhZks.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:6c:43:7d:f0:50:cf:98:c5:0e:db:72:b6:ed:bc:69:31:37:
57:22:65:9d:7d:62:7b:4b:e1:8e:b6:e9:cd:d1:9a:9c:41:ef:
bd:3a:b4:67:ea:11:a6:95:07:5d:e2:df:1d:47:97:fb:7e:2b:
73:ca:cb:84:b4:e9:68:18:fd:75:40:da:6d:2b:c6:b3:36:81:
59:5d:07:0c:3d:c2:86:8b:73:79:6c:bd:e2:79:4a:87:81:7d:
c2:54:37:fe:d7:f5:c4:ed:ad:b9:a1:2c:22:ed:6a:e5:7c:c5:
99:3f:55:36:52:84:30:15:44:a3:24:35:53:1e:13:c4:76:82:
d1:e5:01:2e:47:7f:eb:6f:7a:95:41:ca:6d:34:e3:14:02:df:
21:7b:95:f4:9d:cb:80:42:ba:73:e9:71:c5:12:f3:5f:1a:0d:
e9:21:fa:8d:cf:a3:2d:0a:cc:f6:9e:20:89:e1:9a:eb:33:78:
dc:5a:db:b8:42:ba:b2:6b:48:c5:8b:2b:1c:56:a7:78:a7:26:
d3:2d:4a:79:8a:1c:b5:3d:c8:25:7a:53:f8:e1:bc:4c:fe:c2:
21:a8:58:e4:8b:ac:a4:8d:27:db:ec:76:73:46:0f:86:e9:1b:
3a:13:81:71:90:11:f5:a4:52:e4:07:ae:cd:33:dd:4d:30:25:
38:cf:15:2a
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRWgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjgw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDI5MzE3MDQwQzEyMDdB
N0EyMjg5NUJDNkIyN0YwMjM4MDJBMTY2NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCimJ+HIf30VGbD50Iqa1lg9grK01ueL/NI+XcmgCCxNWKZaeSZ
Id9xftVTXjDq9qSk/YG8qdhM6Nl0cJld1DxOGaMk6qfZ3HR+nOBW0uG8Q+sREH3R
QcKX9umUtm9rUH35g4nVX+FfQo/B2xg9Nt4cT9qEt/wft2ij0upyyadIiTAX/eZu
QCV2bZ9xVsu5zYAx9Nhjf2M3a31LX+cLRLe/JBsGH3h13NCEgtYoY21Fxw3fU95K
Dn7wpfYmFkaSYVarRMrjB0u+VO5KxwikvwQxo75sNo4TGU2TzBkpqh2JHPs3g6hR
TLES/foEeUxpsq1YUReTg8mYxiqzyCYemhZFAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUKTFwQMEgenoiiVvGsn8COAKhZkswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LVEZ3UU1FZ2Vub2lpVnZHc244Q09BS2haa3Mucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
AKxsQ33wUM+YxQ7bcrbtvGkxN1ciZZ19YntL4Y626c3RmpxB7706tGfqEaaVB13i
3x1Hl/t+K3PKy4S06WgY/XVA2m0rxrM2gVldBww9woaLc3lsveJ5SoeBfcJUN/7X
9cTtrbmhLCLtauV8xZk/VTZShDAVRKMkNVMeE8R2gtHlAS5Hf+tvepVBym004xQC
3yF7lfSdy4BCunPpccUS818aDekh+o3Poy0KzPaeIInhmuszeNxa27hCurJrSMWL
KxxWp3inJtMtSnmKHLU9yCV6U/jhvEz+wiGoWOSLrKSNJ9vsdnNGD4bpGzoTgXGQ
EfWkUuQHrs0z3U0wJTjPFSo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org