Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/lKiliFDFQ4zefhgpjnmgS_sWH68.roa
File: lKiliFDFQ4zefhgpjnmgS_sWH68.roa (raw, json)
Hash identifier: v7JOgzuRNcrGHE6yXqh5w1zXtwWRo32sE44qx2ge7WY=
Subject key identifier: 94:A8:A5:88:50:C5:43:8C:DE:7E:18:29:8E:79:A0:4B:FB:16:1F:AF
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4333
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/lKiliFDFQ4zefhgpjnmgS_sWH68.roa
Signing time: Tue 15 Feb 2022 00:30:07 +0000
ROA not before: Tue 15 Feb 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17203 (0x4333)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 15 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=94A8A58850C5438CDE7E18298E79A04BFB161FAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:10:06:2d:c0:51:1d:4c:18:cb:1c:a5:ec:ed:
44:b4:19:15:a8:b0:44:3f:14:44:07:e7:fe:a6:49:
4e:a9:0e:a2:25:61:8f:f7:5a:f1:d9:3a:d1:bb:87:
02:73:66:55:35:9e:04:d1:db:6e:27:ab:9d:0a:62:
39:3d:a8:07:e9:67:f7:26:da:c1:9f:ed:42:52:8b:
6b:35:c2:a6:5f:52:d5:97:ec:3a:ed:31:2d:7c:b6:
d1:ed:85:bb:35:5c:4f:10:b9:02:5d:4c:74:cf:29:
78:37:93:33:4d:0b:24:be:46:c3:e4:6b:37:3c:7c:
a8:8d:53:3e:b4:42:74:9c:5f:ca:fc:25:59:c7:c9:
23:0e:32:63:1e:49:0f:7b:5e:be:03:63:07:e8:ea:
ca:7d:82:3f:fe:0f:ec:2e:7f:dc:7e:de:f4:ea:2c:
4e:1d:c3:4f:cf:a7:b2:e7:6a:ba:6d:61:9b:f8:e1:
bf:4a:62:1b:e9:48:f4:36:84:cd:4c:f7:5c:28:4a:
95:cd:87:f8:94:c6:18:2d:a2:c6:3b:76:b9:aa:5a:
0b:09:47:8d:73:02:9b:90:a9:5e:8a:94:96:ad:0a:
82:46:71:d5:4a:9d:c0:66:53:15:a5:d8:b3:07:e1:
a6:cc:1e:7c:35:81:3d:1f:6a:90:90:b6:06:dd:8a:
f3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:A8:A5:88:50:C5:43:8C:DE:7E:18:29:8E:79:A0:4B:FB:16:1F:AF
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/lKiliFDFQ4zefhgpjnmgS_sWH68.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:36:66:4f:a9:fa:c4:c1:0d:30:c6:17:c0:88:93:2b:24:b1:
de:08:67:ce:94:85:46:44:87:fc:3f:b2:23:e2:7d:ad:3d:f1:
47:76:9e:63:03:38:37:a1:b3:82:69:c4:fc:32:5f:70:bd:03:
5f:38:9f:10:55:df:66:24:56:da:b1:90:57:53:fd:03:79:ec:
41:16:f2:47:da:06:e8:b0:f5:70:4d:7b:20:fd:30:fd:7d:c6:
71:03:5f:8f:e5:78:73:90:17:2e:ac:6c:20:bf:92:98:af:dd:
31:ec:91:f0:6b:bf:2e:38:58:e4:dd:da:39:1b:74:d0:00:a8:
d5:2f:43:ec:e5:7b:0d:23:94:77:e5:2f:19:1c:eb:0a:ce:f0:
e9:eb:8f:41:c4:9a:f4:29:8f:c1:4d:fb:a1:66:09:00:20:97:
d9:d8:76:ac:cb:6f:80:cb:dd:6e:a0:a4:5a:d9:f1:ae:b3:0e:
d5:f1:95:ea:2d:69:16:f1:bc:70:6f:50:b0:b5:a6:bc:bf:00:
f6:69:24:da:46:1c:9b:08:cb:4c:95:05:8a:07:33:0a:a9:58:
da:ff:30:05:78:f2:c6:6f:b9:73:33:cc:a4:0a:20:1e:67:07:
4b:a4:b4:20:b8:78:fc:cc:8d:72:12:bc:1b:d8:49:b3:cb:a7:
4a:53:d9:3a
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQzMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTUw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDk0QThBNTg4NTBDNTQz
OENERTdFMTgyOThFNzlBMDRCRkIxNjFGQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqEAYtwFEdTBjLHKXs7US0GRWosEQ/FEQH5/6mSU6pDqIlYY/3
WvHZOtG7hwJzZlU1ngTR224nq50KYjk9qAfpZ/cm2sGf7UJSi2s1wqZfUtWX7Drt
MS18ttHthbs1XE8QuQJdTHTPKXg3kzNNCyS+RsPkazc8fKiNUz60QnScX8r8JVnH
ySMOMmMeSQ97Xr4DYwfo6sp9gj/+D+wuf9x+3vTqLE4dw0/Pp7LnarptYZv44b9K
YhvpSPQ2hM1M91woSpXNh/iUxhgtosY7drmqWgsJR41zApuQqV6KlJatCoJGcdVK
ncBmUxWl2LMH4abMHnw1gT0fapCQtgbdivNjAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUlKiliFDFQ4zefhgpjnmgS/sWH68wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9sS2lsaUZERlE0emVmaGdwam5tZ1Nfc1dINjgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AE82Zk+p+sTBDTDGF8CIkysksd4IZ86UhUZEh/w/siPifa098Ud2nmMDODehs4Jp
xPwyX3C9A184nxBV32YkVtqxkFdT/QN57EEW8kfaBuiw9XBNeyD9MP19xnEDX4/l
eHOQFy6sbCC/kpiv3THskfBrvy44WOTd2jkbdNAAqNUvQ+zlew0jlHflLxkc6wrO
8Onrj0HEmvQpj8FN+6FmCQAgl9nYdqzLb4DL3W6gpFrZ8a6zDtXxleotaRbxvHBv
ULC1pry/APZpJNpGHJsIy0yVBYoHMwqpWNr/MAV48sZvuXMzzKQKIB5nB0uktCC4
ePzMjXISvBvYSbPLp0pT2To=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org