Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/3rXzuwqvZ_V9GQZt9rjc5iK814Y.roa
File: 3rXzuwqvZ_V9GQZt9rjc5iK814Y.roa (raw, json)
Hash identifier: Jmcrwuta1bQAZPkShht5ci1G/CwkvB0BR0nFmatLp9w=
Subject key identifier: DE:B5:F3:BB:0A:AF:67:F5:7D:19:06:6D:F6:B8:DC:E6:22:BC:D7:86
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 47A6
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/3rXzuwqvZ_V9GQZt9rjc5iK814Y.roa
Signing time: Sun 08 May 2022 00:30:06 +0000
ROA not before: Sun 08 May 2022 00:30:06 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18342 (0x47a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 8 00:30:06 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=DEB5F3BB0AAF67F57D19066DF6B8DCE622BCD786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b4:c9:22:3c:c9:6e:ad:5b:e1:97:f1:49:dd:
24:60:67:d4:86:f8:7c:bd:86:4c:a8:b6:df:67:04:
ef:ae:c4:90:76:6e:f9:46:5e:d8:8c:45:6f:6f:3d:
53:51:24:1f:5d:7b:7b:7d:a9:82:e5:53:3e:7f:1e:
34:a4:7b:cf:de:9f:7d:b2:f2:55:c8:fd:fd:3e:6e:
0b:7d:9e:0c:c7:6e:e5:46:4b:b6:13:d5:68:a2:47:
e9:db:74:87:a2:40:af:ba:fc:5d:4d:aa:4e:18:d6:
0b:1c:71:21:d4:94:75:71:43:e9:0c:5f:18:e2:f2:
bb:5b:f4:94:01:69:24:d1:ef:51:d4:cd:f4:d2:9e:
ca:11:e8:cd:d4:d7:26:f3:bb:2f:3f:17:c0:f0:b8:
2a:4e:18:64:8d:73:ea:a3:f5:5c:c6:6e:2b:7f:ce:
5a:f6:f5:aa:dd:b5:cf:15:3a:29:30:a8:3a:c5:08:
4b:e6:53:e3:e2:87:36:e7:55:eb:cc:80:b0:67:ca:
b2:e6:23:08:74:f4:71:47:43:d6:18:83:ba:3a:80:
42:aa:6d:82:b1:66:c3:b0:7b:44:82:25:ad:4c:4c:
70:85:1a:81:08:68:b5:b8:8f:6d:7e:41:5f:3d:bc:
24:27:9a:04:52:d5:66:61:a1:77:b7:33:74:06:92:
a3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B5:F3:BB:0A:AF:67:F5:7D:19:06:6D:F6:B8:DC:E6:22:BC:D7:86
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/3rXzuwqvZ_V9GQZt9rjc5iK814Y.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
70:30:06:9e:e5:00:4e:89:3e:a7:70:21:9f:f4:8c:32:2c:a5:
aa:7f:5c:69:b8:18:3c:a3:6e:e3:f6:cb:89:c6:8a:b2:5b:3d:
1d:5f:40:d2:41:e8:5c:f3:2d:99:85:1c:99:23:cb:af:ef:4e:
45:f0:cb:64:80:0f:8c:74:82:1d:63:33:f8:fb:5e:58:e7:43:
99:03:25:e7:e2:19:14:06:d1:ff:27:23:47:5e:24:6b:c7:b7:
a0:b8:ae:f4:c2:20:37:3c:c7:09:e3:31:ea:99:33:e6:0b:fe:
a1:b6:41:ea:c5:e1:ad:bb:ae:04:1e:78:f2:1a:2d:64:ab:3e:
73:db:2a:fb:93:d7:64:25:33:38:70:2c:b6:b6:c0:6b:03:60:
19:35:ce:4a:14:d6:c5:d6:46:67:6d:8c:46:c2:1c:3e:ae:af:
f4:ab:fb:e6:9c:fc:ee:c9:2f:42:4c:4a:dd:04:1f:15:fb:a4:
cb:1d:f1:9e:a4:83:4d:5a:fd:1d:9e:a9:07:f3:e5:94:6e:4e:
70:46:f2:36:b7:ca:54:75:70:09:4c:9c:f2:f9:0d:4b:13:5d:
7b:9b:17:22:99:79:29:c1:80:9f:9e:01:d6:ca:d0:6a:03:35:
75:da:55:5f:0e:87:3a:a4:97:16:74:ad:29:15:94:9f:bc:18:
f1:97:fc:2b
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR6YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MDgw
MDMwMDZaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKERFQjVGM0JCMEFBRjY3
RjU3RDE5MDY2REY2QjhEQ0U2MjJCQ0Q3ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCytMkiPMlurVvhl/FJ3SRgZ9SG+Hy9hkyott9nBO+uxJB2bvlG
XtiMRW9vPVNRJB9de3t9qYLlUz5/HjSke8/en32y8lXI/f0+bgt9ngzHbuVGS7YT
1WiiR+nbdIeiQK+6/F1Nqk4Y1gsccSHUlHVxQ+kMXxji8rtb9JQBaSTR71HUzfTS
nsoR6M3U1ybzuy8/F8DwuCpOGGSNc+qj9VzGbit/zlr29ardtc8VOikwqDrFCEvm
U+PihzbnVevMgLBnyrLmIwh09HFHQ9YYg7o6gEKqbYKxZsOwe0SCJa1MTHCFGoEI
aLW4j21+QV89vCQnmgRS1WZhoXe3M3QGkqOHAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU3rXzuwqvZ/V9GQZt9rjc5iK814YwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS8zclh6dXdxdlpfVjlHUVp0OXJqYzVpSzgxNFkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AHAwBp7lAE6JPqdwIZ/0jDIspap/XGm4GDyjbuP2y4nGirJbPR1fQNJB6FzzLZmF
HJkjy6/vTkXwy2SAD4x0gh1jM/j7XljnQ5kDJefiGRQG0f8nI0deJGvHt6C4rvTC
IDc8xwnjMeqZM+YL/qG2QerF4a27rgQeePIaLWSrPnPbKvuT12QlMzhwLLa2wGsD
YBk1zkoU1sXWRmdtjEbCHD6ur/Sr++ac/O7JL0JMSt0EHxX7pMsd8Z6kg01a/R2e
qQfz5ZRuTnBG8ja3ylR1cAlMnPL5DUsTXXubFyKZeSnBgJ+eAdbK0GoDNXXaVV8O
hzqklxZ0rSkVlJ+8GPGX/Cs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org