Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/9BNFXTKAPk2UDTu2z1XuFbEoR3M.roa
File: 9BNFXTKAPk2UDTu2z1XuFbEoR3M.roa (raw, json)
Hash identifier: AL1H22TBZgcIr6LyUb0Yx2M1rksYVCl04nmEraxw00s=
Subject key identifier: F4:13:45:5D:32:80:3E:4D:94:0D:3B:B6:CF:55:EE:15:B1:28:47:73
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4246
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/9BNFXTKAPk2UDTu2z1XuFbEoR3M.roa
Signing time: Sat 29 Jan 2022 00:30:07 +0000
ROA not before: Sat 29 Jan 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16966 (0x4246)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jan 29 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=F413455D32803E4D940D3BB6CF55EE15B1284773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:31:74:a9:29:3b:e3:3d:88:d9:1b:fc:52:96:
d0:4f:6e:47:98:3b:2b:38:53:f8:d7:cf:3c:98:0b:
34:bf:b8:c1:2b:f3:bb:ed:2b:8c:81:a0:ee:d8:08:
11:5f:e1:c5:14:30:3c:2c:be:a5:03:28:57:20:86:
05:6c:59:3d:99:19:94:e7:b9:14:73:cf:76:f4:4b:
76:81:0c:9b:84:e9:1b:21:8f:f3:1c:da:a4:e5:c7:
8f:97:98:27:26:69:96:0b:22:50:55:b3:89:46:19:
c6:19:78:90:19:51:c8:cb:5c:2f:1a:ae:c6:c7:77:
62:9c:50:e6:f9:bf:8e:e2:f2:2e:f3:bf:8a:ba:6d:
dc:3a:03:3b:0f:08:0a:36:b0:ad:a7:f7:83:54:6a:
65:cb:a8:70:34:85:96:d5:ed:d5:1b:6e:c5:4d:e0:
4c:bb:62:c8:13:d9:ec:34:ba:dd:42:a4:e9:84:ac:
22:8f:86:af:2f:ff:bf:1c:16:de:af:05:6e:59:82:
d0:86:ab:dc:a6:32:28:f9:34:1e:80:cd:f1:90:68:
3c:e0:72:91:c0:f1:37:f9:4a:f3:ea:85:43:db:02:
7c:31:82:10:26:aa:d9:8b:93:19:82:6a:e9:71:a0:
3e:7b:97:e5:56:3e:05:cb:57:6e:eb:75:cf:af:dc:
77:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:13:45:5D:32:80:3E:4D:94:0D:3B:B6:CF:55:EE:15:B1:28:47:73
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/9BNFXTKAPk2UDTu2z1XuFbEoR3M.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:19:a3:48:d8:40:a5:ab:b6:47:b3:b4:4e:9f:bf:05:2b:7a:
79:22:c7:57:64:0e:b6:62:64:8a:57:51:c0:24:60:d2:b5:9e:
a6:49:26:ef:b6:b7:a9:01:9b:86:fb:ac:9a:e5:17:a6:e0:44:
24:5e:9d:99:bf:93:49:63:15:af:18:ac:36:90:d0:41:da:4f:
d0:5b:ff:44:16:11:c5:18:41:4d:33:c9:ea:00:ac:2e:e4:fb:
fa:58:61:52:9c:e5:7e:71:4a:b6:eb:a5:af:f7:3c:c1:32:8e:
aa:ab:9f:f8:dd:96:81:83:83:35:8b:0b:6c:e4:2a:8d:cf:e2:
8e:ce:5b:8b:be:ac:cc:fb:ad:bd:5e:e6:d3:25:26:73:42:cc:
b8:a4:64:d0:24:e4:23:8f:c9:dd:64:d1:cd:78:a4:5a:fe:dc:
b3:da:a3:71:41:b3:b4:35:86:16:9e:8b:a4:1e:14:1f:b0:5b:
a4:2c:63:a8:a4:6d:2d:6c:d3:58:b3:f8:01:fa:d3:b6:a4:bf:
6a:a8:9f:ec:56:0d:f2:90:42:54:35:51:5b:8f:ff:7d:f5:bb:
f3:53:fb:ac:a6:e3:df:4e:74:0b:76:13:f7:8e:0f:22:d9:a0:
05:6d:88:2d:88:f4:68:8d:c8:11:30:34:d5:f4:8a:43:7a:91:
2a:ef:17:a7
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQkYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAxMjkw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEY0MTM0NTVEMzI4MDNF
NEQ5NDBEM0JCNkNGNTVFRTE1QjEyODQ3NzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1MXSpKTvjPYjZG/xSltBPbkeYOys4U/jXzzyYCzS/uMEr87vt
K4yBoO7YCBFf4cUUMDwsvqUDKFcghgVsWT2ZGZTnuRRzz3b0S3aBDJuE6Rshj/Mc
2qTlx4+XmCcmaZYLIlBVs4lGGcYZeJAZUcjLXC8arsbHd2KcUOb5v47i8i7zv4q6
bdw6AzsPCAo2sK2n94NUamXLqHA0hZbV7dUbbsVN4Ey7YsgT2ew0ut1CpOmErCKP
hq8v/78cFt6vBW5ZgtCGq9ymMij5NB6AzfGQaDzgcpHA8Tf5SvPqhUPbAnwxghAm
qtmLkxmCaulxoD57l+VWPgXLV27rdc+v3HdXAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU9BNFXTKAPk2UDTu2z1XuFbEoR3MwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS85Qk5GWFRLQVBrMlVEVHUyejFYdUZiRW9SM00ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
ALIZo0jYQKWrtkeztE6fvwUrenkix1dkDrZiZIpXUcAkYNK1nqZJJu+2t6kBm4b7
rJrlF6bgRCRenZm/k0ljFa8YrDaQ0EHaT9Bb/0QWEcUYQU0zyeoArC7k+/pYYVKc
5X5xSrbrpa/3PMEyjqqrn/jdloGDgzWLC2zkKo3P4o7OW4u+rMz7rb1e5tMlJnNC
zLikZNAk5COPyd1k0c14pFr+3LPao3FBs7Q1hhaei6QeFB+wW6QsY6ikbS1s01iz
+AH607akv2qon+xWDfKQQlQ1UVuP/331u/NT+6ym499OdAt2E/eODyLZoAVtiC2I
9GiNyBEwNNX0ikN6kSrvF6c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org