Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/9A4UUktxsfwI1agceN4783hVaXQ.roa
File: 9A4UUktxsfwI1agceN4783hVaXQ.roa (raw, json)
Hash identifier: ZVZVcg+GVoE+M04AUAenFv1DkVChkBxughh1medV7us=
Subject key identifier: F4:0E:14:52:4B:71:B1:FC:08:D5:A8:1C:78:DE:3B:F3:78:55:69:74
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4497
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/9A4UUktxsfwI1agceN4783hVaXQ.roa
Signing time: Sun 13 Mar 2022 00:30:08 +0000
ROA not before: Sun 13 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17559 (0x4497)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 13 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=F40E14524B71B1FC08D5A81C78DE3BF378556974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fd:25:47:19:8a:91:db:03:07:2d:dd:6b:c2:
ce:c7:d1:4c:bd:e0:8a:2b:7e:1d:9f:85:93:02:fe:
0c:9a:58:9b:ed:70:bb:cf:12:7d:10:5e:08:ad:3b:
0b:d7:60:35:9f:a5:e2:f7:2f:3d:73:94:71:0a:50:
b2:2c:97:a4:2c:8e:e4:76:c8:25:c2:60:50:eb:6a:
96:de:05:55:b0:be:3d:bb:7d:44:a6:df:5e:38:eb:
fc:fd:4b:b1:2a:a5:b3:3a:25:9a:5d:7b:b9:e7:8b:
e9:11:85:a9:44:59:5d:7e:4c:4d:d8:5e:a0:39:72:
d9:30:1a:ac:e7:5e:61:c9:80:9d:ff:e8:68:3b:0a:
cf:72:2f:22:08:71:e2:74:95:ae:1a:ab:15:01:db:
fd:77:9a:33:19:e1:41:35:8f:0c:05:40:c2:a9:b9:
02:ca:39:54:e0:7a:82:69:7a:fb:b4:9f:45:b8:f1:
f5:03:b4:7a:87:df:eb:b9:fa:5d:14:d5:9c:d6:0d:
1c:57:89:3f:e9:49:ea:d2:38:18:83:73:61:60:6b:
9a:db:29:3a:30:5d:20:53:5b:88:a6:16:b1:be:2d:
2b:4c:e9:c7:1f:9f:ce:20:ee:b4:ba:77:31:7c:9e:
f2:5d:7a:89:16:52:f4:68:68:bb:3d:05:9f:e4:f9:
09:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:0E:14:52:4B:71:B1:FC:08:D5:A8:1C:78:DE:3B:F3:78:55:69:74
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/9A4UUktxsfwI1agceN4783hVaXQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:24:56:75:4e:c9:f6:e7:c3:17:60:84:2a:16:b4:a7:90:88:
bb:c4:09:6b:f1:64:08:71:67:38:0f:3c:d2:cf:b0:be:37:8a:
36:d4:43:e2:90:66:6f:80:47:c0:1c:24:f6:fa:41:3e:00:86:
e2:e2:81:d0:0c:d4:36:86:a2:87:e8:73:d4:84:b3:e8:fa:02:
66:5c:8e:7a:87:71:03:7d:8e:6a:28:3e:6e:47:88:6a:cc:56:
49:2c:56:c9:90:ae:f3:72:e7:b7:d1:ff:48:5b:3e:cf:4c:0b:
15:c7:f1:24:c7:98:cc:04:45:a9:43:54:8e:a8:d2:e6:d5:ca:
89:6a:dc:3c:fc:fd:5d:2c:63:dc:0c:26:8a:81:0c:42:e7:f6:
f4:ad:6d:ed:a2:a6:7a:38:3a:88:2f:89:a8:68:fe:dc:3b:fd:
58:bc:75:c8:13:29:63:ca:9c:76:6e:19:63:22:bb:4c:be:9c:
49:06:35:db:d2:3d:41:67:5f:82:4c:8c:bd:4a:bb:ee:a8:95:
38:96:4d:b7:e2:28:89:84:05:7f:41:9c:5d:8f:73:ca:06:b5:
40:70:43:7c:57:52:f1:b0:f8:bc:8d:93:4d:0a:8f:c8:d8:1d:
0d:75:7f:2b:d0:b4:21:8f:89:7f:98:6b:8c:27:5a:a1:7e:e0:
69:71:f3:04
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRJcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTMw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEY0MEUxNDUyNEI3MUIx
RkMwOEQ1QTgxQzc4REUzQkYzNzg1NTY5NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP/SVHGYqR2wMHLd1rws7H0Uy94Iorfh2fhZMC/gyaWJvtcLvP
En0QXgitOwvXYDWfpeL3Lz1zlHEKULIsl6QsjuR2yCXCYFDrapbeBVWwvj27fUSm
31446/z9S7EqpbM6JZpde7nni+kRhalEWV1+TE3YXqA5ctkwGqznXmHJgJ3/6Gg7
Cs9yLyIIceJ0la4aqxUB2/13mjMZ4UE1jwwFQMKpuQLKOVTgeoJpevu0n0W48fUD
tHqH3+u5+l0U1ZzWDRxXiT/pSerSOBiDc2Fga5rbKTowXSBTW4imFrG+LStM6ccf
n84g7rS6dzF8nvJdeokWUvRoaLs9BZ/k+QmXAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU9A4UUktxsfwI1agceN4783hVaXQwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS85QTRVVWt0eHNmd0kxYWdjZU40NzgzaFZhWFEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AAokVnVOyfbnwxdghCoWtKeQiLvECWvxZAhxZzgPPNLPsL43ijbUQ+KQZm+AR8Ac
JPb6QT4AhuLigdAM1DaGoofoc9SEs+j6AmZcjnqHcQN9jmooPm5HiGrMVkksVsmQ
rvNy57fR/0hbPs9MCxXH8STHmMwERalDVI6o0ubVyolq3Dz8/V0sY9wMJoqBDELn
9vStbe2ipno4Oogviaho/tw7/Vi8dcgTKWPKnHZuGWMiu0y+nEkGNdvSPUFnX4JM
jL1Ku+6olTiWTbfiKImEBX9BnF2Pc8oGtUBwQ3xXUvGw+LyNk00Kj8jYHQ11fyvQ
tCGPiX+Ya4wnWqF+4Glx8wQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org