Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/kdH4R2iL3nNUmbARLoDjHZTVzCQ.roa
File: kdH4R2iL3nNUmbARLoDjHZTVzCQ.roa (raw, json)
Hash identifier: 61KDynILOsZ6bzWv/p1pZDb3bBqmdCH2hZWQjtGoN7s=
Subject key identifier: 91:D1:F8:47:68:8B:DE:73:54:99:B0:11:2E:80:E3:1D:94:D5:CC:24
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44C2
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/kdH4R2iL3nNUmbARLoDjHZTVzCQ.roa
Signing time: Wed 16 Mar 2022 00:30:08 +0000
ROA not before: Wed 16 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17602 (0x44c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 16 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=91D1F847688BDE735499B0112E80E31D94D5CC24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d0:2a:73:17:a4:1b:85:a0:d8:37:a0:ed:10:
32:41:49:8f:2b:7b:ee:cd:91:9e:85:7f:6e:9c:87:
d9:d9:63:93:5d:7f:af:4e:c0:a9:0d:9f:77:6d:05:
b7:ce:39:44:bb:0b:d1:e2:fb:84:e6:3c:a3:df:25:
08:f0:2b:75:33:8f:e9:b9:fc:82:6f:40:40:5d:40:
e4:51:c2:a5:c7:ec:5d:07:1b:03:99:8a:c9:de:ad:
6c:6c:05:1b:87:96:0f:34:31:2c:ca:39:a2:1f:ad:
4b:d2:0b:16:55:0b:94:90:66:e4:d3:28:ea:36:91:
ac:12:9e:55:3d:b7:5b:13:16:b3:96:5a:ef:69:1c:
cb:43:c9:24:b4:61:86:8e:bb:1c:a1:5b:e8:03:a0:
72:26:dd:e2:90:45:c5:a1:3c:e0:3d:08:d1:9c:3d:
9b:6a:62:80:84:9f:8c:c3:ea:dd:57:6c:8f:de:4f:
5b:8c:15:ee:9d:d1:1b:fe:09:7d:cf:8f:06:fa:0f:
f3:49:35:32:da:31:8b:ca:6c:ad:6a:d4:a6:e4:10:
58:a5:bc:03:d4:71:18:77:6f:7b:65:60:6f:96:87:
a7:eb:ec:4b:1a:62:10:fd:ff:61:5a:e1:17:ed:91:
9a:6c:a0:f0:fa:12:38:28:67:e2:64:97:58:c1:fc:
a9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D1:F8:47:68:8B:DE:73:54:99:B0:11:2E:80:E3:1D:94:D5:CC:24
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/kdH4R2iL3nNUmbARLoDjHZTVzCQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:6a:c8:23:40:e0:95:67:10:9c:3c:d8:a1:ca:57:4a:fb:b8:
1d:6c:31:e4:23:6a:5d:5c:54:01:34:33:28:de:73:12:61:c9:
ae:d4:b7:d9:06:9b:f8:eb:7e:88:e3:aa:11:aa:0a:d6:00:4e:
4c:d2:bb:09:5f:1d:74:31:f4:93:e1:4f:38:eb:36:fc:0e:1b:
47:03:85:10:de:1c:d3:e7:6a:fa:48:ce:c0:0a:d5:ac:51:bc:
ac:91:2e:f6:85:cf:8e:c9:14:f6:8a:ac:98:b0:8f:b7:8f:19:
28:58:ba:1f:ed:e9:26:8e:04:11:5c:52:7d:30:d5:c3:7a:d6:
5d:61:ad:04:bf:00:62:2f:bd:af:7d:df:81:fe:c5:e5:63:13:
11:6f:f0:b7:3f:2d:b9:19:74:0d:9f:b6:b3:bd:4d:8b:b4:84:
d7:05:4e:b3:14:d8:2a:13:eb:c9:89:fd:68:49:8b:26:57:66:
4c:3e:52:35:78:19:c2:bb:ee:8d:8c:71:c8:d5:37:6c:55:9c:
ed:69:11:77:93:6c:88:f9:b8:30:fb:43:12:83:89:ca:61:15:
16:31:a2:93:6e:7a:a4:0c:52:43:0f:27:5e:84:c5:5c:3f:46:
40:cd:d8:9b:fb:ec:79:c3:f6:e2:a5:fb:ca:a9:ab:a8:e0:61:
e8:1e:b6:7e
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRMIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTYw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDkxRDFGODQ3Njg4QkRF
NzM1NDk5QjAxMTJFODBFMzFEOTRENUNDMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC00CpzF6QbhaDYN6DtEDJBSY8re+7NkZ6Ff26ch9nZY5Ndf69O
wKkNn3dtBbfOOUS7C9Hi+4TmPKPfJQjwK3Uzj+m5/IJvQEBdQORRwqXH7F0HGwOZ
isnerWxsBRuHlg80MSzKOaIfrUvSCxZVC5SQZuTTKOo2kawSnlU9t1sTFrOWWu9p
HMtDySS0YYaOuxyhW+gDoHIm3eKQRcWhPOA9CNGcPZtqYoCEn4zD6t1XbI/eT1uM
Fe6d0Rv+CX3Pjwb6D/NJNTLaMYvKbK1q1KbkEFilvAPUcRh3b3tlYG+Wh6fr7Esa
YhD9/2Fa4RftkZpsoPD6EjgoZ+Jkl1jB/KnBAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUkdH4R2iL3nNUmbARLoDjHZTVzCQwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9rZEg0UjJpTDNuTlVtYkFSTG9EakhaVFZ6Q1Eucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AF1qyCNA4JVnEJw82KHKV0r7uB1sMeQjal1cVAE0MyjecxJhya7Ut9kGm/jrfojj
qhGqCtYATkzSuwlfHXQx9JPhTzjrNvwOG0cDhRDeHNPnavpIzsAK1axRvKyRLvaF
z47JFPaKrJiwj7ePGShYuh/t6SaOBBFcUn0w1cN61l1hrQS/AGIvva9934H+xeVj
ExFv8Lc/LbkZdA2ftrO9TYu0hNcFTrMU2CoT68mJ/WhJiyZXZkw+UjV4GcK77o2M
ccjVN2xVnO1pEXeTbIj5uDD7QxKDicphFRYxopNueqQMUkMPJ16ExVw/RkDN2Jv7
7HnD9uKl+8qpq6jgYegetn4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org