Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/APdnCQ7_zgkTZVivruvwLccP7PI.roa
File: APdnCQ7_zgkTZVivruvwLccP7PI.roa (raw, json)
Hash identifier: JZTp/f6CliysOK4VpcNJMVt4FTSFUe/ClWklgWSlXqo=
Subject key identifier: 00:F7:67:09:0E:FF:CE:09:13:65:58:AF:AE:EB:F0:2D:C7:0F:EC:F2
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 47D5
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/APdnCQ7_zgkTZVivruvwLccP7PI.roa
Signing time: Wed 11 May 2022 00:30:12 +0000
ROA not before: Wed 11 May 2022 00:30:12 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18389 (0x47d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 11 00:30:12 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=00F767090EFFCE09136558AFAEEBF02DC70FECF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:07:21:a2:f8:99:a3:e2:5b:67:bd:0d:34:4e:
45:e3:95:6d:b1:cb:ee:08:6e:3c:da:eb:bc:32:bd:
f6:ae:a5:35:7f:c0:e9:88:8a:67:69:e9:9d:1b:86:
8e:8d:ab:8d:69:fb:84:f9:53:6f:8d:21:b3:0f:f5:
28:f1:74:05:7d:0c:6e:87:a2:9c:f2:d3:4d:2b:ed:
13:64:9a:c9:24:de:ae:da:71:63:d0:68:ec:bb:cf:
2b:94:69:9d:18:45:b0:2e:a0:4d:b4:4a:82:39:5a:
8d:e5:9d:36:a7:28:6e:3d:cc:c7:f3:95:ed:d5:2b:
9a:63:8c:48:a9:ae:26:60:3d:a5:92:11:7e:a8:64:
10:51:67:4e:e0:b8:08:b0:a8:41:b4:7c:db:39:ff:
a9:4f:e6:3a:c5:a4:28:2f:00:35:ef:6d:12:05:b7:
28:33:4f:81:c9:ab:91:32:d3:63:bc:22:1d:52:9e:
ac:3e:98:74:be:12:37:53:49:1b:6a:04:9b:70:a3:
b8:e2:45:6e:a6:04:48:63:71:e3:44:8d:eb:45:b1:
44:e7:df:d1:00:63:98:6d:94:77:fd:95:dd:11:2a:
fe:b9:77:3c:cd:0c:98:f9:c5:5a:f6:d9:ef:50:a6:
10:e3:45:fd:47:57:8e:1e:ad:5a:97:14:fc:aa:ef:
e4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F7:67:09:0E:FF:CE:09:13:65:58:AF:AE:EB:F0:2D:C7:0F:EC:F2
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/APdnCQ7_zgkTZVivruvwLccP7PI.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:60:45:e5:5d:00:98:12:e9:90:38:ef:1c:bf:81:2d:78:c8:
23:da:3b:6f:6a:c5:52:f1:0f:b7:e3:a7:b7:41:5e:af:45:3e:
68:b9:ef:66:23:87:1f:a4:10:0b:ee:1b:7c:29:62:6b:ed:b0:
9e:18:fa:86:68:9a:1a:b3:91:8a:ba:e3:81:f9:36:7f:ab:05:
65:77:b9:dc:e6:eb:30:44:b5:cf:b3:58:89:85:bd:e6:6d:06:
67:c6:4b:84:12:8a:05:1c:43:e5:0d:58:ed:8f:b8:ec:c3:ba:
4c:18:6f:07:6d:5c:0c:cb:b3:e1:8e:ff:e9:5d:0b:a1:03:81:
22:45:57:8b:13:dc:e4:05:0f:1d:61:e6:ed:6c:56:14:47:28:
c6:8c:78:a0:87:eb:86:bd:50:60:34:80:30:0c:dc:68:c9:6d:
aa:52:96:18:a6:a4:bd:e0:ce:75:c0:02:f3:d4:f6:bc:71:77:
36:22:d2:50:d4:5a:4b:58:52:b4:c7:30:82:38:87:97:29:f4:
b5:98:df:5c:f8:1b:7e:4a:c3:3d:00:86:bf:69:85:8c:29:db:
9e:38:f4:11:4d:39:22:4a:22:87:a9:e0:6c:a3:95:30:50:58:
1a:5d:07:30:7d:47:86:b2:80:0b:d2:2a:09:01:c9:00:46:2b:
46:97:69:66
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR9UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MTEw
MDMwMTJaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDAwRjc2NzA5MEVGRkNF
MDkxMzY1NThBRkFFRUJGMDJEQzcwRkVDRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuByGi+Jmj4ltnvQ00TkXjlW2xy+4Ibjza67wyvfaupTV/wOmI
imdp6Z0bho6Nq41p+4T5U2+NIbMP9SjxdAV9DG6Hopzy000r7RNkmskk3q7acWPQ
aOy7zyuUaZ0YRbAuoE20SoI5Wo3lnTanKG49zMfzle3VK5pjjEipriZgPaWSEX6o
ZBBRZ07guAiwqEG0fNs5/6lP5jrFpCgvADXvbRIFtygzT4HJq5Ey02O8Ih1Snqw+
mHS+EjdTSRtqBJtwo7jiRW6mBEhjceNEjetFsUTn39EAY5htlHf9ld0RKv65dzzN
DJj5xVr22e9QphDjRf1HV44erVqXFPyq7+R7AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUAPdnCQ7/zgkTZVivruvwLccP7PIwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9BUGRuQ1E3X3pna1RaVml2cnV2d0xjY1A3UEkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AAtgReVdAJgS6ZA47xy/gS14yCPaO29qxVLxD7fjp7dBXq9FPmi572Yjhx+kEAvu
G3wpYmvtsJ4Y+oZomhqzkYq644H5Nn+rBWV3udzm6zBEtc+zWImFveZtBmfGS4QS
igUcQ+UNWO2PuOzDukwYbwdtXAzLs+GO/+ldC6EDgSJFV4sT3OQFDx1h5u1sVhRH
KMaMeKCH64a9UGA0gDAM3GjJbapSlhimpL3gznXAAvPU9rxxdzYi0lDUWktYUrTH
MII4h5cp9LWY31z4G35Kwz0Ahr9phYwp25449BFNOSJKIoep4GyjlTBQWBpdBzB9
R4aygAvSKgkByQBGK0aXaWY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org