Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/XHb91n2qFcKeDSC5ozhnFP1818c.roa
File: XHb91n2qFcKeDSC5ozhnFP1818c.roa (raw, json)
Hash identifier: GE7Q309uBAfVLNAQDDAKrdzfNrwzL7cMe9Q0ud2dr+E=
Subject key identifier: 5C:76:FD:D6:7D:AA:15:C2:9E:0D:20:B9:A3:38:67:14:FD:7C:D7:C7
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4514
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/XHb91n2qFcKeDSC5ozhnFP1818c.roa
Signing time: Tue 22 Mar 2022 00:30:06 +0000
ROA not before: Tue 22 Mar 2022 00:30:06 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17684 (0x4514)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 22 00:30:06 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=5C76FDD67DAA15C29E0D20B9A3386714FD7CD7C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e4:fb:d1:b6:6c:8f:89:9d:44:e1:39:9d:8a:
5a:57:c5:e0:b0:3e:ff:05:fc:dc:3d:60:6a:f9:0e:
b3:ea:26:27:95:45:3c:30:2a:60:9c:85:61:65:2c:
97:99:64:5b:93:ea:5d:6d:2b:90:f7:da:dd:99:c2:
da:89:58:c6:9f:58:a3:6f:df:e8:95:bb:e7:36:26:
14:5d:64:ca:a3:31:60:52:91:42:88:4f:f6:09:62:
88:2c:40:e9:94:36:7e:8f:4c:fa:16:5d:71:bc:70:
7d:8b:ab:b2:f4:cf:70:6d:8a:5f:06:7a:d6:58:d9:
76:3b:14:50:eb:71:9d:9a:a5:2a:03:37:02:da:65:
13:6d:1c:b5:f6:0e:2e:29:43:7c:20:92:bc:7e:d0:
b4:e8:35:d3:70:66:63:f8:76:5b:aa:3b:80:c0:84:
9c:f6:ad:9a:3e:bc:37:17:fa:b5:8d:b7:88:52:4f:
b3:cf:7f:dd:a0:69:04:e3:00:65:ce:c6:79:3b:ec:
60:85:b6:e9:62:71:b1:e6:e9:5c:0c:26:00:4d:c4:
05:92:9c:a2:6e:f5:45:e5:3c:90:4e:b0:44:e4:67:
be:02:39:f1:6f:60:0a:4c:ba:c3:b7:6c:3f:84:56:
9a:a1:46:47:82:96:2d:96:4b:d8:ee:11:b7:c9:4a:
ed:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:76:FD:D6:7D:AA:15:C2:9E:0D:20:B9:A3:38:67:14:FD:7C:D7:C7
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/XHb91n2qFcKeDSC5ozhnFP1818c.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:dd:2c:43:7f:03:24:89:83:7d:9f:b9:6e:5c:72:ba:f1:8b:
e3:49:7a:54:b7:74:ca:ec:23:c3:1d:ab:96:cf:c4:04:db:73:
f7:de:58:e5:54:9c:9e:9e:9b:ed:45:d3:e5:f8:96:cd:79:d2:
ee:a0:74:db:61:e7:c0:c8:18:7c:e4:dd:31:5c:16:bb:8a:83:
45:bd:94:c5:5b:17:93:8a:4b:06:11:c2:6a:01:12:c2:cf:9e:
8e:1d:21:d4:4a:b0:44:af:a2:48:ad:d2:55:54:70:84:86:24:
46:7f:71:c4:a5:9e:be:7f:cd:9c:d0:2c:8b:9a:94:b9:1d:95:
80:60:75:cf:82:44:67:4c:a8:5b:e0:88:5e:83:ed:03:df:f3:
49:37:7b:31:3a:c6:ec:2f:6d:e0:4b:d6:57:42:b5:11:d6:68:
84:b8:f8:22:62:57:73:21:a2:4b:6e:5b:41:f2:95:90:dc:f5:
bf:f5:ce:d0:5b:dc:d2:82:4d:00:92:4e:c6:45:23:47:74:43:
67:2a:41:98:86:1c:6f:f9:1c:42:f0:02:a7:79:de:f5:d6:8a:
50:32:6e:ac:63:c0:fd:e7:3b:5b:db:aa:37:d6:90:84:13:4c:
35:83:bd:96:ef:af:d9:df:b9:f4:df:3b:07:91:b4:ba:2b:56:
16:8d:40:c8
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRRQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjIw
MDMwMDZaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDVDNzZGREQ2N0RBQTE1
QzI5RTBEMjBCOUEzMzg2NzE0RkQ3Q0Q3QzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu5PvRtmyPiZ1E4TmdilpXxeCwPv8F/Nw9YGr5DrPqJieVRTww
KmCchWFlLJeZZFuT6l1tK5D32t2ZwtqJWMafWKNv3+iVu+c2JhRdZMqjMWBSkUKI
T/YJYogsQOmUNn6PTPoWXXG8cH2Lq7L0z3Btil8GetZY2XY7FFDrcZ2apSoDNwLa
ZRNtHLX2Di4pQ3wgkrx+0LToNdNwZmP4dluqO4DAhJz2rZo+vDcX+rWNt4hST7PP
f92gaQTjAGXOxnk77GCFtulicbHm6VwMJgBNxAWSnKJu9UXlPJBOsETkZ74COfFv
YApMusO3bD+EVpqhRkeCli2WS9juEbfJSu3lAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUXHb91n2qFcKeDSC5ozhnFP1818cwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9YSGI5MW4ycUZjS2VEU0M1b3pobkZQMTgxOGMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
ADvdLEN/AySJg32fuW5ccrrxi+NJelS3dMrsI8Mdq5bPxATbc/feWOVUnJ6em+1F
0+X4ls150u6gdNth58DIGHzk3TFcFruKg0W9lMVbF5OKSwYRwmoBEsLPno4dIdRK
sESvokit0lVUcISGJEZ/ccSlnr5/zZzQLIualLkdlYBgdc+CRGdMqFvgiF6D7QPf
80k3ezE6xuwvbeBL1ldCtRHWaIS4+CJiV3MhoktuW0HylZDc9b/1ztBb3NKCTQCS
TsZFI0d0Q2cqQZiGHG/5HELwAqd53vXWilAybqxjwP3nO1vbqjfWkIQTTDWDvZbv
r9nfufTfOweRtLorVhaNQMg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org