Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/0hbeX8E7FJ79tsogA7os-2ro1xA.roa
File: 0hbeX8E7FJ79tsogA7os-2ro1xA.roa (raw, json)
Hash identifier: WN4/coGWYzYJXqf0fbm12steLLgwzeRT5uSNgN1bH/E=
Subject key identifier: D2:16:DE:5F:C1:3B:14:9E:FD:B6:CA:20:03:BA:2C:FB:6A:E8:D7:10
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4954
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/0hbeX8E7FJ79tsogA7os-2ro1xA.roa
Signing time: Sat 04 Jun 2022 00:30:13 +0000
ROA not before: Sat 04 Jun 2022 00:30:13 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18772 (0x4954)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 4 00:30:13 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=D216DE5FC13B149EFDB6CA2003BA2CFB6AE8D710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1c:1d:b0:f9:2f:9b:80:96:94:17:87:13:38:
6f:12:ed:46:70:8f:72:b3:c9:16:ad:e5:7e:8a:17:
b2:ea:ec:67:e3:e8:5e:f7:ae:b4:44:b9:1a:6f:fd:
e6:41:23:31:54:8c:f4:20:69:54:a4:6a:10:be:63:
c2:55:a6:7e:3e:08:b0:b5:21:68:6c:58:dc:7b:94:
bc:f1:0f:75:65:f2:6b:05:66:ab:1e:ef:45:3a:a2:
0c:80:31:e5:f2:4c:41:5e:76:0e:e4:fe:84:b2:1d:
05:ac:a6:c3:28:79:63:c5:78:ee:8d:2e:22:0a:15:
0d:8b:b5:18:63:2a:7a:d7:be:65:a7:83:1a:84:11:
e5:d3:39:b2:d3:7e:01:e7:58:4d:9c:40:db:e1:a1:
8b:29:d5:37:e7:45:98:94:1b:37:b7:bb:c2:a7:d8:
2e:8b:76:17:7f:90:b1:1a:d9:6d:c1:d3:8c:98:ff:
3f:44:02:1a:ff:09:e9:ef:3f:2d:1f:33:4a:85:df:
1b:f4:67:81:2a:d1:fc:41:26:67:02:ab:3f:9f:eb:
f3:2f:3a:b1:20:88:07:3d:46:2c:4f:02:7f:da:25:
b5:4a:bc:44:0a:00:26:80:5d:7f:e9:df:03:bf:57:
fa:13:6d:fb:00:93:8e:64:31:46:9e:a7:cb:62:12:
2c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:16:DE:5F:C1:3B:14:9E:FD:B6:CA:20:03:BA:2C:FB:6A:E8:D7:10
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/0hbeX8E7FJ79tsogA7os-2ro1xA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:71:ed:35:d5:5f:d2:3b:45:0f:57:21:2d:09:8f:dd:09:8a:
69:d5:50:73:f2:c4:4f:ca:20:71:97:b2:7c:38:dd:95:5e:02:
d5:4c:7e:20:85:1a:23:2c:70:e4:d5:64:6b:a6:7a:cc:4c:2d:
d4:3a:21:3b:24:45:79:af:dc:60:18:a4:a3:80:db:52:cd:80:
c0:89:6d:e9:42:27:d4:2e:00:27:6d:91:c5:ae:a4:be:0a:47:
d8:bc:57:d6:aa:e1:a3:ce:ba:8b:0c:9a:5e:5d:15:36:31:39:
d5:fd:72:94:e9:b6:d4:11:c8:46:d6:e8:89:01:03:4f:c3:6b:
23:10:bc:f3:69:de:87:e6:c1:5b:e3:b5:6d:f0:d9:3e:57:6e:
13:88:bc:79:14:d2:1c:ce:5d:e5:9d:c8:5f:0e:37:a7:2e:b5:
a5:96:4a:17:9e:85:c1:2b:26:71:29:c3:ef:7c:5e:5f:40:d9:
71:48:a3:29:05:66:f1:7b:72:6c:1a:e2:09:fb:16:7e:0b:7d:
f5:87:5d:7e:b3:a0:4e:bf:26:52:38:c5:76:ac:4f:bd:6f:e1:
c9:0a:12:ae:6e:3a:89:83:82:d8:29:98:b3:ec:51:5f:3c:73:
06:61:df:64:43:00:c2:6c:ac:c5:d6:e6:52:6d:f0:41:f2:67:
85:42:10:8f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSVQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDQw
MDMwMTNaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEQyMTZERTVGQzEzQjE0
OUVGREI2Q0EyMDAzQkEyQ0ZCNkFFOEQ3MTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcHB2w+S+bgJaUF4cTOG8S7UZwj3KzyRat5X6KF7Lq7Gfj6F73
rrREuRpv/eZBIzFUjPQgaVSkahC+Y8JVpn4+CLC1IWhsWNx7lLzxD3Vl8msFZqse
70U6ogyAMeXyTEFedg7k/oSyHQWspsMoeWPFeO6NLiIKFQ2LtRhjKnrXvmWngxqE
EeXTObLTfgHnWE2cQNvhoYsp1TfnRZiUGze3u8Kn2C6Ldhd/kLEa2W3B04yY/z9E
Ahr/CenvPy0fM0qF3xv0Z4Eq0fxBJmcCqz+f6/MvOrEgiAc9RixPAn/aJbVKvEQK
ACaAXX/p3wO/V/oTbfsAk45kMUaep8tiEiwPAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU0hbeX8E7FJ79tsogA7os+2ro1xAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS8waGJlWDhFN0ZKNzl0c29nQTdvcy0ycm8xeEEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AB9x7TXVX9I7RQ9XIS0Jj90JimnVUHPyxE/KIHGXsnw43ZVeAtVMfiCFGiMscOTV
ZGumesxMLdQ6ITskRXmv3GAYpKOA21LNgMCJbelCJ9QuACdtkcWupL4KR9i8V9aq
4aPOuosMml5dFTYxOdX9cpTpttQRyEbW6IkBA0/DayMQvPNp3ofmwVvjtW3w2T5X
bhOIvHkU0hzOXeWdyF8ON6cutaWWSheehcErJnEpw+98Xl9A2XFIoykFZvF7cmwa
4gn7Fn4LffWHXX6zoE6/JlI4xXasT71v4ckKEq5uOomDgtgpmLPsUV88cwZh32RD
AMJsrMXW5lJt8EHyZ4VCEI8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org