Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/KVnimJx1d-PIernZVb_nRGJqH6Q.roa
File: KVnimJx1d-PIernZVb_nRGJqH6Q.roa (raw, json)
Hash identifier: SZSdNUGEoqk1RzNGCc5Kj8F/PaEtrdCqtphKgw2udM8=
Subject key identifier: 29:59:E2:98:9C:75:77:E3:C8:7A:B9:D9:55:BF:E7:44:62:6A:1F:A4
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 493D
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KVnimJx1d-PIernZVb_nRGJqH6Q.roa
Signing time: Fri 03 Jun 2022 00:30:15 +0000
ROA not before: Fri 03 Jun 2022 00:30:15 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18749 (0x493d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 3 00:30:15 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=2959E2989C7577E3C87AB9D955BFE744626A1FA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0f:41:9b:f7:e1:ef:68:7e:25:15:ac:2f:83:
b6:75:ab:f0:3a:20:72:94:ba:73:90:83:24:8a:b3:
e5:20:06:cf:8f:5d:c1:f3:57:0d:64:a9:d5:e3:f2:
38:4c:1c:b4:20:70:9d:4f:c0:fb:3f:b9:ec:c7:67:
54:8d:11:00:33:7f:af:3b:0e:5c:fa:83:6d:74:de:
ad:2c:11:69:ab:d5:be:d7:45:5e:ae:e0:37:29:58:
4b:40:7f:ec:dc:f6:a1:39:f8:88:2d:d8:a2:30:12:
a1:02:95:2c:ab:57:2e:e4:20:a4:bc:be:eb:63:6e:
99:59:5e:02:31:17:81:cf:3c:d1:eb:a2:97:33:92:
f3:c8:b8:b8:35:22:e6:1c:07:8a:f5:5b:a9:0a:02:
1d:51:61:58:96:a5:5f:2d:cc:a6:1d:66:d2:40:72:
2d:21:fa:79:0c:c4:04:73:9c:1c:b0:76:12:40:38:
2f:ed:11:5f:39:dc:33:8f:76:dd:80:ac:27:05:2b:
1c:3b:5f:d7:1a:84:39:14:20:f3:af:83:ac:c1:f9:
b1:75:de:cf:65:f7:c4:05:67:ed:86:80:ba:49:bd:
2c:88:69:79:7d:26:42:62:2b:7c:29:5a:3c:43:cd:
d6:80:52:d8:44:07:21:5e:a3:9f:0f:bc:53:ff:07:
2d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:59:E2:98:9C:75:77:E3:C8:7A:B9:D9:55:BF:E7:44:62:6A:1F:A4
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KVnimJx1d-PIernZVb_nRGJqH6Q.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
01:d8:33:b3:c4:28:24:ef:dd:f0:18:80:84:b7:6b:54:c6:70:
2d:66:cf:4f:7d:06:ad:59:12:dd:90:0e:28:f4:e7:e5:ca:9d:
90:00:f4:78:74:51:dc:4f:93:bf:83:ba:50:b9:1e:30:b8:dd:
bc:7f:81:2b:67:b6:52:70:eb:70:03:4d:eb:f4:35:5a:1f:75:
a5:d0:37:3f:dd:dc:b8:89:d0:d9:2e:0a:1d:01:97:20:c2:8c:
5d:80:41:d2:04:9a:cf:03:cd:b2:83:fb:07:08:fc:50:3d:b2:
d9:a3:eb:32:a5:a0:fa:a2:e5:7d:04:9d:c4:7b:5a:6c:05:68:
73:6e:b7:17:1a:51:0d:18:20:fe:6d:50:18:40:4b:89:78:fe:
79:1c:0e:c1:e5:0c:a3:6e:8b:04:f9:83:7b:8e:af:56:18:86:
e5:4f:a7:fb:20:9a:8e:5a:ea:1f:6a:5e:59:49:a2:00:0e:77:
c3:fc:74:f3:26:06:48:8f:63:a4:42:49:c9:3c:1d:cb:d9:9e:
9b:73:71:6d:09:ff:17:eb:af:b0:a3:49:9e:73:b4:f7:ac:1c:
b1:e6:d2:fe:8b:88:e9:59:ea:07:cf:62:4b:aa:c1:6a:db:ae:
41:d3:33:9d:85:3e:c5:72:7e:67:56:e4:d1:ed:2f:70:08:64:
56:0f:31:94
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICST0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDMw
MDMwMTVaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDI5NTlFMjk4OUM3NTc3
RTNDODdBQjlEOTU1QkZFNzQ0NjI2QTFGQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqD0Gb9+HvaH4lFawvg7Z1q/A6IHKUunOQgySKs+UgBs+PXcHz
Vw1kqdXj8jhMHLQgcJ1PwPs/uezHZ1SNEQAzf687Dlz6g2103q0sEWmr1b7XRV6u
4DcpWEtAf+zc9qE5+Igt2KIwEqEClSyrVy7kIKS8vutjbplZXgIxF4HPPNHropcz
kvPIuLg1IuYcB4r1W6kKAh1RYViWpV8tzKYdZtJAci0h+nkMxARznBywdhJAOC/t
EV853DOPdt2ArCcFKxw7X9cahDkUIPOvg6zB+bF13s9l98QFZ+2GgLpJvSyIaXl9
JkJiK3wpWjxDzdaAUthEByFeo58PvFP/By1xAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUKVnimJx1d+PIernZVb/nRGJqH6QwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LVm5pbUp4MWQtUEllcm5aVmJfblJHSnFINlEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AAHYM7PEKCTv3fAYgIS3a1TGcC1mz099Bq1ZEt2QDij05+XKnZAA9Hh0UdxPk7+D
ulC5HjC43bx/gStntlJw63ADTev0NVofdaXQNz/d3LiJ0NkuCh0BlyDCjF2AQdIE
ms8DzbKD+wcI/FA9stmj6zKloPqi5X0EncR7WmwFaHNutxcaUQ0YIP5tUBhAS4l4
/nkcDsHlDKNuiwT5g3uOr1YYhuVPp/sgmo5a6h9qXllJogAOd8P8dPMmBkiPY6RC
Sck8HcvZnptzcW0J/xfrr7CjSZ5ztPesHLHm0v6LiOlZ6gfPYkuqwWrbrkHTM52F
PsVyfmdW5NHtL3AIZFYPMZQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org