Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/2bN23MBqZuci6aRZ5dwJc9u6yjw.roa
File: 2bN23MBqZuci6aRZ5dwJc9u6yjw.roa (raw, json)
Hash identifier: K0hCHvIe/wDz5suoEChYuHmZNTIiJfbuFG8oiffJUo4=
Subject key identifier: D9:B3:76:DC:C0:6A:66:E7:22:E9:A4:59:E5:DC:09:73:DB:BA:CA:3C
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 46D7
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/2bN23MBqZuci6aRZ5dwJc9u6yjw.roa
Signing time: Sat 23 Apr 2022 00:30:08 +0000
ROA not before: Sat 23 Apr 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18135 (0x46d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 23 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=D9B376DCC06A66E722E9A459E5DC0973DBBACA3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:67:f9:57:55:cc:e6:87:6b:15:0d:ce:6e:25:
75:6b:a3:84:06:ea:f6:fb:98:75:eb:b1:0a:98:6b:
69:a5:ae:3c:43:bc:e3:88:7f:4c:30:32:7f:22:be:
6c:db:20:0d:bd:96:b2:89:41:73:1e:25:37:61:2b:
bd:57:a2:c0:69:02:4f:25:fc:ee:f6:2c:35:a6:d9:
ef:c7:16:84:e4:6f:73:0d:28:57:8f:a4:f4:a9:3f:
3e:2b:87:1d:9b:63:14:7c:e2:b8:f0:07:9c:69:78:
b7:c9:d3:ac:e3:eb:ba:24:4f:67:de:ef:2b:db:46:
b3:23:e9:6f:c6:9b:28:69:a3:b0:8f:cf:0b:37:f1:
e1:df:03:ed:eb:39:2b:00:47:03:67:47:ef:ca:26:
18:be:ad:a0:65:55:45:c2:f3:48:7a:2c:a5:f2:16:
41:d9:25:08:c3:c8:bc:fe:a1:5c:e8:bf:43:ba:3a:
bb:37:30:43:c4:fe:22:2e:be:8e:11:95:92:46:ac:
9b:b8:e9:5e:00:4a:db:53:a5:5c:44:c3:8b:2e:9c:
da:ff:37:ce:69:d4:f6:8f:6d:77:ba:04:13:aa:8d:
2c:b7:9b:22:f5:19:33:15:0a:de:9a:4b:af:f7:da:
42:80:80:ab:cf:c5:b8:bb:7d:f8:d2:44:84:ea:bb:
f5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B3:76:DC:C0:6A:66:E7:22:E9:A4:59:E5:DC:09:73:DB:BA:CA:3C
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/2bN23MBqZuci6aRZ5dwJc9u6yjw.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:dd:c7:3a:97:6b:72:c4:4f:26:31:25:a3:72:70:3c:9b:bc:
aa:cd:1d:66:70:93:e4:2c:23:1b:3a:58:8c:3a:59:b7:e1:56:
db:52:3f:b8:f0:ba:31:9d:9d:da:57:95:b7:66:8e:76:6e:2b:
a3:33:20:31:bc:36:64:ac:d8:03:93:c3:2c:ca:5e:f2:92:2b:
5d:51:a0:bf:d8:9a:bd:8f:c9:0b:8e:ed:b3:5e:7c:31:1e:ee:
f4:f5:5f:31:e8:ef:38:3c:f7:36:85:c5:9f:ba:fc:80:0f:3f:
75:9a:b5:34:93:11:70:19:af:c5:93:ed:1f:2d:96:e2:1d:03:
3b:ca:05:3f:ea:8e:d6:4b:8d:1d:ee:4f:4d:f1:02:f2:fb:ee:
2a:6c:e4:9a:2c:79:3b:68:a7:a2:82:b4:fe:c7:fc:f5:ce:30:
a3:ba:0a:2a:53:c7:53:0d:50:22:d1:eb:f7:8b:ee:10:d3:db:
71:44:2b:8f:98:a0:ac:97:08:57:37:5a:62:af:b2:59:af:5f:
e5:78:bb:01:eb:61:fd:14:44:de:f0:8f:e1:04:d7:3f:b6:a7:
f2:78:99:87:6c:e3:b4:d9:5a:17:1d:17:ab:a5:d4:86:63:5b:
c9:0f:00:a3:cf:25:d5:2f:28:8b:12:d9:c7:08:a2:3c:f2:d2:
5e:6d:94:91
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRtcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MjMw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEQ5QjM3NkRDQzA2QTY2
RTcyMkU5QTQ1OUU1REMwOTczREJCQUNBM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeZ/lXVczmh2sVDc5uJXVro4QG6vb7mHXrsQqYa2mlrjxDvOOI
f0wwMn8ivmzbIA29lrKJQXMeJTdhK71XosBpAk8l/O72LDWm2e/HFoTkb3MNKFeP
pPSpPz4rhx2bYxR84rjwB5xpeLfJ06zj67okT2fe7yvbRrMj6W/Gmyhpo7CPzws3
8eHfA+3rOSsARwNnR+/KJhi+raBlVUXC80h6LKXyFkHZJQjDyLz+oVzov0O6Ors3
MEPE/iIuvo4RlZJGrJu46V4ASttTpVxEw4sunNr/N85p1PaPbXe6BBOqjSy3myL1
GTMVCt6aS6/32kKAgKvPxbi7ffjSRITqu/VTAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU2bN23MBqZuci6aRZ5dwJc9u6yjwwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS8yYk4yM01CcVp1Y2k2YVJaNWR3SmM5dTZ5ancucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
ALbdxzqXa3LETyYxJaNycDybvKrNHWZwk+QsIxs6WIw6WbfhVttSP7jwujGdndpX
lbdmjnZuK6MzIDG8NmSs2AOTwyzKXvKSK11RoL/Ymr2PyQuO7bNefDEe7vT1XzHo
7zg89zaFxZ+6/IAPP3WatTSTEXAZr8WT7R8tluIdAzvKBT/qjtZLjR3uT03xAvL7
7ips5JoseTtop6KCtP7H/PXOMKO6CipTx1MNUCLR6/eL7hDT23FEK4+YoKyXCFc3
WmKvslmvX+V4uwHrYf0URN7wj+EE1z+2p/J4mYds47TZWhcdF6ul1IZjW8kPAKPP
JdUvKIsS2ccIojzy0l5tlJE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org