Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/udHJBFAN4W8m3oWY45un3lWJO44.roa
File: udHJBFAN4W8m3oWY45un3lWJO44.roa (raw, json)
Hash identifier: 2IOu8D5wfDw1IWsrBAL0zKnvGHaxOh5P4R7UrIz7CvQ=
Subject key identifier: B9:D1:C9:04:50:0D:E1:6F:26:DE:85:98:E3:9B:A7:DE:55:89:3B:8E
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 448B
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/udHJBFAN4W8m3oWY45un3lWJO44.roa
Signing time: Sat 12 Mar 2022 00:30:08 +0000
ROA not before: Sat 12 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17547 (0x448b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 12 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=B9D1C904500DE16F26DE8598E39BA7DE55893B8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:db:7d:06:e6:50:32:ed:bd:7c:43:8d:6d:1a:
b9:94:4d:07:1a:a4:aa:fc:ad:ec:f8:17:06:b4:33:
15:45:8b:57:c8:d6:96:6f:a6:82:24:e9:bc:59:8f:
e7:a0:b4:00:75:f9:44:c6:43:b2:c9:62:9f:fa:fb:
b7:0d:3d:60:09:fd:7b:4d:9b:e3:c2:0a:21:b8:20:
d4:b7:d1:fb:9b:ca:72:07:24:81:1c:29:30:dd:be:
a6:3d:d1:f7:ce:64:53:fb:62:c5:01:c7:cf:d5:b3:
d6:12:6f:7c:a8:b2:0d:10:76:1a:94:df:19:ae:2b:
52:1f:e8:a1:84:77:75:8b:e6:1b:dc:5a:cd:f4:d7:
73:0e:09:47:44:27:9f:e4:4a:88:05:93:1d:d0:08:
4c:fd:59:49:f7:99:3f:40:47:64:89:38:bf:9f:f4:
35:c6:d4:e1:94:0f:71:46:d5:2a:82:99:af:46:ee:
6b:df:11:bf:27:2c:55:0b:18:e0:dd:af:01:6d:14:
bd:b3:b4:5e:f1:c5:e4:7b:46:ab:69:3f:12:e8:f6:
c1:08:83:ce:e6:35:32:30:5e:19:81:e2:19:c5:87:
20:6a:a0:1b:00:69:5f:94:33:84:58:d6:34:e9:e6:
ea:7e:05:49:7e:12:0c:51:9d:75:53:ca:50:1e:be:
41:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D1:C9:04:50:0D:E1:6F:26:DE:85:98:E3:9B:A7:DE:55:89:3B:8E
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/udHJBFAN4W8m3oWY45un3lWJO44.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:8f:bf:73:80:32:77:b5:6d:3c:89:a4:fb:d9:69:8f:e9:0f:
ee:e4:5e:cb:90:57:e1:69:73:ea:26:bf:5f:19:3e:22:4f:32:
6a:6b:d9:c1:71:bc:9b:ee:e5:dc:52:c8:ae:6a:2e:42:27:e8:
64:42:64:c2:4f:f5:15:f3:6d:23:c7:90:c5:94:76:0e:14:8c:
75:dc:0e:df:a7:1e:4a:f8:ac:6c:3b:86:eb:8b:73:c0:92:26:
9d:6d:99:25:20:3f:87:8a:66:4a:4f:bf:a2:62:98:49:e4:52:
3f:c8:5a:a4:2a:77:68:34:40:55:66:27:cd:81:03:e2:14:9e:
e6:86:1d:4e:d9:af:d8:f7:26:28:35:76:15:a0:a6:02:76:16:
14:20:e2:bb:32:47:04:5a:2b:26:87:fa:4e:25:12:a1:6a:78:
ff:89:05:da:30:3e:9f:d2:1b:3e:3a:84:42:2d:db:c9:4e:11:
49:78:66:25:46:87:00:e7:80:16:49:36:5e:e0:0c:1d:89:89:
8e:f3:7a:b3:54:94:72:2b:2a:e4:4f:92:56:d5:a9:07:4b:09:
e6:e9:8d:1f:f5:23:95:fc:75:e2:fc:d1:34:2d:b0:2f:c7:92:
90:a1:71:32:b9:1c:e2:dd:c2:99:40:17:ba:bb:df:5e:ea:e5:
95:f2:2d:46
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRIswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTIw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEI5RDFDOTA0NTAwREUx
NkYyNkRFODU5OEUzOUJBN0RFNTU4OTNCOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDg230G5lAy7b18Q41tGrmUTQcapKr8rez4Fwa0MxVFi1fI1pZv
poIk6bxZj+egtAB1+UTGQ7LJYp/6+7cNPWAJ/XtNm+PCCiG4INS30fubynIHJIEc
KTDdvqY90ffOZFP7YsUBx8/Vs9YSb3yosg0QdhqU3xmuK1If6KGEd3WL5hvcWs30
13MOCUdEJ5/kSogFkx3QCEz9WUn3mT9AR2SJOL+f9DXG1OGUD3FG1SqCma9G7mvf
Eb8nLFULGODdrwFtFL2ztF7xxeR7RqtpPxLo9sEIg87mNTIwXhmB4hnFhyBqoBsA
aV+UM4RY1jTp5up+BUl+EgxRnXVTylAevkG/AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUudHJBFAN4W8m3oWY45un3lWJO44wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS91ZEhKQkZBTjRXOG0zb1dZNDV1bjNsV0pPNDQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AMGPv3OAMne1bTyJpPvZaY/pD+7kXsuQV+Fpc+omv18ZPiJPMmpr2cFxvJvu5dxS
yK5qLkIn6GRCZMJP9RXzbSPHkMWUdg4UjHXcDt+nHkr4rGw7huuLc8CSJp1tmSUg
P4eKZkpPv6JimEnkUj/IWqQqd2g0QFVmJ82BA+IUnuaGHU7Zr9j3Jig1dhWgpgJ2
FhQg4rsyRwRaKyaH+k4lEqFqeP+JBdowPp/SGz46hEIt28lOEUl4ZiVGhwDngBZJ
Nl7gDB2JiY7zerNUlHIrKuRPklbVqQdLCebpjR/1I5X8deL80TQtsC/HkpChcTK5
HOLdwplAF7q7317q5ZXyLUY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org