Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/TN6gidr0azHCdz495Q6BNOTX4f4.roa
File: TN6gidr0azHCdz495Q6BNOTX4f4.roa (raw, json)
Hash identifier: nX5XW+C6dfQ8UBRTcXVud7LN13NNdPVHzfpHQHJhkAc=
Subject key identifier: 4C:DE:A0:89:DA:F4:6B:31:C2:77:3E:3D:E5:0E:81:34:E4:D7:E1:FE
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 45FB
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/TN6gidr0azHCdz495Q6BNOTX4f4.roa
Signing time: Thu 07 Apr 2022 00:30:10 +0000
ROA not before: Thu 07 Apr 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17915 (0x45fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 7 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=4CDEA089DAF46B31C2773E3DE50E8134E4D7E1FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3a:c1:6b:24:21:44:5c:e7:bb:77:08:2a:3e:
ed:4f:54:df:f3:bd:89:c7:3a:0d:53:f8:11:70:7f:
da:69:4c:5b:79:86:f6:63:b3:d4:58:db:65:08:7c:
e4:3d:88:5d:1d:9d:09:6f:80:4e:0c:24:9d:d9:59:
01:f0:4e:f1:9d:57:97:17:eb:57:ff:1b:3c:0f:d7:
5e:39:c4:6d:6d:67:66:72:82:90:ae:7a:cd:66:f6:
4f:6f:23:e2:50:32:ed:be:44:6c:17:9e:9a:c9:f3:
76:ec:dc:8d:43:ff:ab:dd:a9:a8:b3:c5:dd:e7:54:
0c:a1:53:83:96:16:b6:f0:e1:98:55:7d:84:c5:da:
dd:7a:bd:23:76:36:aa:00:a0:69:78:51:00:8e:b3:
27:c2:aa:bb:b6:32:91:4f:e9:14:bc:f6:a4:eb:8f:
1e:48:48:e9:18:3b:db:7a:c0:17:93:d7:68:f1:21:
ba:a2:39:33:50:85:6a:c6:14:44:c1:62:da:a8:6b:
31:40:22:f3:91:f6:72:17:ac:7d:3f:dc:43:a5:03:
7c:e2:6b:5e:c3:99:83:f0:66:42:bf:9a:2e:39:4b:
d8:51:b6:fe:ff:45:05:ec:d3:f6:80:7a:37:68:b2:
53:31:a8:0f:c7:31:f5:d4:4c:a7:e3:b2:23:80:09:
15:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:DE:A0:89:DA:F4:6B:31:C2:77:3E:3D:E5:0E:81:34:E4:D7:E1:FE
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/TN6gidr0azHCdz495Q6BNOTX4f4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:a8:18:23:39:09:9c:04:6f:a3:65:1e:5d:78:db:b0:1f:06:
a7:d9:71:a4:47:b8:a9:03:54:54:89:5d:a0:5b:74:66:f7:98:
e6:23:8c:43:e5:90:16:d6:00:20:30:06:8d:a3:b3:f9:29:a9:
31:34:99:24:81:10:43:9f:f1:e7:a8:f4:c4:13:b8:fb:95:34:
78:3a:cb:3b:79:d6:f7:2f:81:db:25:32:3e:38:69:d9:05:ec:
c1:11:9a:40:de:02:f7:ee:00:94:76:d3:2f:24:42:d9:90:66:
bc:cd:25:21:e7:a6:1a:52:e4:88:d4:1f:46:08:ca:d0:3d:ed:
3d:70:ed:3a:79:c7:bd:9d:e9:cd:63:9c:57:0c:87:15:e6:66:
e8:56:a2:a7:a9:85:d8:a6:93:a3:ab:d5:3b:f9:db:08:96:5b:
e8:72:1a:35:2f:82:57:36:fe:80:19:df:f0:3a:a8:e6:94:05:
e3:dd:49:de:3e:2e:64:47:8b:f1:80:b6:81:3d:e4:c9:27:ab:
46:88:c1:51:c0:86:d9:07:b3:81:a7:86:04:0c:e5:43:4a:f2:
c6:99:10:2c:bf:62:6b:4c:78:48:a7:5c:c9:60:0d:42:1f:28:
08:1f:75:5b:ab:8c:b7:29:a4:da:d3:94:27:24:fe:be:51:fa:
a1:f8:e2:9a
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRfswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MDcw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDRDREVBMDg5REFGNDZC
MzFDMjc3M0UzREU1MEU4MTM0RTREN0UxRkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxOsFrJCFEXOe7dwgqPu1PVN/zvYnHOg1T+BFwf9ppTFt5hvZj
s9RY22UIfOQ9iF0dnQlvgE4MJJ3ZWQHwTvGdV5cX61f/GzwP1145xG1tZ2ZygpCu
es1m9k9vI+JQMu2+RGwXnprJ83bs3I1D/6vdqaizxd3nVAyhU4OWFrbw4ZhVfYTF
2t16vSN2NqoAoGl4UQCOsyfCqru2MpFP6RS89qTrjx5ISOkYO9t6wBeT12jxIbqi
OTNQhWrGFETBYtqoazFAIvOR9nIXrH0/3EOlA3zia17DmYPwZkK/mi45S9hRtv7/
RQXs0/aAejdoslMxqA/HMfXUTKfjsiOACRVxAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUTN6gidr0azHCdz495Q6BNOTX4f4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9UTjZnaWRyMGF6SENkejQ5NVE2Qk5PVFg0ZjQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AEqoGCM5CZwEb6NlHl1427AfBqfZcaRHuKkDVFSJXaBbdGb3mOYjjEPlkBbWACAw
Bo2js/kpqTE0mSSBEEOf8eeo9MQTuPuVNHg6yzt51vcvgdslMj44adkF7MERmkDe
AvfuAJR20y8kQtmQZrzNJSHnphpS5IjUH0YIytA97T1w7Tp5x72d6c1jnFcMhxXm
ZuhWoqephdimk6Or1Tv52wiWW+hyGjUvglc2/oAZ3/A6qOaUBePdSd4+LmRHi/GA
toE95Mknq0aIwVHAhtkHs4GnhgQM5UNK8saZECy/YmtMeEinXMlgDUIfKAgfdVur
jLcppNrTlCck/r5R+qH44po=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:36 2023 by rpki-client on console-fra.rpki-client.org