Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/05Iv6VsXLVwaZhpkcITrnrROhBU.roa
File: 05Iv6VsXLVwaZhpkcITrnrROhBU.roa (raw, json)
Hash identifier: ykOSVxnzizGQ5JIflrVB1wx0gyy75HwChTWl4wvhm6k=
Subject key identifier: D3:92:2F:E9:5B:17:2D:5C:1A:66:1A:64:70:84:EB:9E:B4:4E:84:15
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 42FD
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/05Iv6VsXLVwaZhpkcITrnrROhBU.roa
Signing time: Fri 11 Feb 2022 00:30:08 +0000
ROA not before: Fri 11 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17149 (0x42fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 11 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=D3922FE95B172D5C1A661A647084EB9EB44E8415
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:df:5b:b2:4a:1d:7a:4e:24:7d:be:53:a1:f0:
29:01:ea:20:5c:1b:63:5b:2a:9d:fe:e4:10:b7:93:
6d:50:9a:22:ec:37:4d:09:6a:c4:1d:3c:71:f3:c0:
29:d4:cb:44:93:38:8b:1d:20:53:5f:1c:ee:bc:d5:
c2:5d:52:67:df:a6:24:39:bf:bc:dd:04:ec:0c:1a:
33:e4:77:6d:7b:cc:2e:55:ee:40:5e:cf:64:16:9e:
08:7b:66:f8:4b:a4:a7:9b:bd:8e:71:12:31:cc:fc:
62:c6:0b:df:07:33:f7:9d:7e:03:87:fa:68:c3:b8:
3b:00:35:f4:95:b7:21:e8:5a:f6:cf:73:18:5a:fe:
7d:5f:74:1c:6e:14:22:cb:e8:bb:ed:ca:f1:29:6f:
b4:ce:c6:18:52:fc:03:7f:78:ca:14:a9:34:00:23:
dc:b9:26:b8:25:1b:ed:56:64:b3:ce:0a:e2:54:7f:
56:0c:c7:da:8d:b5:de:fd:83:77:85:c7:66:cd:d9:
fd:54:d3:d1:47:99:8e:f6:8c:42:df:89:aa:fb:21:
f9:78:4b:de:81:28:df:9e:ac:ab:f7:f6:d6:84:f2:
fa:84:1c:12:cb:de:9c:ef:5b:b1:d2:d0:f0:08:b6:
17:88:52:a7:72:c5:cb:69:8d:7e:67:24:fe:f6:ab:
32:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:92:2F:E9:5B:17:2D:5C:1A:66:1A:64:70:84:EB:9E:B4:4E:84:15
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/05Iv6VsXLVwaZhpkcITrnrROhBU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
78:a2:26:24:dc:fc:c7:b3:00:df:38:c9:78:df:ec:b6:88:02:
e5:4e:24:a3:d2:d0:82:b4:2b:50:65:eb:b5:93:3c:9f:06:32:
21:99:0d:ac:3a:b8:f4:36:43:e6:07:1b:e4:0c:9e:a5:96:fb:
b9:ea:99:82:84:fa:e9:76:19:a0:3a:39:66:3b:1b:f3:c4:22:
88:21:92:cf:84:f5:dc:13:cf:fe:1e:68:da:99:60:41:e4:e7:
09:dc:66:c7:7d:48:44:74:a1:e9:07:a4:c0:a0:35:e8:f3:6f:
88:89:af:a1:b2:09:2c:fc:4b:3f:8d:0f:29:09:5f:13:fb:03:
d7:e6:52:28:01:ab:97:8e:80:4e:3c:11:9f:4e:4c:4c:cc:cd:
c2:38:30:ad:a5:43:4a:f1:a1:20:85:7f:36:40:0e:31:81:ab:
19:95:f3:15:83:0f:8d:a2:e1:65:db:c2:eb:38:23:dc:76:2c:
93:8a:cc:87:8e:37:0f:71:da:d6:61:13:11:17:28:c6:a5:f5:
da:e0:3f:ec:28:4f:20:73:3b:9e:e5:e1:4c:fe:c0:96:7a:6b:
e0:93:38:64:90:30:fe:cb:2c:a0:93:03:3d:91:99:87:7f:d7:
b5:5c:bf:f6:79:b3:38:30:93:16:5a:28:9e:7d:f1:83:55:61:
e2:64:78:0d
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQv0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTEw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEQzOTIyRkU5NUIxNzJE
NUMxQTY2MUE2NDcwODRFQjlFQjQ0RTg0MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq31uySh16TiR9vlOh8CkB6iBcG2NbKp3+5BC3k21QmiLsN00J
asQdPHHzwCnUy0STOIsdIFNfHO681cJdUmffpiQ5v7zdBOwMGjPkd217zC5V7kBe
z2QWngh7ZvhLpKebvY5xEjHM/GLGC98HM/edfgOH+mjDuDsANfSVtyHoWvbPcxha
/n1fdBxuFCLL6LvtyvEpb7TOxhhS/AN/eMoUqTQAI9y5JrglG+1WZLPOCuJUf1YM
x9qNtd79g3eFx2bN2f1U09FHmY72jELfiar7Ifl4S96BKN+erKv39taE8vqEHBLL
3pzvW7HS0PAItheIUqdyxctpjX5nJP72qzLbAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU05Iv6VsXLVwaZhpkcITrnrROhBUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS8wNUl2NlZzWExWd2FaaHBrY0lUcm5yUk9oQlUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AHiiJiTc/MezAN84yXjf7LaIAuVOJKPS0IK0K1Bl67WTPJ8GMiGZDaw6uPQ2Q+YH
G+QMnqWW+7nqmYKE+ul2GaA6OWY7G/PEIoghks+E9dwTz/4eaNqZYEHk5wncZsd9
SER0oekHpMCgNejzb4iJr6GyCSz8Sz+NDykJXxP7A9fmUigBq5eOgE48EZ9OTEzM
zcI4MK2lQ0rxoSCFfzZADjGBqxmV8xWDD42i4WXbwus4I9x2LJOKzIeONw9x2tZh
ExEXKMal9drgP+woTyBzO57l4Uz+wJZ6a+CTOGSQMP7LLKCTAz2RmYd/17Vcv/Z5
szgwkxZaKJ598YNVYeJkeA0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:35 2023 by rpki-client on console-fra.rpki-client.org