Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/f0CLhSB6skos0FacdAYIPWeksY0.roa
File: f0CLhSB6skos0FacdAYIPWeksY0.roa (raw, json)
Hash identifier: RMNE4vZ6bXvFSM+YTh2bdpVAq1pvst9XtHb84AKOAog=
Subject key identifier: 7F:40:8B:85:20:7A:B2:4A:2C:D0:56:9C:74:06:08:3D:67:A4:B1:8D
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 48F7
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/f0CLhSB6skos0FacdAYIPWeksY0.roa
Signing time: Tue 31 May 2022 00:30:13 +0000
ROA not before: Tue 31 May 2022 00:30:13 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18679 (0x48f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 31 00:30:13 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=7F408B85207AB24A2CD0569C7406083D67A4B18D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5d:69:c2:e2:89:4e:08:ff:62:4b:1b:a8:45:
2e:29:c4:2a:69:af:4c:2f:f7:fd:99:7a:61:fc:b1:
6e:ad:0f:02:56:f9:ad:1a:02:50:80:40:6e:dd:84:
21:05:19:57:d9:11:ee:39:30:9e:b4:b0:f8:8d:c8:
39:79:7d:11:3e:22:f5:d7:7f:c1:18:d1:02:b4:48:
36:eb:ee:2a:2c:53:da:d7:31:1f:0e:3a:24:6f:f6:
9a:63:8d:95:f2:22:f5:6a:72:84:70:5d:59:39:4c:
a0:5a:94:f7:c4:f7:89:31:04:71:9f:d9:b0:de:38:
08:85:08:5b:8e:53:c5:3d:4a:75:f1:a9:40:2f:79:
6f:11:57:3d:01:be:a1:87:02:28:e4:a6:83:ca:3d:
2f:b3:ee:8c:f9:2a:6a:f0:1c:65:2c:05:b4:17:c9:
38:af:3f:e9:83:43:c8:88:e2:bc:4a:91:d1:cf:aa:
c3:c6:53:54:59:90:7d:9f:11:30:72:3b:33:ad:33:
bb:b2:21:b1:14:d6:3a:13:b2:05:d2:17:da:00:49:
73:7b:f8:27:86:9b:ea:d2:54:55:9b:c8:52:06:2d:
b4:85:08:a6:21:c5:8f:1c:42:65:0e:7b:c1:c6:d9:
46:51:9f:1b:b7:79:79:51:7d:b9:b0:b1:79:be:8a:
d0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:40:8B:85:20:7A:B2:4A:2C:D0:56:9C:74:06:08:3D:67:A4:B1:8D
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/f0CLhSB6skos0FacdAYIPWeksY0.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.4.0/24
Signature Algorithm: sha256WithRSAEncryption
25:50:4e:b1:1f:a8:6f:ec:58:e7:9d:5b:2d:0e:f4:24:04:43:
a2:57:52:33:ba:97:99:ef:c6:b6:da:35:93:79:b8:ec:3b:18:
88:be:e6:e8:36:4a:a3:6e:66:bb:c4:3d:c2:fb:01:8e:84:e6:
0e:e0:13:e8:98:6e:43:51:dc:1d:e0:fd:23:b4:62:6f:7f:85:
53:21:33:1f:fa:54:c1:74:9b:8d:26:70:c6:d5:3b:b1:b2:20:
4e:f9:9b:e8:38:6a:97:b9:d0:c3:95:c6:51:6a:d1:b5:b1:9a:
dd:2f:24:56:4a:84:40:f4:1b:7b:93:19:f5:6d:75:b8:6b:2b:
c6:1c:f5:f6:33:d2:fe:1e:12:55:e6:f3:4f:ef:3e:1e:87:dd:
4d:b5:3c:c5:38:43:dd:6a:9d:a6:0c:b7:d8:2e:ab:2e:fa:b9:
9a:57:a7:9e:6f:3e:d3:29:f3:35:a8:50:29:04:5c:11:8f:8a:
af:0e:81:82:11:6a:f6:38:86:d3:6b:77:b2:a2:f3:5a:bc:20:
dd:39:c4:16:9b:ae:ae:e6:5a:f7:61:db:20:4a:db:db:92:aa:
9c:f1:52:6e:ed:33:f9:79:d8:32:10:f6:bd:ad:cb:d1:8b:02:
00:79:6d:2b:6d:83:e3:b8:47:88:2a:f7:13:79:f0:d0:b3:fc:
b5:4b:d7:d8
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSPcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MzEw
MDMwMTNaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDdGNDA4Qjg1MjA3QUIy
NEEyQ0QwNTY5Qzc0MDYwODNENjdBNEIxOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0XWnC4olOCP9iSxuoRS4pxCppr0wv9/2ZemH8sW6tDwJW+a0a
AlCAQG7dhCEFGVfZEe45MJ60sPiNyDl5fRE+IvXXf8EY0QK0SDbr7iosU9rXMR8O
OiRv9ppjjZXyIvVqcoRwXVk5TKBalPfE94kxBHGf2bDeOAiFCFuOU8U9SnXxqUAv
eW8RVz0BvqGHAijkpoPKPS+z7oz5KmrwHGUsBbQXyTivP+mDQ8iI4rxKkdHPqsPG
U1RZkH2fETByOzOtM7uyIbEU1joTsgXSF9oASXN7+CeGm+rSVFWbyFIGLbSFCKYh
xY8cQmUOe8HG2UZRnxu3eXlRfbmwsXm+itDJAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUf0CLhSB6skos0FacdAYIPWeksY0wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9mMENMaFNCNnNrb3MwRmFjZEFZSVBXZWtzWTAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAQwDQYJKoZIhvcNAQELBQADggEB
ACVQTrEfqG/sWOedWy0O9CQEQ6JXUjO6l5nvxrbaNZN5uOw7GIi+5ug2SqNuZrvE
PcL7AY6E5g7gE+iYbkNR3B3g/SO0Ym9/hVMhMx/6VMF0m40mcMbVO7GyIE75m+g4
ape50MOVxlFq0bWxmt0vJFZKhED0G3uTGfVtdbhrK8Yc9fYz0v4eElXm80/vPh6H
3U21PMU4Q91qnaYMt9guqy76uZpXp55vPtMp8zWoUCkEXBGPiq8OgYIRavY4htNr
d7Ki81q8IN05xBabrq7mWvdh2yBK29uSqpzxUm7tM/l52DIQ9r2ty9GLAgB5bStt
g+O4R4gq9xN58NCz/LVL19g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:37 2023 by rpki-client on console-fra.rpki-client.org