Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/2YYJG1avkRmhViBstS6NONwWtJo.roa
File: 2YYJG1avkRmhViBstS6NONwWtJo.roa (raw, json)
Hash identifier: RcJWmu8pHAaDXmChm4s8jALgJMCJJwFMr+3l2+64sFU=
Subject key identifier: D9:86:09:1B:56:AF:91:19:A1:56:20:6C:B5:2E:8D:38:DC:16:B4:9A
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 48C2
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/2YYJG1avkRmhViBstS6NONwWtJo.roa
Signing time: Sat 28 May 2022 00:30:07 +0000
ROA not before: Sat 28 May 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18626 (0x48c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 28 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=D986091B56AF9119A156206CB52E8D38DC16B49A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:67:5b:35:6d:bf:6e:f6:2f:94:fd:ec:ab:94:
30:24:08:8d:c4:fe:60:c7:3a:0d:53:f5:a8:63:76:
8e:83:31:be:d3:22:0a:03:45:7d:93:7d:64:ba:11:
47:98:d3:1f:f0:0d:c1:e5:9d:58:d4:72:c4:89:82:
e2:5d:ea:ef:76:a0:63:b8:df:e0:a1:0d:59:45:64:
04:dc:af:f8:a9:7e:83:22:ae:80:63:a2:73:d6:e7:
47:63:fd:05:6d:89:17:b3:5b:97:82:cc:fd:10:0f:
27:82:fd:05:52:9c:db:f8:67:b6:aa:74:9d:a0:d0:
f5:9d:09:4b:21:c4:09:04:e9:90:a9:a3:7e:0a:93:
f8:00:1c:11:3a:a0:86:bf:81:1c:60:ce:f5:8e:38:
fc:26:d2:ff:1c:8a:df:a8:9a:04:84:67:12:ea:1e:
78:99:10:04:c1:d3:c8:dc:e4:ab:ad:bc:37:6d:4a:
69:4f:4d:54:5b:14:25:d7:11:99:c7:c9:dd:50:d7:
01:43:27:32:b8:0c:15:96:ed:77:3d:4e:8c:44:d8:
c0:ab:8a:74:56:dd:35:2d:14:0c:bf:75:82:dc:21:
09:d1:e9:06:d0:a3:5f:fd:be:e3:db:76:a0:83:4a:
fc:f7:72:f0:7a:ed:33:d7:2e:6a:5f:c9:26:28:74:
79:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:86:09:1B:56:AF:91:19:A1:56:20:6C:B5:2E:8D:38:DC:16:B4:9A
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/2YYJG1avkRmhViBstS6NONwWtJo.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:6e:3d:a1:a8:3d:75:2d:65:36:75:a6:8a:27:9f:74:fe:89:
db:7a:f4:f5:9c:d0:ad:9d:e8:dd:02:86:98:d9:b6:14:16:c6:
b7:a8:89:b4:d2:b4:0b:ab:02:f5:c0:e9:71:ab:d8:d5:8d:5e:
77:10:d0:43:c6:d4:e9:20:ec:1c:f8:c4:78:3d:ff:fe:33:fb:
b9:1a:d9:d7:38:20:f1:80:a1:7c:93:2f:92:86:9a:8f:de:3f:
91:81:ca:d9:f8:48:5e:2f:eb:aa:d9:59:c7:d7:f3:35:eb:e7:
9a:3f:48:51:1a:98:06:3a:06:4d:44:99:17:b0:b6:f2:f4:50:
39:d6:b4:22:66:ad:b9:ef:be:d1:7a:67:80:d3:e1:cc:e9:ed:
95:ba:fb:85:54:c1:25:cf:9e:f2:af:be:06:96:0c:e6:a5:bd:
c6:8c:c8:3e:eb:66:e4:60:a8:4c:57:ed:75:ad:d2:fd:96:8c:
49:6b:0d:11:ee:fa:14:2e:f0:c8:e2:2d:6b:3b:a5:92:1f:b1:
23:3f:c2:62:c0:cc:a6:94:62:5f:12:2b:e2:c7:58:da:fc:a6:
e1:41:04:00:38:8a:ef:b9:ca:1f:5c:6e:45:fc:42:7c:81:99:
03:02:fa:0a:d2:5f:83:3b:76:e0:ae:a2:c9:fe:c8:2f:1b:56:
0a:44:22:23
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSMIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1Mjgw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEQ5ODYwOTFCNTZBRjkx
MTlBMTU2MjA2Q0I1MkU4RDM4REMxNkI0OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbZ1s1bb9u9i+U/eyrlDAkCI3E/mDHOg1T9ahjdo6DMb7TIgoD
RX2TfWS6EUeY0x/wDcHlnVjUcsSJguJd6u92oGO43+ChDVlFZATcr/ipfoMiroBj
onPW50dj/QVtiRezW5eCzP0QDyeC/QVSnNv4Z7aqdJ2g0PWdCUshxAkE6ZCpo34K
k/gAHBE6oIa/gRxgzvWOOPwm0v8cit+omgSEZxLqHniZEATB08jc5KutvDdtSmlP
TVRbFCXXEZnHyd1Q1wFDJzK4DBWW7Xc9ToxE2MCrinRW3TUtFAy/dYLcIQnR6QbQ
o1/9vuPbdqCDSvz3cvB67TPXLmpfySYodHlrAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU2YYJG1avkRmhViBstS6NONwWtJowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS8yWVlKRzFhdmtSbWhWaUJzdFM2Tk9Od1d0Sm8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AFtuPaGoPXUtZTZ1poonn3T+idt69PWc0K2d6N0ChpjZthQWxreoibTStAurAvXA
6XGr2NWNXncQ0EPG1Okg7Bz4xHg9//4z+7ka2dc4IPGAoXyTL5KGmo/eP5GBytn4
SF4v66rZWcfX8zXr55o/SFEamAY6Bk1EmRewtvL0UDnWtCJmrbnvvtF6Z4DT4czp
7ZW6+4VUwSXPnvKvvgaWDOalvcaMyD7rZuRgqExX7XWt0v2WjElrDRHu+hQu8Mji
LWs7pZIfsSM/wmLAzKaUYl8SK+LHWNr8puFBBAA4iu+5yh9cbkX8QnyBmQMC+grS
X4M7duCuosn+yC8bVgpEIiM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org