Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/khdDgSLqxN4ls75PjQ2ORpH4TF4.roa
File: khdDgSLqxN4ls75PjQ2ORpH4TF4.roa (raw, json)
Hash identifier: nTsJ+L6i4J42fyLg/6xASVYVwr7RT91bCTN7pb2K4e0=
Subject key identifier: 92:17:43:81:22:EA:C4:DE:25:B3:BE:4F:8D:0D:8E:46:91:F8:4C:5E
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44DB
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/khdDgSLqxN4ls75PjQ2ORpH4TF4.roa
Signing time: Fri 18 Mar 2022 00:30:08 +0000
ROA not before: Fri 18 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17627 (0x44db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 18 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=9217438122EAC4DE25B3BE4F8D0D8E4691F84C5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2c:0c:e1:99:46:d9:89:6a:2e:72:c8:4d:2c:
6d:c2:29:c2:3f:0e:30:ad:ec:a9:98:5a:9b:e8:d7:
bc:fe:ec:54:4e:4b:54:4f:da:8c:23:d9:5c:f1:c1:
fd:05:2e:7d:4b:52:71:0a:e6:57:87:3d:f1:1a:db:
12:f7:c8:c0:0c:d6:e5:c8:f6:ed:a7:dc:f1:a1:66:
c3:76:df:d7:44:e2:56:d1:d7:20:4a:1e:96:a2:f0:
12:36:89:52:1f:32:c9:dc:1d:72:a3:b0:a8:30:10:
78:f4:3e:21:09:e7:a7:57:6e:c5:ad:ec:91:f5:e3:
46:cc:8b:dc:a8:af:71:cc:f1:7d:d2:00:74:8b:ed:
64:9b:ee:bc:7d:d4:0e:e1:60:3d:b7:cc:d3:6a:c5:
e3:13:ea:5b:9c:9a:ae:70:13:b0:ef:7d:f0:de:0e:
9f:c1:e0:0a:c9:aa:89:97:7c:04:8a:33:8b:46:45:
28:c7:60:31:d6:fb:a2:ee:4f:08:1a:f9:0b:65:f0:
92:04:dc:03:56:d1:fc:20:65:7d:98:23:15:4c:3b:
89:4c:5b:d4:0c:9c:18:da:84:49:ec:43:ca:ef:6b:
66:c2:8a:fd:a9:13:6e:df:e5:3f:24:d7:a4:94:ae:
04:fb:2b:a8:05:e8:6d:26:6c:cb:0f:2b:d6:d1:6b:
7b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:17:43:81:22:EA:C4:DE:25:B3:BE:4F:8D:0D:8E:46:91:F8:4C:5E
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/khdDgSLqxN4ls75PjQ2ORpH4TF4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
52:d9:32:d0:f7:f4:6b:80:28:7f:46:ad:fd:b5:37:cb:f3:72:
68:11:77:6a:bc:52:ed:4d:ec:ad:5a:40:e0:9c:b0:ab:ce:be:
01:c4:77:41:05:f4:42:af:b0:d7:f2:4f:16:1a:e7:1e:1e:8f:
c2:45:bb:d8:ff:88:35:3a:58:a9:37:ae:42:cb:8f:43:cd:34:
c6:77:89:a9:d7:02:f8:2c:56:42:fd:ae:b8:8b:a4:7d:b9:7a:
d9:d5:b6:95:54:a3:91:0e:d4:12:ef:67:95:f0:9e:a5:9c:b4:
a2:8b:89:83:e6:19:32:80:dc:e9:38:7d:da:7c:d3:49:73:7b:
45:8c:9c:35:70:52:3f:2b:b5:b0:5c:27:dd:ef:28:45:37:c3:
44:d8:ae:67:ae:f0:a7:fe:19:e9:7e:64:ad:14:9a:a1:32:00:
39:8f:12:7f:5b:99:3f:73:39:3a:65:3b:0b:68:3b:b2:c8:84:
72:bd:ce:d2:cc:02:7e:de:c0:03:74:c2:a3:bb:7a:fb:9e:62:
49:62:9e:81:3e:9a:0f:8f:8a:8d:05:e2:8d:3b:19:b0:7e:1c:
2b:1b:f9:50:99:3c:88:1d:94:8a:be:b6:2f:94:9f:35:10:c3:
5b:72:cd:58:28:1e:c9:59:88:37:6c:7b:5d:10:17:ac:33:cd:
13:d8:01:2d
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRNswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTgw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDkyMTc0MzgxMjJFQUM0
REUyNUIzQkU0RjhEMEQ4RTQ2OTFGODRDNUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpLAzhmUbZiWoucshNLG3CKcI/DjCt7KmYWpvo17z+7FROS1RP
2owj2Vzxwf0FLn1LUnEK5leHPfEa2xL3yMAM1uXI9u2n3PGhZsN239dE4lbR1yBK
Hpai8BI2iVIfMsncHXKjsKgwEHj0PiEJ56dXbsWt7JH140bMi9yor3HM8X3SAHSL
7WSb7rx91A7hYD23zNNqxeMT6lucmq5wE7DvffDeDp/B4ArJqomXfASKM4tGRSjH
YDHW+6LuTwga+Qtl8JIE3ANW0fwgZX2YIxVMO4lMW9QMnBjahEnsQ8rva2bCiv2p
E27f5T8k16SUrgT7K6gF6G0mbMsPK9bRa3v/AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUkhdDgSLqxN4ls75PjQ2ORpH4TF4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9raGREZ1NMcXhONGxzNzVQalEyT1JwSDRURjQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
AFLZMtD39GuAKH9Grf21N8vzcmgRd2q8Uu1N7K1aQOCcsKvOvgHEd0EF9EKvsNfy
TxYa5x4ej8JFu9j/iDU6WKk3rkLLj0PNNMZ3ianXAvgsVkL9rriLpH25etnVtpVU
o5EO1BLvZ5XwnqWctKKLiYPmGTKA3Ok4fdp800lze0WMnDVwUj8rtbBcJ93vKEU3
w0TYrmeu8Kf+Gel+ZK0UmqEyADmPEn9bmT9zOTplOwtoO7LIhHK9ztLMAn7ewAN0
wqO7evueYklinoE+mg+Pio0F4o07GbB+HCsb+VCZPIgdlIq+ti+UnzUQw1tyzVgo
HslZiDdse10QF6wzzRPYAS0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org