Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/NLGxvz9dCxzsCe1yV3st80dX6d4.roa
File: NLGxvz9dCxzsCe1yV3st80dX6d4.roa (raw, json)
Hash identifier: iPE6l5BXBaKxHj9Lld9qHB4ogJ9TujhdakP4QjaUM+M=
Subject key identifier: 34:B1:B1:BF:3F:5D:0B:1C:EC:09:ED:72:57:7B:2D:F3:47:57:E9:DE
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 427E
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NLGxvz9dCxzsCe1yV3st80dX6d4.roa
Signing time: Wed 02 Feb 2022 00:30:07 +0000
ROA not before: Wed 02 Feb 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17022 (0x427e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 2 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=34B1B1BF3F5D0B1CEC09ED72577B2DF34757E9DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:29:8e:29:cf:b3:0c:98:ae:49:85:0b:23:83:
16:62:f7:c2:c7:ac:b4:d3:a4:88:ea:eb:63:24:eb:
c3:46:9c:88:ee:55:44:17:cd:d4:79:29:b0:e6:90:
c8:78:7b:8c:e9:8f:ed:68:f8:a0:56:a8:fa:23:b3:
01:aa:f6:c3:45:cb:76:8c:64:56:61:a6:77:ba:1c:
d4:b8:32:b3:9c:18:4f:8c:a5:4d:fb:7a:25:7a:6a:
ed:3b:7e:df:d5:2a:47:b0:22:d9:ce:00:85:43:5c:
fc:4b:95:b1:5a:0c:02:1f:0c:c3:7a:c1:d0:cc:13:
77:53:96:97:87:73:60:34:62:2a:31:c8:a4:e7:84:
2b:6c:77:8c:ff:a5:c5:28:df:23:f2:cd:e6:c0:34:
10:40:ed:b7:da:65:c8:65:9a:fa:fc:99:ed:4a:38:
e8:53:1e:33:20:fc:de:1a:43:09:7b:f2:06:dd:44:
2a:04:65:77:e5:56:22:f0:85:a4:c9:3f:56:4d:44:
1b:e9:5d:34:a7:7e:40:54:7a:05:ca:b2:54:aa:75:
2c:89:5b:d9:bd:b6:b8:7b:c6:7d:31:4a:ed:4e:70:
aa:d1:0a:00:b0:6f:ad:18:24:52:e7:25:c0:bd:d3:
31:84:72:7b:ff:3f:73:a3:d8:3d:e7:76:56:c6:24:
91:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B1:B1:BF:3F:5D:0B:1C:EC:09:ED:72:57:7B:2D:F3:47:57:E9:DE
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NLGxvz9dCxzsCe1yV3st80dX6d4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:ef:85:00:da:4f:cb:ba:29:0b:56:d4:37:9b:6d:a8:53:6b:
1a:43:6e:83:6a:7f:8f:41:c2:0b:b2:89:e8:8a:5d:38:e6:f9:
48:c2:70:dd:58:5e:84:f0:be:4e:20:c7:d0:cb:9d:73:8f:dd:
d5:af:fd:23:79:53:2e:e1:00:f5:1e:f4:27:4c:d7:cc:aa:48:
4b:35:56:2f:60:18:ff:62:a6:6f:92:28:b5:d6:37:ac:a5:cd:
8f:61:ec:06:64:41:30:cb:1f:22:87:b4:9a:e3:48:b4:6a:7a:
0e:64:a8:bf:62:45:1a:ae:da:1a:97:a2:5a:d8:ef:f5:13:92:
3d:d4:46:73:c2:e0:86:a7:68:ba:fc:ba:21:1f:d5:59:f0:e2:
8f:17:87:f4:90:29:18:58:c9:a4:2a:84:47:f8:f7:f6:7d:af:
5d:4b:de:b3:d0:2e:db:9b:02:c3:85:c3:05:58:5e:4e:b4:41:
c0:9f:5e:2e:37:36:55:a0:fb:07:53:b3:1d:c0:9b:cf:d1:2a:
4b:5c:dd:94:4e:d3:b3:91:e7:31:2d:a6:5c:b5:81:69:d8:d4:
0a:82:28:12:fa:71:00:d2:34:12:3f:e0:23:38:e8:d2:5d:eb:
79:63:0c:ec:dc:54:19:3e:8d:8b:3e:93:6a:20:95:78:93:dd:
49:13:18:b5
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQn4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDIw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDM0QjFCMUJGM0Y1RDBC
MUNFQzA5RUQ3MjU3N0IyREYzNDc1N0U5REUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqKY4pz7MMmK5JhQsjgxZi98LHrLTTpIjq62Mk68NGnIjuVUQX
zdR5KbDmkMh4e4zpj+1o+KBWqPojswGq9sNFy3aMZFZhpne6HNS4MrOcGE+MpU37
eiV6au07ft/VKkewItnOAIVDXPxLlbFaDAIfDMN6wdDME3dTlpeHc2A0YioxyKTn
hCtsd4z/pcUo3yPyzebANBBA7bfaZchlmvr8me1KOOhTHjMg/N4aQwl78gbdRCoE
ZXflViLwhaTJP1ZNRBvpXTSnfkBUegXKslSqdSyJW9m9trh7xn0xSu1OcKrRCgCw
b60YJFLnJcC90zGEcnv/P3Oj2D3ndlbGJJEvAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUNLGxvz9dCxzsCe1yV3st80dX6d4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9OTEd4dno5ZEN4enNDZTF5VjNzdDgwZFg2ZDQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AL/vhQDaT8u6KQtW1DebbahTaxpDboNqf49BwguyieiKXTjm+UjCcN1YXoTwvk4g
x9DLnXOP3dWv/SN5Uy7hAPUe9CdM18yqSEs1Vi9gGP9ipm+SKLXWN6ylzY9h7AZk
QTDLHyKHtJrjSLRqeg5kqL9iRRqu2hqXolrY7/UTkj3URnPC4IanaLr8uiEf1Vnw
4o8Xh/SQKRhYyaQqhEf49/Z9r11L3rPQLtubAsOFwwVYXk60QcCfXi43NlWg+wdT
sx3Am8/RKktc3ZRO07OR5zEtply1gWnY1AqCKBL6cQDSNBI/4CM46NJd63ljDOzc
VBk+jYs+k2oglXiT3UkTGLU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org