Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/L9kmCH0v-Fh9OMxHCEQNSGysVoA.roa
File: L9kmCH0v-Fh9OMxHCEQNSGysVoA.roa (raw, json)
Hash identifier: NK30ajEHGPBE8zD94Pr1BhdTZ75yIIuz6hVPSctCp7I=
Subject key identifier: 2F:D9:26:08:7D:2F:F8:58:7D:38:CC:47:08:44:0D:48:6C:AC:56:80
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4530
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/L9kmCH0v-Fh9OMxHCEQNSGysVoA.roa
Signing time: Thu 24 Mar 2022 00:30:05 +0000
ROA not before: Thu 24 Mar 2022 00:30:05 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17712 (0x4530)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 24 00:30:05 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=2FD926087D2FF8587D38CC4708440D486CAC5680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ef:e2:11:af:00:52:2e:86:59:b7:ef:da:8c:
6a:e2:c5:b1:e1:ca:be:f3:c0:64:f2:25:e5:98:b2:
cd:77:78:49:6d:a2:d6:63:ce:a5:41:63:be:06:42:
8d:7f:f7:1e:67:9e:9e:fd:1c:e7:8b:39:e3:22:ac:
1d:99:90:a0:c1:f2:54:bd:59:10:9c:47:7f:e4:ee:
8e:36:39:5a:a0:99:05:d1:5b:54:11:bd:f4:d5:eb:
ff:ce:d8:13:a6:3b:82:ab:1b:30:c6:e7:ea:f7:ca:
15:c8:26:6c:69:26:92:bd:3e:fe:5c:2e:4e:36:ae:
f9:44:88:b5:62:99:5d:86:8c:04:55:72:b7:46:3c:
e2:ab:73:6c:ea:88:49:ac:4a:d1:40:92:8e:58:f2:
1e:27:31:41:ad:6d:4e:c7:33:f5:d7:f9:44:5a:8f:
96:bd:15:9b:58:95:62:ca:da:94:1e:d1:82:9b:67:
90:b2:db:d2:40:b6:cb:20:c6:dd:41:f6:a9:19:f0:
40:61:db:98:3f:06:99:41:3c:3a:52:e5:0b:ab:63:
81:8f:9d:02:73:c7:e4:1f:ab:48:2b:eb:33:5b:7b:
63:e5:bd:b7:fc:75:23:3a:ea:db:f6:76:80:48:95:
df:d0:58:d7:fe:f8:fb:41:ac:cc:6b:70:39:a8:62:
6e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D9:26:08:7D:2F:F8:58:7D:38:CC:47:08:44:0D:48:6C:AC:56:80
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/L9kmCH0v-Fh9OMxHCEQNSGysVoA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
40:47:15:6e:03:67:bd:cc:f5:f1:53:51:cb:02:e3:c1:70:77:
87:45:35:45:4b:6b:e3:21:93:fa:27:02:32:6d:4e:25:5e:20:
f7:10:41:80:36:81:9d:73:58:a7:08:54:18:9e:25:dc:96:72:
23:a5:b2:33:b1:d0:7b:0a:ee:06:58:71:e2:4f:98:de:ec:fd:
62:22:7f:33:61:21:58:8a:4d:da:8a:c8:ca:cb:c1:e2:f6:cb:
c3:a2:c7:93:b4:a0:6f:f5:d8:a8:94:c6:00:63:db:89:90:94:
ae:5e:3e:52:7e:b1:87:ed:ed:84:99:d5:d8:ee:41:10:52:61:
ca:35:da:1b:34:25:b6:b0:44:1c:6c:fb:91:0a:54:4c:1a:66:
d9:a1:ca:9d:69:d0:6e:f4:0e:20:c4:39:a0:b9:d0:23:14:c5:
7f:56:fc:ca:b2:4d:28:78:2e:db:6e:37:af:33:a6:3e:b9:4b:
13:da:75:c8:53:c3:23:59:58:13:48:9a:ed:d9:f9:b5:b3:a9:
58:f7:0d:8a:ac:a0:5e:d3:8a:cd:fc:94:a1:8c:83:9c:d9:92:
9d:ec:e2:ae:8a:61:02:aa:fa:f1:ed:f9:c1:42:af:7b:5d:a9:
42:be:83:48:e0:c7:c7:af:72:a8:ba:d2:91:bf:e4:c3:10:23:
47:fc:09:9a
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRTAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjQw
MDMwMDVaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDJGRDkyNjA4N0QyRkY4
NTg3RDM4Q0M0NzA4NDQwRDQ4NkNBQzU2ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/7+IRrwBSLoZZt+/ajGrixbHhyr7zwGTyJeWYss13eEltotZj
zqVBY74GQo1/9x5nnp79HOeLOeMirB2ZkKDB8lS9WRCcR3/k7o42OVqgmQXRW1QR
vfTV6//O2BOmO4KrGzDG5+r3yhXIJmxpJpK9Pv5cLk42rvlEiLVimV2GjARVcrdG
POKrc2zqiEmsStFAko5Y8h4nMUGtbU7HM/XX+URaj5a9FZtYlWLK2pQe0YKbZ5Cy
29JAtssgxt1B9qkZ8EBh25g/BplBPDpS5QurY4GPnQJzx+Qfq0gr6zNbe2Plvbf8
dSM66tv2doBIld/QWNf++PtBrMxrcDmoYm6vAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUL9kmCH0v+Fh9OMxHCEQNSGysVoAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9MOWttQ0gwdi1GaDlPTXhIQ0VRTlNHeXNWb0Eucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
AEBHFW4DZ73M9fFTUcsC48Fwd4dFNUVLa+Mhk/onAjJtTiVeIPcQQYA2gZ1zWKcI
VBieJdyWciOlsjOx0HsK7gZYceJPmN7s/WIifzNhIViKTdqKyMrLweL2y8Oix5O0
oG/12KiUxgBj24mQlK5ePlJ+sYft7YSZ1djuQRBSYco12hs0JbawRBxs+5EKVEwa
Ztmhyp1p0G70DiDEOaC50CMUxX9W/MqyTSh4LttuN68zpj65SxPadchTwyNZWBNI
mu3Z+bWzqVj3DYqsoF7Tis38lKGMg5zZkp3s4q6KYQKq+vHt+cFCr3tdqUK+g0jg
x8evcqi60pG/5MMQI0f8CZo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org