Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/XwjNez4prijwzhJGufSx8nuPhrk.roa
File: XwjNez4prijwzhJGufSx8nuPhrk.roa (raw, json)
Hash identifier: 0sd9vqSZ686Wgx94Px/dfzflS0TYO6/ksVIVqZuUN4A=
Subject key identifier: 5F:08:CD:7B:3E:29:AE:28:F0:CE:12:46:B9:F4:B1:F2:7B:8F:86:B9
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4559
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/XwjNez4prijwzhJGufSx8nuPhrk.roa
Signing time: Sun 27 Mar 2022 00:30:06 +0000
ROA not before: Sun 27 Mar 2022 00:30:06 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17753 (0x4559)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 27 00:30:06 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=5F08CD7B3E29AE28F0CE1246B9F4B1F27B8F86B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:da:ab:bd:75:d7:9a:5c:02:92:22:d1:38:1b:
a3:d6:05:0e:be:38:cd:be:0f:47:79:3d:48:72:49:
23:df:5e:cc:cf:3c:d0:c2:52:71:12:fc:46:21:d1:
96:e7:ea:24:09:80:b6:e4:cb:2d:0e:20:35:d0:d9:
ed:47:ae:e5:ab:ca:a9:0c:02:a0:54:d6:cb:2a:3a:
c4:1b:7b:ac:be:0f:33:fe:27:19:05:e3:4b:10:3b:
8a:0d:a1:14:33:e7:3d:5a:6a:38:e7:cb:4c:c8:cb:
e9:1b:57:d0:a3:a4:cb:cf:16:2f:43:49:20:9b:ad:
21:db:ea:a7:d9:be:0d:25:ba:96:81:ef:71:66:a7:
76:59:f7:82:c6:98:f1:03:cf:49:a6:95:cf:24:dd:
18:16:d0:51:a7:b2:b5:a8:ea:8d:b7:04:ea:18:e6:
f2:0d:c1:00:10:e9:90:48:1c:de:8b:7c:c1:ec:65:
c0:2c:62:82:c1:c0:75:c0:63:37:b9:fe:e3:ac:b9:
3c:44:75:54:76:94:b7:f7:bf:4b:79:65:5d:1d:60:
2e:ac:89:31:f0:26:ee:0d:14:ef:0f:71:37:48:4d:
df:bb:1c:6e:ca:ac:76:8c:28:1d:55:c3:b7:3d:0e:
3e:f5:03:f2:11:79:a7:61:5e:af:16:86:32:c2:a5:
0a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:08:CD:7B:3E:29:AE:28:F0:CE:12:46:B9:F4:B1:F2:7B:8F:86:B9
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/XwjNez4prijwzhJGufSx8nuPhrk.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:24:db:9b:70:fe:c4:8b:54:fb:5e:c4:65:36:e6:b9:f4:b7:
a8:45:53:93:e6:2b:37:5b:db:25:b5:a9:ff:67:fb:3a:01:43:
95:a1:df:de:b9:84:1c:fe:df:47:3c:0e:a6:d1:e8:8d:7e:0f:
72:94:e8:37:b0:3d:5c:df:78:97:09:25:95:19:b8:e2:d4:cc:
c9:6d:9f:6d:dd:ec:54:04:99:3f:2e:1c:a2:ec:8a:cd:67:24:
be:73:d1:bb:23:15:e3:cb:63:65:c5:35:23:98:4f:b3:8b:e4:
6d:b6:ea:c9:2e:96:dc:a0:56:18:29:f4:e0:b5:d6:ee:d4:e6:
c1:ef:06:74:e4:53:ba:95:f0:0e:d7:b3:7f:5a:ec:25:0e:04:
e7:59:78:6b:7e:50:85:e9:a6:e9:86:79:8e:b4:18:ef:8f:7d:
af:88:a9:51:25:5a:78:c2:c1:49:15:cf:ec:8f:59:0d:42:8e:
34:e4:d0:8a:8a:b4:d7:07:29:15:e7:59:08:f3:d2:a5:5a:44:
1e:63:42:0d:fc:4e:e1:2c:fb:97:3c:58:19:71:24:38:db:49:
6f:59:dc:80:d5:99:3d:81:c0:a9:6b:4e:77:5d:fb:5c:f2:7a:
2a:a1:c9:3c:a5:78:b4:f8:d1:e6:3b:b1:b4:48:6e:7c:e1:df:
8b:e1:f5:de
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRVkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjcw
MDMwMDZaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDVGMDhDRDdCM0UyOUFF
MjhGMENFMTI0NkI5RjRCMUYyN0I4Rjg2QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX2qu9ddeaXAKSItE4G6PWBQ6+OM2+D0d5PUhySSPfXszPPNDC
UnES/EYh0Zbn6iQJgLbkyy0OIDXQ2e1HruWryqkMAqBU1ssqOsQbe6y+DzP+JxkF
40sQO4oNoRQz5z1aajjny0zIy+kbV9CjpMvPFi9DSSCbrSHb6qfZvg0lupaB73Fm
p3ZZ94LGmPEDz0mmlc8k3RgW0FGnsrWo6o23BOoY5vINwQAQ6ZBIHN6LfMHsZcAs
YoLBwHXAYze5/uOsuTxEdVR2lLf3v0t5ZV0dYC6siTHwJu4NFO8PcTdITd+7HG7K
rHaMKB1Vw7c9Dj71A/IReadhXq8WhjLCpQqfAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUXwjNez4prijwzhJGufSx8nuPhrkwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9Yd2pOZXo0cHJpand6aEpHdWZTeDhudVBocmsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AB8k25tw/sSLVPtexGU25rn0t6hFU5PmKzdb2yW1qf9n+zoBQ5Wh3965hBz+30c8
DqbR6I1+D3KU6DewPVzfeJcJJZUZuOLUzMltn23d7FQEmT8uHKLsis1nJL5z0bsj
FePLY2XFNSOYT7OL5G226skultygVhgp9OC11u7U5sHvBnTkU7qV8A7Xs39a7CUO
BOdZeGt+UIXppumGeY60GO+Pfa+IqVElWnjCwUkVz+yPWQ1CjjTk0IqKtNcHKRXn
WQjz0qVaRB5jQg38TuEs+5c8WBlxJDjbSW9Z3IDVmT2BwKlrTndd+1zyeiqhyTyl
eLT40eY7sbRIbnzh34vh9d4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org