Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/bHS1Zj0KnBLDKlODkD5DkW0gttQ.roa
File: bHS1Zj0KnBLDKlODkD5DkW0gttQ.roa (raw, json)
Hash identifier: 20ISr0gF8QUatfRd3BUxOJFrrnEWLMWgYc67gkGabP8=
Subject key identifier: 6C:74:B5:66:3D:0A:9C:12:C3:2A:53:83:90:3E:43:91:6D:20:B6:D4
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 48D0
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/bHS1Zj0KnBLDKlODkD5DkW0gttQ.roa
Signing time: Sun 29 May 2022 00:30:06 +0000
ROA not before: Sun 29 May 2022 00:30:06 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18640 (0x48d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 29 00:30:06 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=6C74B5663D0A9C12C32A5383903E43916D20B6D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e2:70:06:5e:8e:7e:f9:b6:9f:de:26:45:39:
5f:06:c5:60:7e:28:6c:8c:19:43:a9:0a:e2:4c:85:
d1:d8:7b:b1:99:c2:59:d4:e6:f8:ac:c2:5e:b9:b4:
02:1a:8a:a3:31:8d:9f:fc:4b:7d:c1:24:f9:67:51:
40:21:a5:e2:39:f2:55:fb:09:db:99:50:57:5d:92:
4d:7c:39:1c:7b:67:0e:f7:d9:c0:72:82:ff:0c:5a:
63:1e:ca:70:b2:69:a2:0f:35:7f:df:a4:34:44:15:
26:69:74:23:e7:35:71:2e:9b:10:89:62:15:1d:d4:
51:b1:b4:12:58:0a:15:0d:5f:e4:a7:69:35:f4:fa:
ff:c7:e7:d3:98:fc:9c:c1:75:0d:4d:ce:1f:d1:84:
2e:d8:9d:a6:b1:1b:1b:10:14:44:05:0e:dc:71:4c:
99:58:d9:a1:ff:c8:54:c0:e9:12:88:e5:58:2b:3c:
c2:dc:1b:ff:e8:47:de:53:6f:15:be:3d:39:ce:cf:
f4:31:7f:20:4f:da:27:27:d7:bb:f4:86:b9:9c:54:
3d:54:5f:2d:5e:0a:fa:e7:bb:15:3a:a8:26:a7:e1:
2f:14:05:30:4f:26:91:ae:64:fd:e5:24:99:f6:f3:
f9:ca:1b:9c:ec:9c:e0:70:5b:e3:5c:f6:83:c8:58:
75:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:74:B5:66:3D:0A:9C:12:C3:2A:53:83:90:3E:43:91:6D:20:B6:D4
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/bHS1Zj0KnBLDKlODkD5DkW0gttQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:12:12:65:98:04:5b:e2:a5:95:71:7d:2f:56:62:f6:be:42:
ec:95:86:37:dd:8e:78:7b:a5:c3:c2:ff:2d:33:b2:12:66:3a:
d7:bc:49:07:a3:82:70:04:b2:e9:c6:da:06:69:e6:13:d3:bd:
93:68:25:66:f9:2c:4e:af:5b:f7:ef:0e:1e:a2:67:a5:e0:1a:
a3:e8:db:13:29:41:5a:3a:1f:d4:fd:17:2b:b6:83:3c:8a:8f:
8a:ec:53:7a:20:51:3d:f1:35:3e:bb:8b:3c:99:b4:74:c8:15:
b6:f9:4c:b2:3c:6e:ee:6e:41:7f:57:c3:de:51:0c:34:6c:81:
9c:2b:5e:eb:49:f7:0a:8d:ea:d0:20:de:fe:de:fa:fb:a1:da:
e4:1c:9f:2f:32:6a:82:b7:7c:49:4d:2a:4f:84:f7:ac:a0:ff:
e0:bf:6a:57:9b:8a:bf:1b:a9:c0:8d:71:0e:f3:4f:e4:c5:93:
c3:ff:eb:2a:72:dc:fb:9e:a7:79:6d:0a:7d:18:75:17:ee:1b:
70:4c:65:b3:bc:b3:df:67:d2:71:55:ac:6c:f3:20:53:06:e2:
cf:2c:2f:da:f7:f0:99:a8:13:b8:49:ff:bc:ef:d9:f1:d2:26:
bf:63:6b:c2:0e:74:b8:7c:f3:0e:3e:de:bc:9c:2f:b6:0b:82:
a8:12:67:09
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSNAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1Mjkw
MDMwMDZaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDZDNzRCNTY2M0QwQTlD
MTJDMzJBNTM4MzkwM0U0MzkxNkQyMEI2RDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCf4nAGXo5++baf3iZFOV8GxWB+KGyMGUOpCuJMhdHYe7GZwlnU
5viswl65tAIaiqMxjZ/8S33BJPlnUUAhpeI58lX7CduZUFddkk18ORx7Zw732cBy
gv8MWmMeynCyaaIPNX/fpDREFSZpdCPnNXEumxCJYhUd1FGxtBJYChUNX+SnaTX0
+v/H59OY/JzBdQ1Nzh/RhC7YnaaxGxsQFEQFDtxxTJlY2aH/yFTA6RKI5VgrPMLc
G//oR95TbxW+PTnOz/QxfyBP2icn17v0hrmcVD1UXy1eCvrnuxU6qCan4S8UBTBP
JpGuZP3lJJn28/nKG5zsnOBwW+Nc9oPIWHVFAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUbHS1Zj0KnBLDKlODkD5DkW0gttQwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9iSFMxWmowS25CTERLbE9Ea0Q1RGtXMGd0dFEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AJwSEmWYBFvipZVxfS9WYva+QuyVhjfdjnh7pcPC/y0zshJmOte8SQejgnAEsunG
2gZp5hPTvZNoJWb5LE6vW/fvDh6iZ6XgGqPo2xMpQVo6H9T9Fyu2gzyKj4rsU3og
UT3xNT67izyZtHTIFbb5TLI8bu5uQX9Xw95RDDRsgZwrXutJ9wqN6tAg3v7e+vuh
2uQcny8yaoK3fElNKk+E96yg/+C/alebir8bqcCNcQ7zT+TFk8P/6ypy3Puep3lt
Cn0YdRfuG3BMZbO8s99n0nFVrGzzIFMG4s8sL9r38JmoE7hJ/7zv2fHSJr9ja8IO
dLh88w4+3rycL7YLgqgSZwk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org