Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/K_L20CtLFwSkabScbwVTZKOECQk.roa
File: K_L20CtLFwSkabScbwVTZKOECQk.roa (raw, json)
Hash identifier: CT5KvW9HMa7UvToO0gTZtU7+CNqCcQXcK4cwIrRa/rQ=
Subject key identifier: 2B:F2:F6:D0:2B:4B:17:04:A4:69:B4:9C:6F:05:53:64:A3:84:09:09
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 435C
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/K_L20CtLFwSkabScbwVTZKOECQk.roa
Signing time: Fri 18 Feb 2022 00:30:08 +0000
ROA not before: Fri 18 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17244 (0x435c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 18 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=2BF2F6D02B4B1704A469B49C6F055364A3840909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:22:b7:74:17:fe:a5:d9:fe:f6:4e:67:97:95:
5b:60:d7:cd:0e:76:04:cd:2e:5a:ea:fd:4b:16:42:
68:ef:e1:69:2f:44:e4:18:11:23:44:a6:ca:77:f7:
30:0c:af:89:70:30:e4:06:14:5b:81:76:d4:88:95:
0b:46:0a:ed:f1:e7:d5:6e:d4:9d:50:c6:78:11:ca:
bd:e1:f3:bb:18:21:1c:75:ae:e5:f7:09:52:2b:04:
4a:b8:ce:74:06:96:38:eb:81:51:2a:3d:bf:c0:b3:
a9:d0:40:13:ed:dc:ac:01:c3:f2:d4:8b:ce:25:d7:
1a:d7:a8:4a:17:41:d6:9e:e1:7d:fc:cd:ca:f1:2f:
78:5f:f1:5a:3e:25:c9:39:6d:e0:04:61:bb:ae:6f:
55:9a:ab:fe:12:bb:8a:23:52:bc:67:dd:5b:87:80:
71:01:0c:26:a8:53:9b:6b:b0:fb:02:64:a0:d8:44:
b3:f8:27:34:24:84:0e:a6:95:ca:cb:ef:56:ec:1c:
69:dc:62:9e:d9:ca:61:9c:e0:c7:e6:f6:f4:5e:f1:
9f:b8:a1:10:d1:dd:d0:e7:be:66:7c:39:ab:d1:bb:
14:05:c7:d4:e5:2a:5d:25:49:a2:cf:e3:77:53:61:
fd:37:72:59:d4:89:dc:f9:ce:85:6b:ba:d8:b1:9d:
20:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F2:F6:D0:2B:4B:17:04:A4:69:B4:9C:6F:05:53:64:A3:84:09:09
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/K_L20CtLFwSkabScbwVTZKOECQk.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:3d:59:00:f4:f4:ee:f3:ce:9d:f7:58:64:20:cb:9d:de:c4:
a6:a1:7e:45:85:ce:32:fa:87:0a:f2:54:7f:cc:98:a1:f3:b8:
28:29:85:bd:eb:f4:4a:30:84:54:71:ea:76:c3:1c:7e:1f:c3:
22:07:e7:44:9e:60:27:b2:43:10:a4:50:b7:3b:98:17:c0:74:
9e:9c:82:9d:d7:81:ee:ff:1a:e6:3c:e1:61:fd:31:e9:01:65:
ca:15:ee:db:98:a6:c7:1a:18:0f:ca:7c:95:bf:cc:ea:d1:ed:
5f:aa:07:27:b8:8c:8a:e7:7a:62:1f:f7:87:c6:5f:ae:d6:93:
7e:d7:73:21:9c:8b:b8:75:53:02:67:52:e5:28:be:ce:3e:9d:
74:a9:e0:46:26:43:2e:87:02:4f:5d:3c:6c:7b:69:21:fe:0a:
31:1c:e6:8d:00:2c:65:b7:26:27:f5:8d:4e:88:86:c3:d4:a7:
fb:d3:6f:32:a6:e8:f7:ee:93:9e:da:13:5f:e6:af:38:73:01:
05:1a:3d:f3:ee:95:29:ed:3d:13:14:84:eb:d2:f3:e9:00:f2:
31:05:48:85:b7:5a:67:ef:76:f3:d3:b7:ec:54:17:16:7e:4f:
ca:a6:cf:35:4a:e5:a4:e6:9b:46:50:d5:c3:45:aa:3c:9c:f0:
cc:d2:64:ce
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ1wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTgw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDJCRjJGNkQwMkI0QjE3
MDRBNDY5QjQ5QzZGMDU1MzY0QTM4NDA5MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQIrd0F/6l2f72TmeXlVtg180OdgTNLlrq/UsWQmjv4WkvROQY
ESNEpsp39zAMr4lwMOQGFFuBdtSIlQtGCu3x59Vu1J1QxngRyr3h87sYIRx1ruX3
CVIrBEq4znQGljjrgVEqPb/As6nQQBPt3KwBw/LUi84l1xrXqEoXQdae4X38zcrx
L3hf8Vo+Jck5beAEYbuub1Waq/4Su4ojUrxn3VuHgHEBDCaoU5trsPsCZKDYRLP4
JzQkhA6mlcrL71bsHGncYp7ZymGc4Mfm9vRe8Z+4oRDR3dDnvmZ8OavRuxQFx9Tl
Kl0lSaLP43dTYf03clnUidz5zoVrutixnSAdAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUK/L20CtLFwSkabScbwVTZKOECQkwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LX0wyMEN0TEZ3U2thYlNjYndWVFpLT0VDUWsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AEw9WQD09O7zzp33WGQgy53exKahfkWFzjL6hwryVH/MmKHzuCgphb3r9EowhFRx
6nbDHH4fwyIH50SeYCeyQxCkULc7mBfAdJ6cgp3Xge7/GuY84WH9MekBZcoV7tuY
pscaGA/KfJW/zOrR7V+qBye4jIrnemIf94fGX67Wk37XcyGci7h1UwJnUuUovs4+
nXSp4EYmQy6HAk9dPGx7aSH+CjEc5o0ALGW3Jif1jU6IhsPUp/vTbzKm6Pfuk57a
E1/mrzhzAQUaPfPulSntPRMUhOvS8+kA8jEFSIW3WmfvdvPTt+xUFxZ+T8qmzzVK
5aTmm0ZQ1cNFqjyc8MzSZM4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org