Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/AWBKN25v3nXBzvRXG5BChOFFXHo.roa
File: AWBKN25v3nXBzvRXG5BChOFFXHo.roa (raw, json)
Hash identifier: blsKXTzi9hrErWWzso8TmYybR0AyCrPnyaqVfTbEsRw=
Subject key identifier: 01:60:4A:37:6E:6F:DE:75:C1:CE:F4:57:1B:90:42:84:E1:45:5C:7A
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43AC
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/AWBKN25v3nXBzvRXG5BChOFFXHo.roa
Signing time: Thu 24 Feb 2022 00:30:06 +0000
ROA not before: Thu 24 Feb 2022 00:30:06 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17324 (0x43ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 24 00:30:06 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=01604A376E6FDE75C1CEF4571B904284E1455C7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:18:24:e3:42:d8:76:a0:32:2a:73:47:6c:e9:
99:22:bc:c7:d3:e0:c8:68:80:ac:d5:a2:f2:70:ae:
9d:d3:aa:61:05:75:3e:5d:19:f2:b0:6f:77:9b:8f:
50:73:bc:2b:93:1a:ff:3a:72:19:27:e8:6b:a4:fd:
5b:ab:5d:3c:10:e3:5a:9f:10:8b:9c:70:5c:05:49:
35:10:15:d9:eb:4a:50:8e:a1:20:ab:c2:27:ba:09:
38:a1:35:3f:bf:3c:a2:e0:8d:f1:d6:32:a0:c4:7a:
2d:cd:e8:65:25:a1:50:f6:f9:0f:93:fd:9c:ca:36:
d9:8a:fc:09:72:f3:c4:8a:b8:e3:d6:96:82:6d:3d:
b9:7b:fd:6e:53:b6:17:3b:fd:e6:a5:41:64:09:d7:
8e:46:22:27:3c:ef:04:23:80:33:02:45:c1:8b:bb:
63:0d:26:19:6c:bc:32:8a:08:42:83:4d:bb:b6:a2:
66:df:56:7b:b7:ae:fc:7e:90:53:41:cf:9b:10:ce:
be:e4:f2:f8:81:e3:88:cd:2e:32:8f:8a:7d:40:13:
ec:0f:b7:f7:98:2f:97:5b:53:10:4a:bf:d6:cc:1f:
df:3b:25:55:f3:6c:c9:00:0a:b3:25:ce:0f:3a:e5:
fc:7d:b9:99:fa:e0:dd:e4:87:75:2f:55:80:d9:1c:
9e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:60:4A:37:6E:6F:DE:75:C1:CE:F4:57:1B:90:42:84:E1:45:5C:7A
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/AWBKN25v3nXBzvRXG5BChOFFXHo.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
34:58:d1:ee:fa:58:a8:ea:db:93:84:70:bb:f4:43:44:c8:be:
88:72:4d:df:64:f2:77:37:0b:f4:42:be:30:d1:aa:4e:f8:b0:
06:7c:9f:14:f4:e9:3f:83:43:12:d4:d5:30:52:20:d7:27:3a:
f0:9b:34:f1:5d:22:16:fc:36:97:de:8a:d0:62:bb:c0:8a:d4:
8f:42:da:20:38:c0:81:a7:e5:49:12:83:65:e2:10:8e:eb:e4:
f6:85:a5:a5:08:62:a6:8a:62:e1:af:ca:ef:71:26:34:55:6e:
20:10:d1:f3:1c:cf:8e:5e:b3:9d:ba:b6:ed:85:e4:98:58:a5:
5a:d4:23:ae:99:1f:e6:df:46:67:8a:14:81:20:1f:a1:60:7c:
29:f3:48:24:f8:92:da:8a:b1:99:c2:ae:bb:6c:7f:6e:20:31:
0c:de:03:8a:bb:6f:7a:e8:6c:91:5d:ba:73:dd:1e:1a:40:16:
f0:54:4e:b0:65:10:b5:27:9e:6b:f7:90:fe:1a:43:dd:9c:e7:
32:45:4f:20:85:4d:97:c3:bf:e5:75:55:07:4f:b8:cc:6e:1c:
6d:95:30:7a:68:1c:72:4b:0c:48:55:95:a6:68:3a:82:57:b4:
28:1a:2d:b9:c1:eb:9a:80:ff:da:d2:fc:54:b7:90:20:ad:42:
29:e2:35:4a
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ6wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjQw
MDMwMDZaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDAxNjA0QTM3NkU2RkRF
NzVDMUNFRjQ1NzFCOTA0Mjg0RTE0NTVDN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdGCTjQth2oDIqc0ds6ZkivMfT4MhogKzVovJwrp3TqmEFdT5d
GfKwb3ebj1BzvCuTGv86chkn6Guk/VurXTwQ41qfEIuccFwFSTUQFdnrSlCOoSCr
wie6CTihNT+/PKLgjfHWMqDEei3N6GUloVD2+Q+T/ZzKNtmK/Aly88SKuOPWloJt
Pbl7/W5Tthc7/ealQWQJ145GIic87wQjgDMCRcGLu2MNJhlsvDKKCEKDTbu2ombf
Vnu3rvx+kFNBz5sQzr7k8viB44jNLjKPin1AE+wPt/eYL5dbUxBKv9bMH987JVXz
bMkACrMlzg865fx9uZn64N3kh3UvVYDZHJ59AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUAWBKN25v3nXBzvRXG5BChOFFXHowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9BV0JLTjI1djNuWEJ6dlJYRzVCQ2hPRkZYSG8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
ADRY0e76WKjq25OEcLv0Q0TIvohyTd9k8nc3C/RCvjDRqk74sAZ8nxT06T+DQxLU
1TBSINcnOvCbNPFdIhb8NpfeitBiu8CK1I9C2iA4wIGn5UkSg2XiEI7r5PaFpaUI
YqaKYuGvyu9xJjRVbiAQ0fMcz45es526tu2F5JhYpVrUI66ZH+bfRmeKFIEgH6Fg
fCnzSCT4ktqKsZnCrrtsf24gMQzeA4q7b3robJFdunPdHhpAFvBUTrBlELUnnmv3
kP4aQ92c5zJFTyCFTZfDv+V1VQdPuMxuHG2VMHpoHHJLDEhVlaZoOoJXtCgaLbnB
65qA/9rS/FS3kCCtQiniNUo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org