Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/XCVaHfd2rFhVVtmCEKzwRj0xgG8.roa
File: XCVaHfd2rFhVVtmCEKzwRj0xgG8.roa (raw, json)
Hash identifier: rq0HleWPLzK2hN2R1eoQ+SNjrfiXQZJNB5RivRopA5o=
Subject key identifier: 5C:25:5A:1D:F7:76:AC:58:55:56:D9:82:10:AC:F0:46:3D:31:80:6F
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4609
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/XCVaHfd2rFhVVtmCEKzwRj0xgG8.roa
Signing time: Fri 08 Apr 2022 00:30:11 +0000
ROA not before: Fri 08 Apr 2022 00:30:11 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17929 (0x4609)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 8 00:30:11 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=5C255A1DF776AC585556D98210ACF0463D31806F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:6d:c6:53:0d:b5:a5:5e:23:eb:c6:16:a9:96:
d1:86:22:94:f2:dc:2a:8c:94:a0:09:44:44:5f:cf:
54:87:c2:a4:79:a3:4f:79:56:9e:1d:e6:aa:0e:47:
43:03:b1:8f:93:50:9c:81:55:39:d8:2a:e0:7b:50:
57:c7:32:47:98:1d:6c:b5:82:e2:cf:41:25:17:12:
51:ab:fe:2d:9f:55:ef:7f:f7:6c:57:25:ee:a4:1f:
a7:ff:c7:f6:88:3c:04:a1:ab:64:51:a4:fa:ef:ae:
5c:da:ca:5d:23:bc:0f:ee:d9:60:68:99:1f:0e:90:
06:3f:8d:22:f5:9b:42:a0:eb:e1:85:8c:1e:52:b4:
63:c9:e0:f6:83:d8:b2:b7:70:0d:0f:61:bb:34:63:
07:7e:a6:ce:ea:26:95:cf:05:1f:ee:00:1e:40:13:
04:9b:17:71:7b:04:87:ee:85:d2:02:3b:45:bc:93:
6e:0a:1c:62:b9:2a:6f:49:4a:3f:de:50:2e:73:f6:
14:05:52:55:7d:ce:20:e4:14:9d:b5:a3:57:6d:9d:
44:c9:63:f9:46:57:71:ac:3f:b3:a9:a0:69:8a:ca:
de:d5:35:26:88:2f:dd:0c:97:bf:8b:6e:b5:38:2d:
37:e3:e3:16:90:e4:46:13:5b:c2:de:05:e8:06:f4:
ec:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:25:5A:1D:F7:76:AC:58:55:56:D9:82:10:AC:F0:46:3D:31:80:6F
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/XCVaHfd2rFhVVtmCEKzwRj0xgG8.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:7c:f7:84:b0:cd:57:99:66:77:e7:b9:a8:be:52:20:4c:1d:
35:95:11:ac:f1:e2:63:af:77:4e:81:fd:f1:eb:45:3b:43:c5:
33:e5:bf:32:63:41:43:86:98:56:a2:0b:9e:ac:e5:bb:44:3d:
f5:7a:d5:a1:59:b6:86:2a:c1:26:34:b2:1b:57:1a:2f:8f:be:
ae:d1:48:e7:44:75:f6:90:8d:05:b3:c2:64:39:22:53:07:a6:
fe:48:fd:23:10:a1:8e:bd:1b:00:51:c4:a4:4d:a8:60:4f:d0:
40:0e:f1:fa:f7:79:95:ba:1c:1b:e6:9b:51:47:29:41:96:1e:
f5:f0:48:65:f3:18:29:fd:87:46:f8:cb:42:d3:a2:3f:3f:e2:
72:85:9f:f7:29:96:c5:98:da:f1:c0:f4:3f:e9:98:61:eb:33:
35:51:0a:9d:f6:89:9c:33:e3:2c:1e:49:69:e1:a1:77:75:6d:
3b:32:10:a1:c1:a7:a9:1e:96:39:cf:17:62:8d:89:83:69:27:
f0:be:b3:ea:85:05:f6:c9:57:ad:c7:44:78:d3:53:f4:1c:38:
ae:9e:ab:0e:8f:74:7a:a8:a3:66:60:8a:7b:75:4f:f7:08:b9:
c1:d2:8a:13:41:2e:64:c0:df:d1:af:1c:bd:af:20:27:9d:5d:
e6:2e:a2:56
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRgkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MDgw
MDMwMTFaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDVDMjU1QTFERjc3NkFD
NTg1NTU2RDk4MjEwQUNGMDQ2M0QzMTgwNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbbcZTDbWlXiPrxhapltGGIpTy3CqMlKAJRERfz1SHwqR5o095
Vp4d5qoOR0MDsY+TUJyBVTnYKuB7UFfHMkeYHWy1guLPQSUXElGr/i2fVe9/92xX
Je6kH6f/x/aIPAShq2RRpPrvrlzayl0jvA/u2WBomR8OkAY/jSL1m0Kg6+GFjB5S
tGPJ4PaD2LK3cA0PYbs0Ywd+ps7qJpXPBR/uAB5AEwSbF3F7BIfuhdICO0W8k24K
HGK5Km9JSj/eUC5z9hQFUlV9ziDkFJ21o1dtnUTJY/lGV3GsP7OpoGmKyt7VNSaI
L90Ml7+LbrU4LTfj4xaQ5EYTW8LeBegG9OzXAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUXCVaHfd2rFhVVtmCEKzwRj0xgG8wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9YQ1ZhSGZkMnJGaFZWdG1DRUt6d1JqMHhnRzgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
ALZ894SwzVeZZnfnuai+UiBMHTWVEazx4mOvd06B/fHrRTtDxTPlvzJjQUOGmFai
C56s5btEPfV61aFZtoYqwSY0shtXGi+Pvq7RSOdEdfaQjQWzwmQ5IlMHpv5I/SMQ
oY69GwBRxKRNqGBP0EAO8fr3eZW6HBvmm1FHKUGWHvXwSGXzGCn9h0b4y0LToj8/
4nKFn/cplsWY2vHA9D/pmGHrMzVRCp32iZwz4yweSWnhoXd1bTsyEKHBp6keljnP
F2KNiYNpJ/C+s+qFBfbJV63HRHjTU/QcOK6eqw6PdHqoo2Zgint1T/cIucHSihNB
LmTA39GvHL2vICedXeYuolY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org