Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/6C9aaM66bydggd1w5MCVYuWdwZE.roa
File: 6C9aaM66bydggd1w5MCVYuWdwZE.roa (raw, json)
Hash identifier: PhlveSYOoFK6ssaHy9j+tT+kiBytScWxwofNxL6pC5Q=
Subject key identifier: E8:2F:5A:68:CE:BA:6F:27:60:81:DD:70:E4:C0:95:62:E5:9D:C1:91
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4579
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/6C9aaM66bydggd1w5MCVYuWdwZE.roa
Signing time: Tue 29 Mar 2022 00:30:09 +0000
ROA not before: Tue 29 Mar 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17785 (0x4579)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 29 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=E82F5A68CEBA6F276081DD70E4C09562E59DC191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:25:11:d3:d1:d6:6c:d8:46:fb:f9:c8:30:bb:
85:74:00:09:f6:c9:b8:6c:3d:09:d1:63:92:c9:8d:
f2:31:16:3a:d0:88:ab:b5:fc:7d:7c:dd:42:e7:63:
c1:bd:b1:80:2d:55:47:a7:c7:91:b2:86:f7:db:39:
69:c8:dd:53:8b:fb:b4:24:02:23:b8:29:d9:04:04:
b9:43:f0:b2:af:0c:d0:9f:90:d8:97:6e:5f:c0:a4:
56:bc:70:95:81:62:47:d3:fb:74:7c:a8:db:69:d6:
8c:8f:97:0f:cb:e8:b5:59:e9:58:5d:fd:7f:c4:12:
42:c3:8b:07:43:28:26:f1:19:e1:12:2e:9c:a7:b4:
39:e5:f2:41:fe:71:3f:12:9f:f1:f7:88:7a:42:cc:
1c:06:fe:ff:5e:86:3b:4d:f2:49:4d:e0:8a:cb:1d:
e0:8f:59:c9:82:df:02:d0:1f:be:e4:8c:96:74:e5:
5b:06:94:a4:98:91:ad:7a:02:5f:1a:d0:a4:2c:00:
f3:c4:d6:20:99:55:03:28:be:5a:13:1c:6e:09:70:
53:f1:2d:c2:ac:ef:9d:b1:d0:e6:6c:04:0a:3c:bd:
67:a1:d5:dc:7c:9f:4d:a0:1d:db:3c:9d:23:8c:7c:
9d:48:0a:29:e7:47:8e:de:7b:ef:02:c3:38:63:12:
ce:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:2F:5A:68:CE:BA:6F:27:60:81:DD:70:E4:C0:95:62:E5:9D:C1:91
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/6C9aaM66bydggd1w5MCVYuWdwZE.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
72:53:c0:36:23:32:48:ce:4a:ad:3f:06:95:b8:a0:a8:a6:ec:
03:bd:9f:8a:59:07:fc:a9:a8:19:3a:95:9f:8e:48:19:b0:73:
f1:52:71:d4:01:ba:32:30:15:5f:2c:89:d3:44:6e:fb:fa:52:
9f:db:ef:89:45:54:f3:b7:a5:9f:28:85:97:39:16:3a:90:37:
f6:84:88:b5:3e:81:0d:7b:d2:ca:e2:ca:6b:bf:4a:2e:d0:4e:
09:53:45:ba:d3:26:33:cf:8c:a7:cd:e6:e0:2a:8e:92:e2:39:
a5:35:9f:ab:da:1b:7c:76:a6:85:97:1f:9f:26:06:98:c0:57:
d9:e3:ae:d5:2a:72:b7:d0:c6:5e:9d:d7:5b:67:eb:d8:ba:43:
7b:a0:92:8a:b2:68:ba:df:0d:2d:9f:8e:b5:7f:1b:27:a7:87:
ed:2e:3e:8e:dd:62:9f:77:22:e4:fd:60:f8:10:1a:88:26:fa:
99:84:7b:f0:55:b5:2a:9c:07:0f:fc:43:91:43:eb:e0:b3:8c:
2a:29:be:cb:b4:ae:39:65:df:6e:63:65:6e:8c:5b:ce:f9:cb:
bd:73:72:51:00:5b:69:0e:4e:72:ba:c3:15:a3:a8:41:c2:d6:
4d:64:30:8f:b5:aa:39:3d:39:40:46:4f:da:e3:68:5f:17:40:
02:cd:54:4c
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRXkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjkw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEU4MkY1QTY4Q0VCQTZG
Mjc2MDgxREQ3MEU0QzA5NTYyRTU5REMxOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZJRHT0dZs2Eb7+cgwu4V0AAn2ybhsPQnRY5LJjfIxFjrQiKu1
/H183ULnY8G9sYAtVUenx5GyhvfbOWnI3VOL+7QkAiO4KdkEBLlD8LKvDNCfkNiX
bl/ApFa8cJWBYkfT+3R8qNtp1oyPlw/L6LVZ6Vhd/X/EEkLDiwdDKCbxGeESLpyn
tDnl8kH+cT8Sn/H3iHpCzBwG/v9ehjtN8klN4IrLHeCPWcmC3wLQH77kjJZ05VsG
lKSYka16Al8a0KQsAPPE1iCZVQMovloTHG4JcFPxLcKs752x0OZsBAo8vWeh1dx8
n02gHds8nSOMfJ1ICinnR47ee+8CwzhjEs4vAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU6C9aaM66bydggd1w5MCVYuWdwZEwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS82QzlhYU02NmJ5ZGdnZDF3NU1DVll1V2R3WkUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AHJTwDYjMkjOSq0/BpW4oKim7AO9n4pZB/ypqBk6lZ+OSBmwc/FScdQBujIwFV8s
idNEbvv6Up/b74lFVPO3pZ8ohZc5FjqQN/aEiLU+gQ170sriymu/Si7QTglTRbrT
JjPPjKfN5uAqjpLiOaU1n6vaG3x2poWXH58mBpjAV9njrtUqcrfQxl6d11tn69i6
Q3ugkoqyaLrfDS2fjrV/Gyenh+0uPo7dYp93IuT9YPgQGogm+pmEe/BVtSqcBw/8
Q5FD6+CzjCopvsu0rjll325jZW6MW875y71zclEAW2kOTnK6wxWjqEHC1k1kMI+1
qjk9OUBGT9rjaF8XQALNVEw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org