Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/sdEsPLXYx-i30luG1RMnJe-YO9c.roa
File: sdEsPLXYx-i30luG1RMnJe-YO9c.roa (raw, json)
Hash identifier: /IjQjUpADlYzRgG7k77SUP5VOFcC83hZxAVh1TLAOMI=
Subject key identifier: B1:D1:2C:3C:B5:D8:C7:E8:B7:D2:5B:86:D5:13:27:25:EF:98:3B:D7
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43BD
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/sdEsPLXYx-i30luG1RMnJe-YO9c.roa
Signing time: Fri 25 Feb 2022 00:30:09 +0000
ROA not before: Fri 25 Feb 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17341 (0x43bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 25 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=B1D12C3CB5D8C7E8B7D25B86D5132725EF983BD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:ec:15:08:5a:e5:11:5c:57:bc:e4:31:9a:09:
ef:fb:26:22:84:51:03:33:dd:06:5f:06:09:a4:07:
0c:3f:9f:60:87:da:23:a6:00:6f:c2:24:1c:d3:88:
68:b5:96:ce:fb:3a:bd:5b:8c:cf:84:eb:9b:f2:aa:
2c:ed:04:59:aa:76:2d:c7:b9:52:af:ac:25:65:90:
36:67:05:54:1a:79:d7:f8:d5:85:73:c2:1b:8b:27:
38:37:47:dc:f0:7d:e8:f6:dd:04:8f:d7:dd:e1:e7:
e8:0a:5a:86:52:6c:64:aa:57:63:23:53:e4:6e:c3:
19:54:3e:09:1c:71:4d:c5:c9:7f:ce:28:5f:1c:62:
77:85:d7:33:28:60:62:d1:5b:81:84:70:dd:ab:ff:
ed:95:e6:e5:c6:56:80:1b:15:db:00:09:33:1e:77:
6b:11:d0:c3:ce:fb:80:5e:d1:4b:05:0d:0a:70:c5:
3a:df:a2:7e:df:62:d5:3d:53:de:94:d1:e8:dc:f3:
ee:63:37:c8:e0:1b:95:0e:c8:6f:39:05:11:f7:8d:
40:c9:66:7c:43:c1:d5:bb:83:8d:8a:6c:b0:96:02:
16:54:a7:af:9f:c7:ec:a5:a1:56:fe:b9:c3:43:57:
54:c1:9b:70:fb:74:05:37:c3:81:4e:33:d8:25:4f:
e9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D1:2C:3C:B5:D8:C7:E8:B7:D2:5B:86:D5:13:27:25:EF:98:3B:D7
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/sdEsPLXYx-i30luG1RMnJe-YO9c.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
54:a8:29:10:e9:c4:88:86:2f:03:84:1a:3a:1a:94:69:79:33:
a1:28:7a:53:08:71:9f:b3:b7:c0:9e:d9:9a:01:4f:4f:e0:50:
30:e3:72:cf:6d:83:24:7e:3b:c2:1a:41:00:99:89:3c:be:32:
e6:e1:ee:8b:01:d8:10:e5:b5:7c:67:e1:68:70:ba:09:ce:38:
9f:05:b8:c4:d5:f6:bb:14:5a:0f:05:9b:dd:aa:c7:fd:e7:82:
42:77:ea:15:e9:c9:67:e5:12:58:21:36:1f:0c:0b:cd:b6:9c:
b3:27:f6:84:48:82:c5:0d:0a:77:47:75:c5:7a:ff:39:3b:fb:
0b:c1:8c:8f:0e:65:b0:e1:96:f1:bd:b9:8a:ac:55:0a:61:3f:
f2:f9:6c:98:56:d9:95:5f:c3:b0:76:70:88:2a:50:f5:2c:27:
34:74:cf:67:13:54:f4:cc:9c:cb:91:27:06:39:42:c4:ed:63:
32:87:eb:b5:57:97:74:9d:d1:be:cb:ba:7a:32:68:a0:3f:f2:
8d:71:5e:7e:2e:c0:bd:f5:f7:23:3e:a6:db:8a:1b:11:ee:ed:
81:c1:f8:19:aa:a2:f9:c3:01:3c:48:ac:d2:9d:bb:5d:b2:3f:
00:22:5d:83:f0:82:05:19:03:e9:b5:aa:d2:55:a0:1b:a7:e0:
9d:26:54:8b
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ70wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjUw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEIxRDEyQzNDQjVEOEM3
RThCN0QyNUI4NkQ1MTMyNzI1RUY5ODNCRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD27BUIWuURXFe85DGaCe/7JiKEUQMz3QZfBgmkBww/n2CH2iOm
AG/CJBzTiGi1ls77Or1bjM+E65vyqiztBFmqdi3HuVKvrCVlkDZnBVQaedf41YVz
whuLJzg3R9zwfej23QSP193h5+gKWoZSbGSqV2MjU+RuwxlUPgkccU3FyX/OKF8c
YneF1zMoYGLRW4GEcN2r/+2V5uXGVoAbFdsACTMed2sR0MPO+4Be0UsFDQpwxTrf
on7fYtU9U96U0ejc8+5jN8jgG5UOyG85BRH3jUDJZnxDwdW7g42KbLCWAhZUp6+f
x+yloVb+ucNDV1TBm3D7dAU3w4FOM9glT+m9AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUsdEsPLXYx+i30luG1RMnJe+YO9cwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9zZEVzUExYWXgtaTMwbHVHMVJNbkplLVlPOWMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AFSoKRDpxIiGLwOEGjoalGl5M6EoelMIcZ+zt8Ce2ZoBT0/gUDDjcs9tgyR+O8Ia
QQCZiTy+Mubh7osB2BDltXxn4WhwugnOOJ8FuMTV9rsUWg8Fm92qx/3ngkJ36hXp
yWflElghNh8MC822nLMn9oRIgsUNCndHdcV6/zk7+wvBjI8OZbDhlvG9uYqsVQph
P/L5bJhW2ZVfw7B2cIgqUPUsJzR0z2cTVPTMnMuRJwY5QsTtYzKH67VXl3Sd0b7L
unoyaKA/8o1xXn4uwL319yM+ptuKGxHu7YHB+BmqovnDATxIrNKdu12yPwAiXYPw
ggUZA+m1qtJVoBun4J0mVIs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:37 2023 by rpki-client on console-fra.rpki-client.org