Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/RfRX_52xwpxqjMkkfKIfKBVKLVk.roa
File: RfRX_52xwpxqjMkkfKIfKBVKLVk.roa (raw, json)
Hash identifier: hoDmTuV6jmyrQr2WfN+mKo3heRKX+Ba2/IlFA8t6kOI=
Subject key identifier: 45:F4:57:FF:9D:B1:C2:9C:6A:8C:C9:24:7C:A2:1F:28:15:4A:2D:59
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43CD
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/RfRX_52xwpxqjMkkfKIfKBVKLVk.roa
Signing time: Sat 26 Feb 2022 00:30:09 +0000
ROA not before: Sat 26 Feb 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17357 (0x43cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 26 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=45F457FF9DB1C29C6A8CC9247CA21F28154A2D59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c9:e3:5d:6f:46:fa:51:a4:cc:29:3a:19:15:
1c:f9:20:8c:59:26:1d:2e:47:1e:14:ae:ff:64:05:
1f:54:26:6c:a4:b7:d7:ab:e2:e4:6f:3a:c4:70:25:
bb:1c:2e:b1:fc:b9:86:1a:e2:e4:32:5b:84:85:1a:
f5:c1:01:a8:a8:63:ad:62:8c:58:b4:31:2b:bc:77:
71:d4:e0:8b:ca:26:d2:ec:22:01:a8:e9:61:35:51:
23:ad:ed:10:b5:ee:e0:e0:32:a0:bd:f6:15:46:b3:
15:0d:25:3f:ca:ed:27:15:0d:c2:f1:9a:fd:4e:d2:
c1:28:0b:ba:d3:35:25:e2:32:3f:7b:b9:fa:eb:1f:
86:c6:38:52:ee:86:9c:fa:db:29:6e:7a:37:50:a0:
c1:b7:d7:5a:d7:2a:f0:f3:ba:c6:77:ae:7d:ec:b6:
61:89:54:74:5c:d9:cf:5f:82:a0:1e:73:c5:ab:d9:
86:e5:1f:4e:6f:00:fa:70:54:47:05:6c:d0:21:8a:
92:aa:6c:4c:b4:8b:12:81:29:d6:40:8a:fa:08:d5:
39:dd:97:9a:8d:02:ce:5f:29:95:fe:87:b2:5d:5b:
95:c8:ab:64:4d:dc:01:e1:3a:8c:a9:bb:10:a0:81:
7f:18:4e:51:34:ed:ea:d7:e1:23:b2:4e:da:3a:bc:
51:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F4:57:FF:9D:B1:C2:9C:6A:8C:C9:24:7C:A2:1F:28:15:4A:2D:59
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/RfRX_52xwpxqjMkkfKIfKBVKLVk.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
98:2d:5c:d9:1e:4b:19:9d:1e:45:5f:85:45:54:57:99:48:5f:
19:52:e1:2e:91:d2:e4:89:db:72:64:00:38:bb:2a:8c:8f:ba:
23:d9:d8:06:db:87:3a:61:b4:6e:80:03:4b:6c:fa:16:c4:7f:
1d:dc:27:78:e5:9f:dd:66:03:c5:cb:aa:90:6c:f0:92:67:6c:
02:01:0e:29:c6:3f:b5:b7:d8:df:75:e4:ac:05:08:17:30:2e:
83:cd:7d:ba:af:65:fa:83:dc:aa:f2:7a:9e:fa:88:37:2b:9b:
05:4f:f0:08:84:f3:7b:d1:45:85:5c:26:cf:01:57:ed:4d:48:
4b:d2:37:e1:7c:1e:a0:91:d1:4c:96:9c:ff:4e:d0:17:1b:21:
9b:bd:55:d8:26:42:31:c2:df:7c:89:8e:eb:9d:b7:a6:2c:ea:
c3:6a:d1:7f:ff:7e:2f:d8:50:6a:0b:b5:ab:9c:58:cc:9e:c8:
ef:7f:46:16:27:11:a3:b7:b5:4e:e0:2d:9e:34:64:05:37:df:
30:59:30:34:0a:ae:c1:66:ad:13:72:b7:21:ac:ad:d1:ed:ce:
42:59:04:9d:ea:a7:bf:f9:40:a3:72:fe:d2:dd:48:f6:7c:fc:
55:74:33:72:27:98:99:f4:70:8a:9b:27:9a:f7:08:84:6c:0a:
57:b7:67:4e
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ80wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjYw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDQ1RjQ1N0ZGOURCMUMy
OUM2QThDQzkyNDdDQTIxRjI4MTU0QTJENTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRyeNdb0b6UaTMKToZFRz5IIxZJh0uRx4Urv9kBR9UJmykt9er
4uRvOsRwJbscLrH8uYYa4uQyW4SFGvXBAaioY61ijFi0MSu8d3HU4IvKJtLsIgGo
6WE1USOt7RC17uDgMqC99hVGsxUNJT/K7ScVDcLxmv1O0sEoC7rTNSXiMj97ufrr
H4bGOFLuhpz62yluejdQoMG311rXKvDzusZ3rn3stmGJVHRc2c9fgqAec8Wr2Ybl
H05vAPpwVEcFbNAhipKqbEy0ixKBKdZAivoI1Tndl5qNAs5fKZX+h7JdW5XIq2RN
3AHhOoypuxCggX8YTlE07erX4SOyTto6vFF/AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQURfRX/52xwpxqjMkkfKIfKBVKLVkwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9SZlJYXzUyeHdweHFqTWtrZktJZktCVktMVmsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AJgtXNkeSxmdHkVfhUVUV5lIXxlS4S6R0uSJ23JkADi7KoyPuiPZ2AbbhzphtG6A
A0ts+hbEfx3cJ3jln91mA8XLqpBs8JJnbAIBDinGP7W32N915KwFCBcwLoPNfbqv
ZfqD3Kryep76iDcrmwVP8AiE83vRRYVcJs8BV+1NSEvSN+F8HqCR0UyWnP9O0Bcb
IZu9VdgmQjHC33yJjuudt6Ys6sNq0X//fi/YUGoLtaucWMyeyO9/RhYnEaO3tU7g
LZ40ZAU33zBZMDQKrsFmrRNytyGsrdHtzkJZBJ3qp7/5QKNy/tLdSPZ8/FV0M3In
mJn0cIqbJ5r3CIRsCle3Z04=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:36 2023 by rpki-client on console-fra.rpki-client.org