Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/8q1W7OQQbEw6j1I7T6cVdL1i7ts.roa
File: 8q1W7OQQbEw6j1I7T6cVdL1i7ts.roa (raw, json)
Hash identifier: ltbIeTE/1A/LZTY88bpPDsGhBiLC4rTGbrzHwSgEBFQ=
Subject key identifier: F2:AD:56:EC:E4:10:6C:4C:3A:8F:52:3B:4F:A7:15:74:BD:62:EE:DB
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4924
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/8q1W7OQQbEw6j1I7T6cVdL1i7ts.roa
Signing time: Thu 02 Jun 2022 00:30:13 +0000
ROA not before: Thu 02 Jun 2022 00:30:13 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18724 (0x4924)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 2 00:30:13 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=F2AD56ECE4106C4C3A8F523B4FA71574BD62EEDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:63:b1:3b:bc:d6:3f:27:ff:8a:ca:12:7e:6d:
39:43:48:da:6d:a5:24:b6:04:f2:d0:68:fa:25:d7:
37:9a:d9:fa:26:79:2b:33:14:2f:78:3a:17:ad:92:
ff:22:90:49:39:df:2d:a0:d8:2e:4d:90:6c:d9:48:
3f:cc:6e:50:26:95:40:c7:9a:5e:16:e0:59:82:07:
b1:5b:c8:e5:07:8e:2e:ec:89:96:f5:28:3d:3a:a7:
85:25:bf:d4:73:dc:a7:86:ec:4e:4f:04:0e:7e:9a:
73:3b:c4:a8:a7:6c:1b:b8:5c:30:9e:29:fa:f7:ad:
45:a1:98:4a:ec:a3:aa:79:b3:45:75:64:ed:cf:b4:
43:d5:85:d3:88:8a:ea:2d:4e:48:45:2f:fd:07:78:
18:04:b8:d8:ba:96:4d:08:0b:ac:c5:f7:46:d8:5c:
86:e8:7b:a9:8c:8f:55:f0:34:81:a3:05:c5:32:2c:
6c:ac:6f:e5:ac:2b:da:f8:4d:4c:75:85:c8:78:9c:
8c:ee:c9:10:15:4b:dc:c9:5f:0f:60:d7:d3:b4:1a:
ea:7c:9c:14:0f:8f:b4:f2:24:a5:25:19:b8:ad:0a:
4c:d8:07:c4:7b:71:75:49:56:9b:ca:c8:88:16:ad:
1d:fb:be:3c:0a:59:e7:ed:cd:10:28:7c:ac:12:1c:
8d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AD:56:EC:E4:10:6C:4C:3A:8F:52:3B:4F:A7:15:74:BD:62:EE:DB
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/8q1W7OQQbEw6j1I7T6cVdL1i7ts.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.12.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:67:a5:13:ba:25:4d:57:d6:33:97:fb:ef:df:64:c9:5b:43:
fe:15:98:5e:d6:79:32:48:99:63:c2:b6:b7:06:08:e3:cc:5b:
0c:7d:77:d4:22:15:31:7b:69:20:76:f2:3d:ce:29:91:50:65:
ff:4f:e5:0c:48:bd:ea:18:79:42:98:f5:65:10:41:ca:9e:3b:
35:7f:b2:5f:15:f4:32:73:15:0b:6e:19:1f:aa:03:a5:5c:74:
c7:2d:19:b4:2e:9b:b5:23:a2:89:dd:71:4a:56:68:ae:63:09:
22:39:cd:84:4d:27:84:e4:3f:84:47:63:38:b8:09:59:61:87:
c8:43:9c:88:ac:b3:53:d3:f2:c6:f2:1d:e9:87:39:cc:67:ec:
d4:0e:d3:8f:c7:49:dd:57:4d:6f:5c:f8:84:5d:f6:a1:4a:34:
48:0e:d2:e8:e3:3a:6f:b8:b6:88:dc:1c:4d:07:bf:8c:5e:b2:
31:a9:b6:26:d8:a7:03:a1:e5:99:d8:98:3c:d7:4a:62:ba:63:
ba:06:0a:50:cd:c1:aa:f6:30:8f:4f:8d:de:d0:24:a9:dc:c0:
79:7d:c3:51:cd:62:17:ae:d7:ad:7e:93:bd:27:a9:f3:83:f5:
c1:3c:b3:c4:44:99:86:dd:7b:d8:36:b1:08:01:63:22:37:83:
b8:e0:34:7b
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSSQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDIw
MDMwMTNaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEYyQUQ1NkVDRTQxMDZD
NEMzQThGNTIzQjRGQTcxNTc0QkQ2MkVFREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrY7E7vNY/J/+KyhJ+bTlDSNptpSS2BPLQaPol1zea2fomeSsz
FC94Ohetkv8ikEk53y2g2C5NkGzZSD/MblAmlUDHml4W4FmCB7FbyOUHji7siZb1
KD06p4Ulv9Rz3KeG7E5PBA5+mnM7xKinbBu4XDCeKfr3rUWhmErso6p5s0V1ZO3P
tEPVhdOIiuotTkhFL/0HeBgEuNi6lk0IC6zF90bYXIboe6mMj1XwNIGjBcUyLGys
b+WsK9r4TUx1hch4nIzuyRAVS9zJXw9g19O0Gup8nBQPj7TyJKUlGbitCkzYB8R7
cXVJVpvKyIgWrR37vjwKWeftzRAofKwSHI3pAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU8q1W7OQQbEw6j1I7T6cVdL1i7tswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS84cTFXN09RUWJFdzZqMUk3VDZjVmRMMWk3dHMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAwwDQYJKoZIhvcNAQELBQADggEB
AG9npRO6JU1X1jOX++/fZMlbQ/4VmF7WeTJImWPCtrcGCOPMWwx9d9QiFTF7aSB2
8j3OKZFQZf9P5QxIveoYeUKY9WUQQcqeOzV/sl8V9DJzFQtuGR+qA6VcdMctGbQu
m7UjoondcUpWaK5jCSI5zYRNJ4TkP4RHYzi4CVlhh8hDnIiss1PT8sbyHemHOcxn
7NQO04/HSd1XTW9c+IRd9qFKNEgO0ujjOm+4tojcHE0Hv4xesjGptibYpwOh5ZnY
mDzXSmK6Y7oGClDNwar2MI9Pjd7QJKncwHl9w1HNYheu161+k70nqfOD9cE8s8RE
mYbde9g2sQgBYyI3g7jgNHs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org