Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/hbQpi-arpFWdWCff62FoOXuccUg.roa
File: hbQpi-arpFWdWCff62FoOXuccUg.roa (raw, json)
Hash identifier: rBJvnJlAC85/UiwhuHwQUBhpSOmMsHG7h0g6EkPqmB8=
Subject key identifier: 85:B4:29:8B:E6:AB:A4:55:9D:58:27:DF:EB:61:68:39:7B:9C:71:48
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 46BF
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hbQpi-arpFWdWCff62FoOXuccUg.roa
Signing time: Thu 21 Apr 2022 00:30:11 +0000
ROA not before: Thu 21 Apr 2022 00:30:11 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18111 (0x46bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 21 00:30:11 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=85B4298BE6ABA4559D5827DFEB6168397B9C7148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ee:7c:be:97:e0:f6:b1:2f:08:97:26:9e:2d:
66:ba:d9:38:13:8e:a5:cc:89:03:75:ce:4c:1e:c5:
1f:d7:76:4a:96:fa:73:51:dc:28:45:b4:4d:8b:5a:
a9:a4:c1:db:df:a6:07:0e:7c:d7:7d:d3:0b:da:30:
58:22:0d:4b:3a:22:60:fe:a5:ba:81:ea:8b:1e:99:
d7:a5:6c:51:45:62:7f:9a:95:4a:5b:dc:58:20:84:
bc:12:03:57:98:76:3e:f9:e0:ca:1d:79:37:ce:c0:
b3:a8:d1:45:5f:92:83:0c:cb:ef:f1:22:3d:26:7a:
06:d0:6a:e0:9a:3c:2b:7e:b5:28:d8:d3:59:ee:81:
fa:24:3e:9a:78:59:0b:f0:23:3f:61:a0:64:3c:b9:
3a:57:5d:65:d6:cd:92:93:87:7e:c6:d8:66:73:a7:
39:3a:fd:2d:f5:38:02:83:20:b0:75:0c:43:81:1b:
3b:a4:37:c7:c3:d9:7b:9c:11:c2:a3:77:c5:5f:71:
f0:9b:18:0f:ff:41:98:2e:76:c0:18:99:9d:ef:b5:
b6:ba:e8:0c:f6:f0:6a:2b:ee:0a:70:bd:95:57:26:
36:e9:09:ea:16:79:70:06:c6:f2:4f:da:e3:84:31:
45:d8:e7:8c:04:b0:94:c0:69:98:ee:55:bc:7b:59:
b0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B4:29:8B:E6:AB:A4:55:9D:58:27:DF:EB:61:68:39:7B:9C:71:48
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hbQpi-arpFWdWCff62FoOXuccUg.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:c4:f5:5b:33:74:ab:d5:08:c3:6c:06:c5:dd:4f:ec:18:78:
fe:fd:2c:7c:4f:98:54:cb:76:b0:ac:7a:14:7d:7c:0a:28:32:
18:e7:37:39:73:06:ca:63:8b:0b:30:5f:85:5e:2e:ba:1e:6d:
4e:76:ba:b6:9e:65:cf:9a:45:75:ca:7d:0f:8a:b4:2c:dc:ab:
39:2e:ab:fd:91:af:64:dd:ec:ff:92:d0:98:61:b2:51:71:06:
20:82:9b:2c:4d:5d:3b:df:f2:f7:91:2a:f2:a1:04:f8:b6:87:
47:29:2a:76:52:3b:50:ae:5e:ff:30:79:24:85:9b:ce:4b:5a:
c1:9c:67:7d:d2:03:2f:80:e3:a9:ae:1f:3c:30:c9:c5:16:fc:
12:99:72:6d:4d:c2:9c:41:7d:b5:b7:58:ed:db:f5:d1:8e:fd:
65:28:d1:aa:20:98:59:a6:c8:e2:e6:42:97:5e:81:4d:6e:08:
09:f8:77:25:55:5c:33:b3:60:87:16:e1:33:74:19:e7:c0:ad:
0c:10:2d:84:22:2f:2e:48:d7:78:fb:33:e6:b7:16:9e:6e:61:
d3:00:cb:f2:ee:dc:c1:f3:5a:bd:e9:7b:ff:ac:2c:7a:c1:84:
34:d7:2b:d2:a8:ca:18:7a:4c:a4:18:10:b5:3b:b4:78:77:cf:
88:ee:56:ab
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRr8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MjEw
MDMwMTFaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDg1QjQyOThCRTZBQkE0
NTU5RDU4MjdERkVCNjE2ODM5N0I5QzcxNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC27ny+l+D2sS8IlyaeLWa62TgTjqXMiQN1zkwexR/XdkqW+nNR
3ChFtE2LWqmkwdvfpgcOfNd90wvaMFgiDUs6ImD+pbqB6osemdelbFFFYn+alUpb
3FgghLwSA1eYdj754ModeTfOwLOo0UVfkoMMy+/xIj0megbQauCaPCt+tSjY01nu
gfokPpp4WQvwIz9hoGQ8uTpXXWXWzZKTh37G2GZzpzk6/S31OAKDILB1DEOBGzuk
N8fD2XucEcKjd8VfcfCbGA//QZgudsAYmZ3vtba66Az28Gor7gpwvZVXJjbpCeoW
eXAGxvJP2uOEMUXY54wEsJTAaZjuVbx7WbBDAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUhbQpi+arpFWdWCff62FoOXuccUgwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9oYlFwaS1hcnBGV2RXQ2ZmNjJGb09YdWNjVWcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AA3E9VszdKvVCMNsBsXdT+wYeP79LHxPmFTLdrCsehR9fAooMhjnNzlzBspjiwsw
X4VeLroebU52uraeZc+aRXXKfQ+KtCzcqzkuq/2Rr2Td7P+S0JhhslFxBiCCmyxN
XTvf8veRKvKhBPi2h0cpKnZSO1CuXv8weSSFm85LWsGcZ33SAy+A46muHzwwycUW
/BKZcm1NwpxBfbW3WO3b9dGO/WUo0aogmFmmyOLmQpdegU1uCAn4dyVVXDOzYIcW
4TN0GefArQwQLYQiLy5I13j7M+a3Fp5uYdMAy/Lu3MHzWr3pe/+sLHrBhDTXK9Ko
yhh6TKQYELU7tHh3z4juVqs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org