Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/rnKOfWw5wfxi8oYHQKn5aAqS5zQ.roa
File: rnKOfWw5wfxi8oYHQKn5aAqS5zQ.roa (raw, json)
Hash identifier: 6cy1ht9wekKCe9hHDWrjooQTIsV8F0s0I9vO4fHt9Dk=
Subject key identifier: AE:72:8E:7D:6C:39:C1:FC:62:F2:86:07:40:A9:F9:68:0A:92:E7:34
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44B4
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/rnKOfWw5wfxi8oYHQKn5aAqS5zQ.roa
Signing time: Tue 15 Mar 2022 00:30:11 +0000
ROA not before: Tue 15 Mar 2022 00:30:11 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17588 (0x44b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 15 00:30:11 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=AE728E7D6C39C1FC62F2860740A9F9680A92E734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:64:96:f1:28:a5:47:e4:72:b6:b6:a8:07:8b:
29:f3:a6:87:1a:ea:56:f2:a4:65:8e:5b:25:41:a2:
b4:35:98:a6:47:c4:f4:d6:00:e6:69:82:55:93:aa:
c9:7c:41:f8:5d:0d:c3:55:4f:b0:20:e2:aa:01:eb:
5d:d2:84:60:5a:e6:87:c7:34:22:93:49:b5:e4:f4:
04:eb:b6:65:11:6d:87:ab:7d:07:f0:42:e6:69:f2:
e2:c0:c4:5e:a7:08:74:47:be:45:a8:27:7a:a3:71:
c0:86:70:78:bf:05:08:de:bf:0e:a3:35:4c:ab:67:
88:f2:8f:36:c5:26:e4:8e:45:95:48:9a:48:2f:ad:
17:f8:9f:83:eb:45:04:1f:95:f4:b0:e8:34:87:5d:
26:6b:0c:06:21:a2:da:59:16:0d:db:85:ed:07:f8:
b6:35:3b:cd:df:d8:db:73:cf:4f:55:28:70:fd:e2:
03:c9:81:2e:0f:a4:1c:81:bb:89:6e:b5:96:fd:7e:
e3:5b:22:00:39:e8:ed:5b:b1:5e:9a:89:b6:f1:ee:
df:72:32:42:c6:1a:42:fb:73:c2:b7:81:ba:ae:72:
44:88:ad:4a:4f:f1:d3:55:54:6b:86:1b:2e:46:c3:
d9:6a:3f:49:f1:6f:d6:bf:35:f3:b1:02:e8:3e:8e:
bf:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:72:8E:7D:6C:39:C1:FC:62:F2:86:07:40:A9:F9:68:0A:92:E7:34
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/rnKOfWw5wfxi8oYHQKn5aAqS5zQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:57:5e:c2:d7:13:02:52:55:60:9d:6e:40:5b:06:f9:4d:8c:
fd:27:14:df:b0:4e:67:8c:69:7d:b1:c9:88:0c:12:0f:9c:12:
58:00:3d:e9:40:98:eb:81:48:c4:98:fd:72:ca:fa:68:fe:11:
a1:fa:3c:42:d4:8f:a5:35:57:00:91:ae:7c:db:de:0c:bd:c5:
fa:db:2b:18:b0:6d:8a:de:9b:29:82:17:16:b8:fd:0c:aa:5e:
14:d1:2d:5b:c6:2d:7a:3a:70:54:dd:da:15:ae:93:f9:87:1c:
70:29:f5:64:5d:52:38:f1:61:5e:3d:a3:94:a2:06:bd:6a:81:
0c:a7:e3:ca:ba:89:41:ea:23:5a:62:98:a4:16:65:f0:b1:52:
3e:72:86:b7:96:ae:1c:04:96:ed:98:20:2d:14:1d:e5:43:a9:
e5:6e:ba:06:23:88:b2:d1:0b:41:4e:3b:06:4b:bc:d4:e6:b9:
3e:0b:5e:70:1d:3c:b4:cc:fd:61:f7:b6:93:36:65:66:a6:28:
41:ef:74:92:8f:69:8c:d8:54:7d:f6:81:90:91:f8:bc:da:e7:
f8:2e:54:1a:10:d5:5a:79:0a:c7:68:6f:2b:b4:f8:00:84:d1:
9b:d2:ca:5a:48:bf:65:f7:2f:ee:db:9e:e9:88:ef:77:97:8c:
ee:e0:40:c0
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRLQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTUw
MDMwMTFaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEFFNzI4RTdENkMzOUMx
RkM2MkYyODYwNzQwQTlGOTY4MEE5MkU3MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfZJbxKKVH5HK2tqgHiynzpoca6lbypGWOWyVBorQ1mKZHxPTW
AOZpglWTqsl8QfhdDcNVT7Ag4qoB613ShGBa5ofHNCKTSbXk9ATrtmURbYerfQfw
QuZp8uLAxF6nCHRHvkWoJ3qjccCGcHi/BQjevw6jNUyrZ4jyjzbFJuSORZVImkgv
rRf4n4PrRQQflfSw6DSHXSZrDAYhotpZFg3bhe0H+LY1O83f2Ntzz09VKHD94gPJ
gS4PpByBu4lutZb9fuNbIgA56O1bsV6aibbx7t9yMkLGGkL7c8K3gbquckSIrUpP
8dNVVGuGGy5Gw9lqP0nxb9a/NfOxAug+jr8xAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUrnKOfWw5wfxi8oYHQKn5aAqS5zQwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ybktPZld3NXdmeGk4b1lIUUtuNWFBcVM1elEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AA1XXsLXEwJSVWCdbkBbBvlNjP0nFN+wTmeMaX2xyYgMEg+cElgAPelAmOuBSMSY
/XLK+mj+EaH6PELUj6U1VwCRrnzb3gy9xfrbKxiwbYremymCFxa4/QyqXhTRLVvG
LXo6cFTd2hWuk/mHHHAp9WRdUjjxYV49o5SiBr1qgQyn48q6iUHqI1pimKQWZfCx
Uj5yhreWrhwElu2YIC0UHeVDqeVuugYjiLLRC0FOOwZLvNTmuT4LXnAdPLTM/WH3
tpM2ZWamKEHvdJKPaYzYVH32gZCR+Lza5/guVBoQ1Vp5Csdobyu0+ACE0ZvSylpI
v2X3L+7bnumI73eXjO7gQMA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:37 2023 by rpki-client on console-fra.rpki-client.org