Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/7kIYPheLtxGsM2Zmejfw6oiN1nQ.roa
File: 7kIYPheLtxGsM2Zmejfw6oiN1nQ.roa (raw, json)
Hash identifier: voZHpDQuQQqrJdSs+wcrFZdJlllYYwxk2SQk2wY6t1g=
Subject key identifier: EE:42:18:3E:17:8B:B7:11:AC:33:66:66:7A:37:F0:EA:88:8D:D6:74
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4552
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/7kIYPheLtxGsM2Zmejfw6oiN1nQ.roa
Signing time: Sat 26 Mar 2022 00:30:10 +0000
ROA not before: Sat 26 Mar 2022 00:30:10 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17746 (0x4552)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 26 00:30:10 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=EE42183E178BB711AC3366667A37F0EA888DD674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:09:2e:73:44:6e:dd:4a:21:fe:d5:f2:5e:30:
a4:0c:37:4a:e3:9b:a3:e1:d4:c8:d1:a9:02:06:0e:
6b:09:75:d1:d7:7a:27:38:e0:8e:87:df:5a:68:a1:
9b:6d:7c:f9:1b:fe:1e:96:c9:91:cc:f6:46:7c:d4:
ca:ff:7f:22:74:51:da:99:bd:64:eb:3a:17:50:bd:
2e:7f:e4:53:0b:b0:80:75:fb:c7:de:3e:8c:4d:b9:
3c:64:d5:f5:48:60:32:c7:64:3a:d9:73:c6:7e:13:
53:54:63:d3:7e:5c:81:21:23:4f:6a:aa:ab:ba:f9:
7b:c3:79:06:2c:f9:98:bd:59:cd:19:70:d4:98:28:
44:ff:53:80:ec:e5:4c:f4:78:5d:c0:7a:99:b9:ab:
32:46:a8:07:58:27:50:08:11:a0:3d:8a:6c:7e:14:
12:5c:e4:7a:62:6e:94:1b:b8:34:3b:7e:11:43:e3:
15:2b:a7:b7:5b:88:ac:62:1c:f4:29:10:35:46:2d:
ed:83:9c:b2:70:54:ad:04:1a:ee:8d:33:74:82:e6:
26:5c:18:75:72:d2:4e:63:f9:e2:71:6d:dc:3a:67:
c6:10:ee:05:48:9e:00:26:4d:d9:fd:a2:1e:df:b1:
7f:2e:25:6d:95:6b:dd:9b:48:6b:1d:9d:2f:44:61:
c4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:42:18:3E:17:8B:B7:11:AC:33:66:66:7A:37:F0:EA:88:8D:D6:74
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/7kIYPheLtxGsM2Zmejfw6oiN1nQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:ca:9d:6f:50:4c:09:14:5c:3f:29:f0:1a:3d:c4:b3:bd:79:
ad:0e:d5:0c:df:b5:d6:d1:30:e5:31:e7:71:42:9d:bc:d4:4c:
44:d0:6b:57:5f:7a:b1:b7:6c:b8:25:d8:d0:2a:60:69:94:b8:
66:b5:03:bd:e9:e2:20:45:09:1c:36:61:0c:07:8b:16:58:c3:
a5:89:78:1c:b5:da:0f:dc:5b:2a:d9:93:b9:12:29:88:79:c5:
f5:78:0b:72:f5:12:d0:8d:65:e2:c5:eb:68:7d:78:03:4a:ac:
f8:3f:dc:1a:30:5d:68:7d:f4:ad:c7:28:46:33:1d:be:96:dd:
b2:77:39:57:9b:06:bf:87:2e:da:f6:0d:e7:6e:4d:a9:39:9c:
80:6c:92:30:1c:0b:6e:98:03:e7:60:78:e2:b8:31:e6:dc:f4:
09:bc:9f:96:e7:a5:8f:d7:73:fc:20:b7:d0:39:1d:f4:a6:13:
6d:14:47:54:3c:37:7b:63:df:1c:54:d6:04:29:59:1b:2f:25:
9e:26:24:3e:bd:f2:29:0d:fc:64:86:85:79:f8:53:49:8b:7c:
f5:9d:16:92:f2:8a:8b:78:4b:d0:87:9f:ea:b6:5e:08:b6:1a:
a3:73:53:f3:95:58:49:dc:18:5f:d2:c6:4f:e5:8a:ef:a8:ef:
14:2f:aa:f1
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRVIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjYw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEVFNDIxODNFMTc4QkI3
MTFBQzMzNjY2NjdBMzdGMEVBODg4REQ2NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBCS5zRG7dSiH+1fJeMKQMN0rjm6Ph1MjRqQIGDmsJddHXeic4
4I6H31pooZttfPkb/h6WyZHM9kZ81Mr/fyJ0UdqZvWTrOhdQvS5/5FMLsIB1+8fe
PoxNuTxk1fVIYDLHZDrZc8Z+E1NUY9N+XIEhI09qqqu6+XvDeQYs+Zi9Wc0ZcNSY
KET/U4Ds5Uz0eF3Aepm5qzJGqAdYJ1AIEaA9imx+FBJc5HpibpQbuDQ7fhFD4xUr
p7dbiKxiHPQpEDVGLe2DnLJwVK0EGu6NM3SC5iZcGHVy0k5j+eJxbdw6Z8YQ7gVI
ngAmTdn9oh7fsX8uJW2Va92bSGsdnS9EYcSXAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU7kIYPheLtxGsM2Zmejfw6oiN1nQwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS83a0lZUGhlTHR4R3NNMlptZWpmdzZvaU4xblEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AB3KnW9QTAkUXD8p8Bo9xLO9ea0O1QzftdbRMOUx53FCnbzUTETQa1dferG3bLgl
2NAqYGmUuGa1A73p4iBFCRw2YQwHixZYw6WJeBy12g/cWyrZk7kSKYh5xfV4C3L1
EtCNZeLF62h9eANKrPg/3BowXWh99K3HKEYzHb6W3bJ3OVebBr+HLtr2DeduTak5
nIBskjAcC26YA+dgeOK4Mebc9Am8n5bnpY/Xc/wgt9A5HfSmE20UR1Q8N3tj3xxU
1gQpWRsvJZ4mJD698ikN/GSGhXn4U0mLfPWdFpLyiot4S9CHn+q2Xgi2GqNzU/OV
WEncGF/Sxk/liu+o7xQvqvE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org