Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/vefbpde7xXTfPrtfDg19j44nqiw.roa
File: vefbpde7xXTfPrtfDg19j44nqiw.roa (raw, json)
Hash identifier: owApKO5l00tMldV9q87XaOk5/djK2BvluGHHc+ePPDQ=
Subject key identifier: BD:E7:DB:A5:D7:BB:C5:74:DF:3E:BB:5F:0E:0D:7D:8F:8E:27:AA:2C
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 470F
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/vefbpde7xXTfPrtfDg19j44nqiw.roa
Signing time: Wed 27 Apr 2022 00:30:09 +0000
ROA not before: Wed 27 Apr 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18191 (0x470f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 27 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=BDE7DBA5D7BBC574DF3EBB5F0E0D7D8F8E27AA2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:95:59:86:ee:60:03:5b:cc:ad:33:ca:e7:49:
16:c7:b6:e1:39:89:34:64:b5:a5:94:4b:6c:71:77:
da:63:d8:9c:84:8a:59:05:5b:e9:a5:d5:d2:d9:90:
e1:3c:e4:04:85:55:ad:ed:7a:28:4b:8b:46:e0:29:
b3:83:a5:4e:14:42:fe:93:81:b3:95:95:fe:8a:5e:
8d:86:d2:a8:9e:17:ad:5b:38:8b:40:6f:c7:37:2a:
3b:4d:b4:05:ad:77:59:6c:0e:f8:16:b5:35:11:56:
eb:72:e8:d9:45:a7:c8:82:ca:a1:86:3e:d4:86:ab:
e6:7d:0a:f6:7c:30:86:4c:3c:e6:29:86:41:6c:00:
a2:5a:55:6d:56:44:2d:2c:7d:87:53:97:46:29:e0:
9d:71:c7:25:d0:4f:bd:d4:3f:d2:96:c6:ba:d5:94:
da:c8:ea:90:2b:5d:61:90:8e:d2:66:9a:03:4d:17:
66:15:97:27:6c:14:aa:ff:d9:b5:8f:dd:54:b1:3b:
2c:81:70:9d:c0:ab:83:66:92:4a:aa:98:c1:49:41:
9a:0e:f7:71:cb:a6:2a:fd:78:e8:a5:b6:a2:a4:25:
03:d0:b9:de:a9:14:ec:3c:10:a9:f5:6e:8b:97:ef:
5b:65:1c:a9:e5:c6:5e:80:64:25:e8:18:47:e8:52:
88:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E7:DB:A5:D7:BB:C5:74:DF:3E:BB:5F:0E:0D:7D:8F:8E:27:AA:2C
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/vefbpde7xXTfPrtfDg19j44nqiw.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:17:d6:23:d2:ce:c7:b3:e5:bf:1c:b2:37:c7:fa:46:8b:1e:
47:e3:70:17:72:b4:de:03:dd:53:45:5d:17:d7:60:0b:68:12:
5a:15:1c:7d:11:f6:e8:8f:7f:22:d1:0b:6f:cf:b7:7d:b3:57:
fc:c4:73:ad:03:6f:64:fb:02:29:5c:18:8c:6f:52:d0:43:1d:
fc:b8:a3:e5:0d:17:5d:5e:40:8f:fc:e0:35:a8:1c:ea:cb:28:
0b:cb:a4:cf:09:d4:f5:8a:b6:ee:1c:b6:6d:5a:36:67:06:ef:
77:85:66:f3:3a:a1:94:79:70:4c:43:bc:5f:e0:5c:69:1a:db:
1b:0a:7a:ec:c4:98:73:86:08:a5:1c:1b:09:67:19:ed:72:7b:
65:f2:91:44:fb:52:4c:3c:18:1b:5d:c7:b3:9c:3d:d1:a6:cf:
28:06:1d:64:24:20:b2:21:04:d9:12:6d:4e:bf:56:24:8d:d6:
0f:d9:15:6b:94:c0:4d:a8:06:0b:3e:02:ef:e6:0a:28:76:1b:
8a:00:54:3c:82:e1:f6:16:52:8e:3c:ad:46:85:be:0b:10:63:
47:75:fb:de:75:6d:e1:d1:a3:d1:01:c8:f8:5b:b6:6a:83:f3:
90:05:80:92:8c:d8:04:0b:bc:87:32:51:18:a4:46:39:ff:06:
75:30:4f:0d
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRw8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0Mjcw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEJERTdEQkE1RDdCQkM1
NzRERjNFQkI1RjBFMEQ3RDhGOEUyN0FBMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCplVmG7mADW8ytM8rnSRbHtuE5iTRktaWUS2xxd9pj2JyEilkF
W+ml1dLZkOE85ASFVa3teihLi0bgKbODpU4UQv6TgbOVlf6KXo2G0qieF61bOItA
b8c3KjtNtAWtd1lsDvgWtTURVuty6NlFp8iCyqGGPtSGq+Z9CvZ8MIZMPOYphkFs
AKJaVW1WRC0sfYdTl0Yp4J1xxyXQT73UP9KWxrrVlNrI6pArXWGQjtJmmgNNF2YV
lydsFKr/2bWP3VSxOyyBcJ3Aq4NmkkqqmMFJQZoO93HLpir9eOiltqKkJQPQud6p
FOw8EKn1bouX71tlHKnlxl6AZCXoGEfoUog5AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUvefbpde7xXTfPrtfDg19j44nqiwwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS92ZWZicGRlN3hYVGZQcnRmRGcxOWo0NG5xaXcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AJoX1iPSzsez5b8csjfH+kaLHkfjcBdytN4D3VNFXRfXYAtoEloVHH0R9uiPfyLR
C2/Pt32zV/zEc60Db2T7AilcGIxvUtBDHfy4o+UNF11eQI/84DWoHOrLKAvLpM8J
1PWKtu4ctm1aNmcG73eFZvM6oZR5cExDvF/gXGka2xsKeuzEmHOGCKUcGwlnGe1y
e2XykUT7Ukw8GBtdx7OcPdGmzygGHWQkILIhBNkSbU6/ViSN1g/ZFWuUwE2oBgs+
Au/mCih2G4oAVDyC4fYWUo48rUaFvgsQY0d1+951beHRo9EByPhbtmqD85AFgJKM
2AQLvIcyURikRjn/BnUwTw0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org