Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/xo580v99cz1tXcbCJN3xY1RrBO8.roa
File: xo580v99cz1tXcbCJN3xY1RrBO8.roa (raw, json)
Hash identifier: Na+3OXYJuLUtqgC1rcMh0QphAmwF0xXmgNbjBRHpJQ8=
Subject key identifier: C6:8E:7C:D2:FF:7D:73:3D:6D:5D:C6:C2:24:DD:F1:63:54:6B:04:EF
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43A6
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/xo580v99cz1tXcbCJN3xY1RrBO8.roa
Signing time: Wed 23 Feb 2022 00:30:10 +0000
ROA not before: Wed 23 Feb 2022 00:30:10 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17318 (0x43a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 23 00:30:10 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=C68E7CD2FF7D733D6D5DC6C224DDF163546B04EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f0:cc:bb:7d:c0:47:42:ac:40:ee:0c:73:ce:
54:fd:fd:1a:29:02:a3:43:ce:ed:0f:76:3c:0d:74:
fe:c5:4f:87:0c:77:fd:48:a2:d4:12:e9:0b:95:ef:
ce:09:b6:68:1e:33:5a:f3:46:ad:e7:14:76:6b:e2:
b3:cc:ba:24:22:ca:54:6b:b8:e9:7a:c6:a9:06:fe:
c5:86:ba:df:e8:57:3c:7f:e4:0f:40:19:13:08:d9:
d9:69:b7:c1:6a:80:2e:89:a2:75:15:86:89:e0:ca:
d2:77:ac:7f:06:c0:51:be:b4:ac:52:33:7e:90:91:
97:16:ef:05:c1:b6:cc:e5:1f:05:80:d4:b9:69:50:
f1:b7:48:73:22:1d:a8:5a:f0:a2:e2:02:a9:8b:94:
33:a7:ea:c6:a3:9d:46:88:8b:62:2e:78:54:f5:47:
2c:ec:42:ef:76:12:d5:ce:a0:ef:50:ff:70:d3:dc:
2c:c3:49:f9:c5:a3:ab:b6:0d:e3:ce:b1:54:3b:1c:
31:6a:a3:81:43:3f:68:d0:e7:6b:3b:db:fa:1b:47:
11:95:36:34:eb:48:39:3f:85:af:7e:9a:c8:c0:0e:
99:d0:67:6b:a0:44:6a:55:d9:6a:ec:b9:8a:f3:e1:
56:63:9b:d4:47:4e:4a:df:3b:a3:22:3a:b9:ca:51:
a5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8E:7C:D2:FF:7D:73:3D:6D:5D:C6:C2:24:DD:F1:63:54:6B:04:EF
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/xo580v99cz1tXcbCJN3xY1RrBO8.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
28:4d:4b:90:21:9e:2b:80:9e:ad:42:00:35:9b:ac:14:16:e5:
ea:52:46:a4:bf:da:ad:c3:c4:81:c3:08:f8:0a:25:6e:98:08:
84:e6:aa:95:2a:78:12:f7:87:61:c7:9a:80:95:80:d2:43:13:
53:92:de:66:a6:9f:07:06:1c:92:7b:7c:d3:c1:74:94:04:01:
92:6d:86:21:68:51:dc:ad:94:4e:4a:1d:dd:8f:e8:f5:68:6e:
dd:e0:68:d5:b7:8e:99:68:6e:5a:d7:f0:35:3e:fa:06:1a:b9:
56:18:3a:ad:ef:55:72:b8:18:13:e7:7d:a4:cd:2e:37:bf:44:
8c:59:66:ac:88:b1:16:d4:1c:6f:80:01:35:f9:1d:40:d5:e6:
b3:fa:63:af:01:ec:a2:aa:db:84:e8:5a:db:b5:4f:63:06:c4:
1a:42:03:5a:f8:18:74:d9:a1:83:7d:53:5a:5e:4f:d5:bf:0a:
db:19:c8:5f:73:24:8a:1a:77:bb:88:ae:55:69:4c:4d:61:88:
52:37:8e:08:11:09:fa:38:ae:c5:66:8f:b0:95:3f:e5:d1:b1:
39:1a:83:8f:74:fa:79:61:4d:5f:c1:68:78:ea:68:aa:55:91:
60:eb:b8:6c:fb:26:3c:57:8d:ec:36:8a:06:0a:e2:92:be:f5:
9c:8d:dc:8d
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ6YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjMw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEM2OEU3Q0QyRkY3RDcz
M0Q2RDVEQzZDMjI0RERGMTYzNTQ2QjA0RUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr8My7fcBHQqxA7gxzzlT9/RopAqNDzu0PdjwNdP7FT4cMd/1I
otQS6QuV784JtmgeM1rzRq3nFHZr4rPMuiQiylRruOl6xqkG/sWGut/oVzx/5A9A
GRMI2dlpt8FqgC6JonUVhongytJ3rH8GwFG+tKxSM36QkZcW7wXBtszlHwWA1Llp
UPG3SHMiHaha8KLiAqmLlDOn6sajnUaIi2IueFT1RyzsQu92EtXOoO9Q/3DT3CzD
SfnFo6u2DePOsVQ7HDFqo4FDP2jQ52s72/obRxGVNjTrSDk/ha9+msjADpnQZ2ug
RGpV2WrsuYrz4VZjm9RHTkrfO6MiOrnKUaUJAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUxo580v99cz1tXcbCJN3xY1RrBO8wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS94bzU4MHY5OWN6MXRYY2JDSk4zeFkxUnJCTzgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AChNS5AhniuAnq1CADWbrBQW5epSRqS/2q3DxIHDCPgKJW6YCITmqpUqeBL3h2HH
moCVgNJDE1OS3mamnwcGHJJ7fNPBdJQEAZJthiFoUdytlE5KHd2P6PVobt3gaNW3
jploblrX8DU++gYauVYYOq3vVXK4GBPnfaTNLje/RIxZZqyIsRbUHG+AATX5HUDV
5rP6Y68B7KKq24ToWtu1T2MGxBpCA1r4GHTZoYN9U1peT9W/CtsZyF9zJIoad7uI
rlVpTE1hiFI3jggRCfo4rsVmj7CVP+XRsTkag490+nlhTV/BaHjqaKpVkWDruGz7
JjxXjew2igYK4pK+9ZyN3I0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:37 2023 by rpki-client on console-fra.rpki-client.org