Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Kw6yyFtXK4SdYb2szNmCifEBHZQ.roa
File: Kw6yyFtXK4SdYb2szNmCifEBHZQ.roa (raw, json)
Hash identifier: kzAadqsqAaAt35Ul4ELJ3Ufkn6zx0NdzTDC5tJtOyjg=
Subject key identifier: 2B:0E:B2:C8:5B:57:2B:84:9D:61:BD:AC:CC:D9:82:89:F1:01:1D:94
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4446
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Kw6yyFtXK4SdYb2szNmCifEBHZQ.roa
Signing time: Mon 07 Mar 2022 00:30:10 +0000
ROA not before: Mon 07 Mar 2022 00:30:10 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17478 (0x4446)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 7 00:30:10 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=2B0EB2C85B572B849D61BDACCCD98289F1011D94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c5:31:6e:68:cf:22:68:52:2e:12:33:fd:5b:
09:bc:35:e0:1b:dc:85:3e:3a:11:a9:dc:8c:13:02:
25:24:5e:65:38:dc:26:c7:2c:8b:4d:bb:b8:ce:88:
12:13:41:26:81:ec:fc:6d:80:d2:63:51:af:8f:c4:
60:95:19:9f:44:cd:a7:ab:6d:09:d6:19:91:b2:39:
f6:21:a2:17:98:18:30:b1:9e:12:18:f6:3b:f9:65:
af:2c:1a:c7:bd:73:82:80:d2:f6:c3:98:7d:6c:a3:
bd:df:a8:14:62:9c:06:06:88:12:fe:66:53:ce:75:
43:2e:7e:f4:72:3b:95:88:89:61:72:3e:9f:8a:b3:
f5:4e:f1:71:bb:58:b1:fd:e8:f8:20:68:e0:92:d7:
29:46:e6:42:72:69:04:45:9e:a5:17:32:22:9f:b9:
a7:10:a5:65:fd:3d:ca:0e:0a:df:72:2e:11:2d:02:
81:d2:f3:34:4b:94:af:d4:3d:70:cb:2b:23:7e:2c:
2e:7e:29:dd:10:d2:bb:b1:38:81:f3:7c:05:b7:6a:
b5:b8:b1:4d:ea:96:24:2f:e2:b5:69:e5:7c:ce:9c:
b2:ec:dd:fc:52:37:bb:7d:47:45:d1:0a:d3:2a:1b:
af:75:a7:86:7a:f2:3c:86:62:ac:3d:7f:9d:51:37:
30:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0E:B2:C8:5B:57:2B:84:9D:61:BD:AC:CC:D9:82:89:F1:01:1D:94
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Kw6yyFtXK4SdYb2szNmCifEBHZQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
41:5e:ac:02:99:8a:b4:20:5b:ba:b3:af:65:8f:fc:e1:61:44:
af:33:18:e2:61:bc:53:5a:21:9b:df:e5:8d:ad:37:06:11:7d:
fa:b9:14:8d:ab:56:9b:40:3f:49:ba:3a:3a:08:9c:9d:8c:84:
33:e0:a2:41:6a:f0:02:d2:3b:22:29:5a:aa:d3:7c:8c:1d:ff:
4d:5f:93:3a:8e:31:a1:27:e9:02:61:d3:95:dd:47:a9:76:d3:
47:d0:de:24:29:24:06:3f:88:54:5a:69:37:95:41:c4:17:db:
97:3f:54:d1:34:6d:2d:35:cc:50:df:91:5b:8e:c8:23:c1:44:
40:2f:ee:bd:8a:da:aa:42:4e:a0:bc:d8:4a:f9:a2:9f:0b:81:
11:15:78:6b:9b:7a:df:00:f3:68:4f:c6:9a:10:9c:d2:3c:e7:
a3:60:fe:9b:b7:16:36:28:68:8d:8b:2d:99:62:9f:6e:36:f5:
f5:0c:f4:71:e9:12:d3:19:3a:8d:cb:97:f8:2c:37:0e:8b:23:
2f:7d:1e:f4:0c:90:d9:4e:5d:8f:77:61:45:6c:a8:9c:34:60:
f4:64:03:11:c0:29:c3:09:1e:37:6c:ef:e4:72:de:11:fa:0f:
c9:16:af:72:c9:03:6a:2e:93:fc:93:36:f7:bd:d4:81:47:50:
c8:1d:b8:7e
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICREYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDcw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDJCMEVCMkM4NUI1NzJC
ODQ5RDYxQkRBQ0NDRDk4Mjg5RjEwMTFEOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwxTFuaM8iaFIuEjP9Wwm8NeAb3IU+OhGp3IwTAiUkXmU43CbH
LItNu7jOiBITQSaB7PxtgNJjUa+PxGCVGZ9EzaerbQnWGZGyOfYhoheYGDCxnhIY
9jv5Za8sGse9c4KA0vbDmH1so73fqBRinAYGiBL+ZlPOdUMufvRyO5WIiWFyPp+K
s/VO8XG7WLH96PggaOCS1ylG5kJyaQRFnqUXMiKfuacQpWX9PcoOCt9yLhEtAoHS
8zRLlK/UPXDLKyN+LC5+Kd0Q0ruxOIHzfAW3arW4sU3qliQv4rVp5XzOnLLs3fxS
N7t9R0XRCtMqG691p4Z68jyGYqw9f51RNzDNAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUKw6yyFtXK4SdYb2szNmCifEBHZQwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LdzZ5eUZ0WEs0U2RZYjJzek5tQ2lmRUJIWlEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AEFerAKZirQgW7qzr2WP/OFhRK8zGOJhvFNaIZvf5Y2tNwYRffq5FI2rVptAP0m6
OjoInJ2MhDPgokFq8ALSOyIpWqrTfIwd/01fkzqOMaEn6QJh05XdR6l200fQ3iQp
JAY/iFRaaTeVQcQX25c/VNE0bS01zFDfkVuOyCPBREAv7r2K2qpCTqC82Er5op8L
gREVeGubet8A82hPxpoQnNI856Ng/pu3FjYoaI2LLZlin2429fUM9HHpEtMZOo3L
l/gsNw6LIy99HvQMkNlOXY93YUVsqJw0YPRkAxHAKcMJHjds7+Ry3hH6D8kWr3LJ
A2ouk/yTNve91IFHUMgduH4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org