Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/YksHwHtgomYc26cHJzxth8u288k.roa
File: YksHwHtgomYc26cHJzxth8u288k.roa (raw, json)
Hash identifier: YXZqeQEKMI3WhxN4jWtt8ARsvTDbXDXLCcTZkMHFrCc=
Subject key identifier: 62:4B:07:C0:7B:60:A2:66:1C:DB:A7:07:27:3C:6D:87:CB:B6:F3:C9
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4521
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/YksHwHtgomYc26cHJzxth8u288k.roa
Signing time: Wed 23 Mar 2022 00:30:05 +0000
ROA not before: Wed 23 Mar 2022 00:30:05 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17697 (0x4521)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 23 00:30:05 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=624B07C07B60A2661CDBA707273C6D87CBB6F3C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c7:7c:8d:c9:60:fb:b4:19:7f:e9:73:6a:7c:
60:04:a4:7c:97:95:9a:de:15:26:79:97:6d:ea:6a:
0e:5e:e9:7d:2e:8f:1d:e1:63:4f:ae:bb:22:10:41:
06:4e:d6:ef:88:e9:55:ff:e4:4d:c7:0d:18:bb:cb:
53:bf:e5:3a:75:d4:80:a3:81:cd:32:d0:4d:5c:23:
04:59:a8:34:8f:14:9d:67:fe:9e:77:55:ec:ef:fc:
29:4a:86:96:97:1a:06:47:11:51:e3:16:30:38:fb:
53:eb:e9:cb:b6:02:27:80:7d:24:a2:67:f3:37:23:
55:bc:80:7e:f5:e6:9c:8d:48:bf:da:22:77:5f:05:
d2:02:8c:13:57:2d:5d:41:7a:59:4f:51:86:b8:d8:
cb:24:05:12:be:49:83:34:f3:79:f0:9f:fe:ca:72:
3a:a6:a4:b2:47:9c:07:b8:98:80:ac:4e:5e:82:9e:
b4:67:76:4d:41:3b:8f:24:58:73:3c:a6:0c:86:b6:
60:27:34:aa:5c:33:3a:de:82:d5:01:53:c1:bc:e6:
20:69:5d:c8:bb:ee:63:cb:d2:ef:c6:1f:70:06:61:
40:83:84:c8:4b:a9:dd:fe:36:fb:d2:8b:06:4d:31:
81:46:66:86:61:a6:3f:d9:92:0f:86:9d:65:aa:f5:
47:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4B:07:C0:7B:60:A2:66:1C:DB:A7:07:27:3C:6D:87:CB:B6:F3:C9
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/YksHwHtgomYc26cHJzxth8u288k.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:e8:16:64:4e:eb:66:bb:2f:3f:2e:82:cb:0d:72:fa:25:b6:
41:2d:9f:04:fe:2f:56:fe:ba:80:06:a1:88:1f:34:3b:b9:20:
95:a8:99:05:2d:e0:76:d4:ef:23:61:bf:ee:c2:3d:82:58:52:
9a:b1:f7:02:1c:13:0b:96:99:ac:51:de:20:7a:18:a9:60:40:
7a:46:71:21:97:ab:e5:f2:f8:da:4e:39:7d:0f:3c:84:68:c8:
06:b3:f2:df:b3:52:f2:4d:4b:1c:43:be:67:3e:89:76:2f:cc:
f8:66:05:9a:28:a0:16:b4:d5:26:02:d8:69:73:4b:c8:92:cc:
42:a2:f3:a9:2d:97:51:1e:01:de:0f:a4:50:cb:46:fd:a3:c1:
b7:83:63:6b:97:8b:37:4f:2e:a0:79:20:57:96:62:a4:b4:5a:
9d:ee:da:3a:b5:ce:09:6c:68:f6:b1:a9:85:15:7c:89:bf:d3:
96:e4:6d:11:35:cd:28:15:f9:3f:5b:7a:ab:2d:c4:91:8b:88:
38:ed:b5:c0:89:30:2d:f6:53:58:d1:75:5a:97:58:e2:55:ca:
25:63:1a:be:5d:da:f1:67:bd:be:3b:b3:fa:0c:d9:b5:58:ec:
51:e2:a7:eb:a4:e4:72:49:38:8e:13:fb:c0:22:85:8b:d6:b7:
49:2e:86:ab
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRSEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjMw
MDMwMDVaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDYyNEIwN0MwN0I2MEEy
NjYxQ0RCQTcwNzI3M0M2RDg3Q0JCNkYzQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwx3yNyWD7tBl/6XNqfGAEpHyXlZreFSZ5l23qag5e6X0ujx3h
Y0+uuyIQQQZO1u+I6VX/5E3HDRi7y1O/5Tp11ICjgc0y0E1cIwRZqDSPFJ1n/p53
Vezv/ClKhpaXGgZHEVHjFjA4+1Pr6cu2AieAfSSiZ/M3I1W8gH715pyNSL/aIndf
BdICjBNXLV1BellPUYa42MskBRK+SYM083nwn/7KcjqmpLJHnAe4mICsTl6CnrRn
dk1BO48kWHM8pgyGtmAnNKpcMzregtUBU8G85iBpXci77mPL0u/GH3AGYUCDhMhL
qd3+NvvSiwZNMYFGZoZhpj/Zkg+GnWWq9UcDAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUYksHwHtgomYc26cHJzxth8u288kwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9Za3NId0h0Z29tWWMyNmNISnp4dGg4dTI4OGsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AF3oFmRO62a7Lz8ugssNcvoltkEtnwT+L1b+uoAGoYgfNDu5IJWomQUt4HbU7yNh
v+7CPYJYUpqx9wIcEwuWmaxR3iB6GKlgQHpGcSGXq+Xy+NpOOX0PPIRoyAaz8t+z
UvJNSxxDvmc+iXYvzPhmBZoooBa01SYC2GlzS8iSzEKi86ktl1EeAd4PpFDLRv2j
wbeDY2uXizdPLqB5IFeWYqS0Wp3u2jq1zglsaPaxqYUVfIm/05bkbRE1zSgV+T9b
eqstxJGLiDjttcCJMC32U1jRdVqXWOJVyiVjGr5d2vFnvb47s/oM2bVY7FHip+uk
5HJJOI4T+8AihYvWt0kuhqs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:36 2023 by rpki-client on console-fra.rpki-client.org