Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/XfHftLoi65LlrzjH4v_MIFau8Ec.roa
File: XfHftLoi65LlrzjH4v_MIFau8Ec.roa (raw, json)
Hash identifier: QMdjydxuHoQmi5t3JtDmwl6xZNMbfTDz3qK7YamPzJM=
Subject key identifier: 5D:F1:DF:B4:BA:22:EB:92:E5:AF:38:C7:E2:FF:CC:20:56:AE:F0:47
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 470D
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/XfHftLoi65LlrzjH4v_MIFau8Ec.roa
Signing time: Wed 27 Apr 2022 00:30:07 +0000
ROA not before: Wed 27 Apr 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18189 (0x470d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 27 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=5DF1DFB4BA22EB92E5AF38C7E2FFCC2056AEF047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:22:f1:4d:2d:cd:1e:80:26:26:6a:42:66:d4:
af:0c:12:5e:8a:ff:58:96:97:de:dd:3f:6f:d3:ea:
97:52:ee:a9:c5:1d:dc:f0:a4:18:1b:94:f5:41:2c:
e5:e9:39:34:5e:f6:6a:32:90:26:8c:4f:ff:fc:4b:
65:94:a3:a2:77:fd:d1:4b:52:2d:74:ee:9d:9a:84:
06:ef:29:5a:07:2d:63:ff:89:50:71:d7:f9:02:b5:
b4:3a:af:96:3e:9f:3e:06:b6:21:cb:f9:82:e4:e6:
e4:57:5a:73:fc:a6:1c:8a:95:e7:d9:ef:32:1f:81:
e0:93:ef:70:b5:71:d6:40:aa:d9:ae:ef:95:6c:cb:
1d:d5:b3:eb:de:ad:85:6e:8d:7a:89:df:fb:3a:73:
af:9b:fb:7f:3d:3d:4a:cb:82:97:0b:e4:08:17:35:
6e:9d:59:ce:da:14:ab:a5:a2:b9:a3:87:8d:d7:ce:
f4:a5:2b:f5:82:0e:fa:58:ea:6d:46:5b:06:30:bc:
77:d8:5e:0e:f0:04:4c:7e:01:3d:bb:db:ee:32:c3:
ea:b4:98:7b:47:62:03:56:c3:75:8d:b6:7d:3a:ab:
18:d8:9e:a0:37:26:1d:7b:a8:5a:12:b7:80:73:53:
7c:f4:ea:90:33:50:a2:51:22:a8:72:38:bf:af:88:
ec:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F1:DF:B4:BA:22:EB:92:E5:AF:38:C7:E2:FF:CC:20:56:AE:F0:47
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/XfHftLoi65LlrzjH4v_MIFau8Ec.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:66:d1:57:b8:e9:ef:75:d4:7b:09:b8:14:74:0a:56:12:d4:
6b:f8:77:40:59:8f:b5:b0:3e:21:0a:23:61:c9:44:dd:63:ef:
d5:5d:08:f0:f4:a5:92:c6:f0:a9:74:fd:12:dd:2b:8f:cf:77:
fb:71:ff:59:33:82:cf:1f:d5:75:a0:97:94:df:8f:99:ea:a6:
e3:bc:aa:a3:70:ef:1a:b5:4d:68:90:2b:8f:0c:91:db:eb:d3:
19:06:da:e8:9c:04:8d:82:02:72:b4:5a:c4:4f:85:d2:57:2a:
9f:97:7c:60:49:26:b5:56:f6:a1:38:0f:de:20:b4:37:56:7a:
bf:f0:25:2d:5d:cc:18:63:73:7a:a5:39:ee:a8:9b:4a:2f:31:
bc:4f:59:73:29:ca:0e:b2:e3:02:fd:23:59:0b:a0:9c:d2:1b:
a6:3c:f9:db:35:82:ab:49:0b:fc:35:b3:b7:48:ff:b9:01:1d:
7b:eb:b3:3a:3a:bb:4b:7f:41:fa:10:26:4c:dd:6a:5e:e3:3d:
a3:23:f0:b7:cb:2c:7a:ba:56:1b:a6:18:fa:e8:c7:6a:fd:a0:
7f:01:7a:04:bc:27:37:2f:0a:51:d8:97:03:14:23:f9:cb:a6:
36:99:16:07:eb:3e:b1:b0:ac:fc:f5:ad:9a:ad:a4:df:99:0b:
b0:62:27:49
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRw0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0Mjcw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDVERjFERkI0QkEyMkVC
OTJFNUFGMzhDN0UyRkZDQzIwNTZBRUYwNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcIvFNLc0egCYmakJm1K8MEl6K/1iWl97dP2/T6pdS7qnFHdzw
pBgblPVBLOXpOTRe9moykCaMT//8S2WUo6J3/dFLUi107p2ahAbvKVoHLWP/iVBx
1/kCtbQ6r5Y+nz4GtiHL+YLk5uRXWnP8phyKlefZ7zIfgeCT73C1cdZAqtmu75Vs
yx3Vs+verYVujXqJ3/s6c6+b+389PUrLgpcL5AgXNW6dWc7aFKulormjh43XzvSl
K/WCDvpY6m1GWwYwvHfYXg7wBEx+AT272+4yw+q0mHtHYgNWw3WNtn06qxjYnqA3
Jh17qFoSt4BzU3z06pAzUKJRIqhyOL+viOw3AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUXfHftLoi65LlrzjH4v/MIFau8EcwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9YZkhmdExvaTY1TGxyempINHZfTUlGYXU4RWMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
AK1m0Ve46e911HsJuBR0ClYS1Gv4d0BZj7WwPiEKI2HJRN1j79VdCPD0pZLG8Kl0
/RLdK4/Pd/tx/1kzgs8f1XWgl5Tfj5nqpuO8qqNw7xq1TWiQK48Mkdvr0xkG2uic
BI2CAnK0WsRPhdJXKp+XfGBJJrVW9qE4D94gtDdWer/wJS1dzBhjc3qlOe6om0ov
MbxPWXMpyg6y4wL9I1kLoJzSG6Y8+ds1gqtJC/w1s7dI/7kBHXvrszo6u0t/QfoQ
Jkzdal7jPaMj8LfLLHq6VhumGProx2r9oH8BegS8JzcvClHYlwMUI/nLpjaZFgfr
PrGwrPz1rZqtpN+ZC7BiJ0k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org