Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/kH90Sa4Oo9YMdyqGhSH6acGjAbE.roa
File: kH90Sa4Oo9YMdyqGhSH6acGjAbE.roa (raw, json)
Hash identifier: avVy2vwHvyIe8yh/uCfWaaRqc5AzS8C8z5MNYvyy+4E=
Subject key identifier: 90:7F:74:49:AE:0E:A3:D6:0C:77:2A:86:85:21:FA:69:C1:A3:01:B1
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 46DB
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/kH90Sa4Oo9YMdyqGhSH6acGjAbE.roa
Signing time: Sat 23 Apr 2022 00:30:10 +0000
ROA not before: Sat 23 Apr 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18139 (0x46db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 23 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=907F7449AE0EA3D60C772A868521FA69C1A301B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:5b:cd:6b:d8:68:20:b7:a1:c7:29:3a:ea:92:
04:ce:e1:58:34:59:ee:e5:ae:35:a6:4f:51:75:ed:
0d:0e:1b:23:e5:1e:09:0f:7f:75:ec:2f:54:40:91:
98:68:9c:6f:5c:33:fc:0e:43:95:0d:6b:64:7d:ed:
b8:0c:fd:13:c1:ee:b3:94:4f:6e:11:62:e9:26:53:
63:81:99:00:36:d3:6f:54:3d:f7:31:7f:53:42:6c:
39:ef:58:82:24:6b:3a:59:72:3f:db:a2:4f:b3:6b:
fd:0b:ce:28:35:68:88:8f:69:f7:83:b0:ed:4d:79:
82:72:dc:fb:37:b7:3a:1a:2e:f6:b0:31:bc:21:83:
ae:b9:29:43:76:16:b1:4e:10:9a:42:3f:9e:13:cb:
2c:e7:57:70:e4:e7:8a:7c:21:5d:d7:08:b5:6b:11:
1d:32:3b:0b:d2:5a:10:dc:0a:88:bb:35:1c:74:ff:
18:f6:97:65:13:c9:34:0f:ad:98:e2:05:e8:bf:5e:
9c:a3:36:3e:3b:ec:e4:b1:cc:06:67:7f:6c:c3:c6:
5b:fb:bd:ca:e2:34:f5:cf:97:a8:3b:59:cc:9e:e7:
39:da:9b:bc:85:b4:f0:67:70:16:a8:4f:53:22:a7:
e9:d5:92:0f:9e:29:07:b1:84:c3:ba:88:52:7f:97:
5d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7F:74:49:AE:0E:A3:D6:0C:77:2A:86:85:21:FA:69:C1:A3:01:B1
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/kH90Sa4Oo9YMdyqGhSH6acGjAbE.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ed:0d:33:2b:c5:84:0c:f3:df:49:b7:fb:a4:60:df:19:97:
bd:a7:1f:39:09:3e:78:51:20:4b:d2:7c:b5:16:ba:a9:03:d6:
d2:f8:6d:66:b0:70:b5:d5:0d:ac:ed:c7:c2:da:35:98:a2:17:
de:58:3a:9b:68:8e:27:45:12:d5:35:8e:5c:44:8b:73:ee:a3:
0e:55:4c:4a:bf:73:16:77:6d:f0:56:11:b8:2d:a6:62:7e:6c:
9e:e7:90:9d:48:d3:ca:0f:25:22:3e:9f:85:0e:a4:b7:19:d6:
dc:48:20:f4:1f:f6:ad:ab:d5:44:ae:4e:85:23:b2:ee:3d:1f:
b9:9e:c2:df:bd:62:d0:23:c8:28:dd:11:0e:0b:ac:3d:da:19:
37:ae:13:52:20:f8:95:38:df:99:06:44:02:79:44:9b:71:18:
e7:3f:3f:20:59:11:5e:37:d9:f1:6f:38:cd:f0:a9:44:ec:75:
ae:f4:56:4f:54:7f:9c:49:e3:60:ae:42:f9:ce:65:7f:67:40:
9c:e2:89:2c:41:4c:12:3f:65:2f:7c:67:68:2e:f2:a3:9b:dc:
e2:64:0f:48:e0:ec:14:67:4c:f7:18:96:7c:e0:0e:50:06:e6:
36:0c:df:c4:8c:c1:25:ee:93:d5:99:fa:a7:28:0d:87:51:28:
a1:f2:8c:f7
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRtswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MjMw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDkwN0Y3NDQ5QUUwRUEz
RDYwQzc3MkE4Njg1MjFGQTY5QzFBMzAxQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmW81r2Gggt6HHKTrqkgTO4Vg0We7lrjWmT1F17Q0OGyPlHgkP
f3XsL1RAkZhonG9cM/wOQ5UNa2R97bgM/RPB7rOUT24RYukmU2OBmQA2029UPfcx
f1NCbDnvWIIkazpZcj/bok+za/0Lzig1aIiPafeDsO1NeYJy3Ps3tzoaLvawMbwh
g665KUN2FrFOEJpCP54TyyznV3Dk54p8IV3XCLVrER0yOwvSWhDcCoi7NRx0/xj2
l2UTyTQPrZjiBei/XpyjNj477OSxzAZnf2zDxlv7vcriNPXPl6g7Wcye5znam7yF
tPBncBaoT1Mip+nVkg+eKQexhMO6iFJ/l137AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUkH90Sa4Oo9YMdyqGhSH6acGjAbEwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9rSDkwU2E0T285WU1keXFHaFNINmFjR2pBYkUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AAPtDTMrxYQM899Jt/ukYN8Zl72nHzkJPnhRIEvSfLUWuqkD1tL4bWawcLXVDazt
x8LaNZiiF95YOptojidFEtU1jlxEi3Puow5VTEq/cxZ3bfBWEbgtpmJ+bJ7nkJ1I
08oPJSI+n4UOpLcZ1txIIPQf9q2r1USuToUjsu49H7mewt+9YtAjyCjdEQ4LrD3a
GTeuE1Ig+JU435kGRAJ5RJtxGOc/PyBZEV432fFvOM3wqUTsda70Vk9Uf5xJ42Cu
QvnOZX9nQJziiSxBTBI/ZS98Z2gu8qOb3OJkD0jg7BRnTPcYlnzgDlAG5jYM38SM
wSXuk9WZ+qcoDYdRKKHyjPc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org