Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Kr5ALKVVJi4SXCrePUhmJoZMwms.roa
File: Kr5ALKVVJi4SXCrePUhmJoZMwms.roa (raw, json)
Hash identifier: xuSj9NEJy0XoLG+Zup/iw4jcVwNezkpCMcqsrHIIqCo=
Subject key identifier: 2A:BE:40:2C:A5:55:26:2E:12:5C:2A:DE:3D:48:66:26:86:4C:C2:6B
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4988
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Kr5ALKVVJi4SXCrePUhmJoZMwms.roa
Signing time: Wed 08 Jun 2022 00:30:06 +0000
ROA not before: Wed 08 Jun 2022 00:30:06 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18824 (0x4988)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 8 00:30:06 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=2ABE402CA555262E125C2ADE3D486626864CC26B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b9:c1:db:5e:5c:eb:1f:b9:6b:74:8d:33:f7:
07:8e:4d:03:61:1d:0e:39:4c:ed:35:15:21:e1:bf:
cd:29:65:66:26:d3:40:1a:cd:dd:46:de:ad:80:2d:
a9:75:e0:f9:88:b4:98:76:f9:38:4a:cd:04:43:73:
b5:50:d3:54:26:3d:d8:ab:46:45:cf:56:79:d7:d0:
15:4d:1a:da:b2:2c:a1:b0:2f:93:48:6c:8e:67:51:
9c:55:05:fc:af:7c:6b:dc:56:24:61:29:16:47:3b:
37:d9:09:c3:b3:0a:cc:37:c0:75:54:0b:a4:93:94:
77:17:13:74:3c:26:38:c3:54:bc:1b:d4:26:85:4a:
fa:62:fc:93:5e:24:a1:ae:39:25:f4:5b:58:42:92:
2a:0a:dc:80:43:8a:6e:89:5b:31:37:37:45:3e:5d:
82:d1:26:8e:0a:ad:c9:d4:63:63:e8:06:c0:7d:c0:
78:46:72:5e:f5:30:d4:62:62:7c:1b:d6:d0:9d:11:
fa:50:f7:69:05:a6:07:52:ea:03:ea:05:06:bf:f5:
b1:87:4b:6c:a4:ab:42:12:3c:dc:36:16:f3:29:9b:
85:c1:90:6d:59:d4:44:aa:a7:79:7a:98:d7:b4:ed:
b6:16:76:14:28:16:2b:8a:fc:62:b9:58:1f:ea:35:
de:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BE:40:2C:A5:55:26:2E:12:5C:2A:DE:3D:48:66:26:86:4C:C2:6B
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Kr5ALKVVJi4SXCrePUhmJoZMwms.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
73:3c:b4:c8:ea:16:94:c6:df:ef:60:1e:54:1d:13:89:16:f4:
6e:07:03:7f:dd:4c:07:74:ed:64:9d:b1:d5:03:12:4f:31:71:
49:ac:28:96:9c:ab:6d:3e:b2:8b:be:e5:88:36:98:f4:82:be:
f1:30:bd:67:66:ee:0a:99:14:ef:59:62:13:f4:5e:40:08:4a:
cb:79:cb:3b:70:76:0c:5d:a7:e7:d0:43:e5:b3:a9:3b:ed:2a:
77:98:24:a8:88:d5:5f:84:45:37:62:22:d2:7d:79:01:f9:ae:
f6:9d:e2:1a:0b:f1:cc:f6:a2:18:d1:bc:61:d0:64:69:0a:fe:
45:31:29:10:ce:1d:b4:59:e9:52:cb:6d:f0:6a:98:84:35:71:
d6:8b:b8:09:da:df:0c:63:56:1e:d4:57:49:f8:89:ab:22:a5:
77:b4:4f:64:d0:14:a0:ec:66:b6:97:79:bb:e5:b7:ed:46:2f:
a6:c5:d7:18:cd:a8:71:ca:2a:9c:ea:c7:62:a0:ee:f7:70:95:
df:29:a4:a5:c8:5e:60:52:a2:b3:e1:45:58:74:b6:f0:44:cd:
db:94:8a:6f:2d:10:a8:42:64:70:e7:3d:27:dd:87:bb:30:3b:
ba:35:58:fc:66:62:6b:11:21:13:55:cc:72:12:23:6b:46:4e:
7c:00:08:08
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSYgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDgw
MDMwMDZaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDJBQkU0MDJDQTU1NTI2
MkUxMjVDMkFERTNENDg2NjI2ODY0Q0MyNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYucHbXlzrH7lrdI0z9weOTQNhHQ45TO01FSHhv80pZWYm00Aa
zd1G3q2ALal14PmItJh2+ThKzQRDc7VQ01QmPdirRkXPVnnX0BVNGtqyLKGwL5NI
bI5nUZxVBfyvfGvcViRhKRZHOzfZCcOzCsw3wHVUC6STlHcXE3Q8JjjDVLwb1CaF
Svpi/JNeJKGuOSX0W1hCkioK3IBDim6JWzE3N0U+XYLRJo4KrcnUY2PoBsB9wHhG
cl71MNRiYnwb1tCdEfpQ92kFpgdS6gPqBQa/9bGHS2ykq0ISPNw2FvMpm4XBkG1Z
1ESqp3l6mNe07bYWdhQoFiuK/GK5WB/qNd4pAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUKr5ALKVVJi4SXCrePUhmJoZMwmswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LcjVBTEtWVkppNFNYQ3JlUFVobUpvWk13bXMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AHM8tMjqFpTG3+9gHlQdE4kW9G4HA3/dTAd07WSdsdUDEk8xcUmsKJacq20+sou+
5Yg2mPSCvvEwvWdm7gqZFO9ZYhP0XkAISst5yztwdgxdp+fQQ+WzqTvtKneYJKiI
1V+ERTdiItJ9eQH5rvad4hoL8cz2ohjRvGHQZGkK/kUxKRDOHbRZ6VLLbfBqmIQ1
cdaLuAna3wxjVh7UV0n4iasipXe0T2TQFKDsZraXebvlt+1GL6bF1xjNqHHKKpzq
x2Kg7vdwld8ppKXIXmBSorPhRVh0tvBEzduUim8tEKhCZHDnPSfdh7swO7o1WPxm
YmsRIRNVzHISI2tGTnwACAg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org