Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/zQd8zXFattpq_nFDHdw-IR92uEU.roa
File: zQd8zXFattpq_nFDHdw-IR92uEU.roa (raw, json)
Hash identifier: mDdutmaI6t94mKRwVWX/w1Y30t8xD6m8AyFaDnp0ncs=
Subject key identifier: CD:07:7C:CD:71:5A:B6:DA:6A:FE:71:43:1D:DC:3E:21:1F:76:B8:45
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 435D
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/zQd8zXFattpq_nFDHdw-IR92uEU.roa
Signing time: Fri 18 Feb 2022 00:30:08 +0000
ROA not before: Fri 18 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17245 (0x435d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 18 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=CD077CCD715AB6DA6AFE71431DDC3E211F76B845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ed:55:62:b7:df:1a:19:d0:28:2a:62:e1:46:
9f:7c:57:59:7f:8e:06:0f:e2:2d:13:55:35:77:4a:
36:e3:9f:15:ae:78:86:d3:2d:d2:6b:cb:89:31:17:
50:5c:40:e8:8f:16:62:91:8a:2e:ca:b3:4d:b3:46:
cc:ef:d0:7f:50:08:58:6c:5e:1f:ae:92:2a:0a:ed:
7a:da:44:3b:9f:c2:93:dc:7f:ed:32:03:f6:74:63:
9e:fd:7f:00:a1:51:b3:50:30:ae:4f:cc:94:b7:90:
86:0a:53:a2:29:6b:59:4c:8d:a9:ff:db:53:85:9d:
72:e1:9e:b8:92:39:5c:c9:33:93:db:f0:21:93:d0:
5a:14:5d:e3:86:0e:77:47:7b:ff:d0:f1:04:f8:9c:
cb:80:1a:d2:6f:ab:45:7f:b1:08:b4:8b:90:57:1e:
da:ac:ae:db:1c:78:e4:ff:82:89:d4:1e:b3:a1:7e:
6d:6c:bd:16:ac:e1:b6:49:0c:c2:c8:38:f5:eb:92:
52:43:68:97:fd:f6:e0:6b:d1:5b:3d:c7:f3:35:e1:
13:ad:5c:8f:2d:6c:dd:72:73:e9:ef:69:5c:b0:fc:
16:da:7f:6e:12:d9:c2:e4:14:7c:10:cf:74:c3:2e:
f0:d9:ef:f8:57:33:80:d3:7b:ca:44:99:ba:a8:26:
27:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:07:7C:CD:71:5A:B6:DA:6A:FE:71:43:1D:DC:3E:21:1F:76:B8:45
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/zQd8zXFattpq_nFDHdw-IR92uEU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
37:cf:16:ac:cd:cc:ad:d3:6a:38:62:bf:18:4a:3c:9b:f5:b8:
3c:4b:e9:58:e2:f3:a5:16:59:3a:5c:5b:98:87:7f:ea:dd:ab:
5c:cb:82:f2:29:c8:6c:b5:bd:ac:72:4c:18:e9:bf:63:90:cf:
71:5b:2f:c0:88:83:24:ed:98:b8:db:93:13:3f:0a:ff:f8:35:
4d:f4:ab:ef:9b:51:51:ce:bc:a2:40:ee:63:86:47:ec:7c:4d:
7d:30:47:69:b4:88:fa:45:75:c9:bb:71:fd:b2:6b:16:65:89:
2c:71:bd:91:29:32:5c:3c:e4:40:5d:26:9b:2d:42:76:38:21:
76:22:c4:65:14:11:94:0e:aa:ae:e0:b1:ca:ce:08:7b:f0:03:
1a:29:d9:eb:70:2d:9e:d0:2a:06:2c:2b:21:a8:0d:5d:1d:3b:
32:5b:7e:f4:0c:a6:f3:6f:53:5b:a7:9c:6d:2a:f1:8b:e3:07:
92:53:a7:d7:de:c7:18:74:e5:b8:60:2f:44:2f:c7:25:11:7f:
c7:55:af:83:7d:a0:6d:1e:cc:70:57:28:76:f1:bf:4b:50:45:
b7:d4:28:ad:87:65:f5:b0:45:92:51:10:97:23:7a:ea:8b:71:
9c:78:9c:d8:e1:d9:09:98:18:f4:99:2a:04:71:da:2a:2f:bc:
d3:00:ac:07
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ10wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTgw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKENEMDc3Q0NENzE1QUI2
REE2QUZFNzE0MzFEREMzRTIxMUY3NkI4NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU7VVit98aGdAoKmLhRp98V1l/jgYP4i0TVTV3SjbjnxWueIbT
LdJry4kxF1BcQOiPFmKRii7Ks02zRszv0H9QCFhsXh+ukioK7XraRDufwpPcf+0y
A/Z0Y579fwChUbNQMK5PzJS3kIYKU6Ipa1lMjan/21OFnXLhnriSOVzJM5Pb8CGT
0FoUXeOGDndHe//Q8QT4nMuAGtJvq0V/sQi0i5BXHtqsrtsceOT/gonUHrOhfm1s
vRas4bZJDMLIOPXrklJDaJf99uBr0Vs9x/M14ROtXI8tbN1yc+nvaVyw/Bbaf24S
2cLkFHwQz3TDLvDZ7/hXM4DTe8pEmbqoJidBAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUzQd8zXFattpq/nFDHdw+IR92uEUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS96UWQ4elhGYXR0cHFfbkZESGR3LUlSOTJ1RVUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
ADfPFqzNzK3TajhivxhKPJv1uDxL6Vji86UWWTpcW5iHf+rdq1zLgvIpyGy1vaxy
TBjpv2OQz3FbL8CIgyTtmLjbkxM/Cv/4NU30q++bUVHOvKJA7mOGR+x8TX0wR2m0
iPpFdcm7cf2yaxZliSxxvZEpMlw85EBdJpstQnY4IXYixGUUEZQOqq7gscrOCHvw
Axop2etwLZ7QKgYsKyGoDV0dOzJbfvQMpvNvU1unnG0q8YvjB5JTp9fexxh05bhg
L0QvxyURf8dVr4N9oG0ezHBXKHbxv0tQRbfUKK2HZfWwRZJREJcjeuqLcZx4nNjh
2QmYGPSZKgRx2iovvNMArAc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:38 2023 by rpki-client on console-fra.rpki-client.org