Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/CPtYzTORF1ZPLdWRKo1xOBmxyqw.roa
File: CPtYzTORF1ZPLdWRKo1xOBmxyqw.roa (raw, json)
Hash identifier: /Np1BKhluQyemecmpFT+Fb/Q3xAA/GBfKD9+hKhxtq0=
Subject key identifier: 08:FB:58:CD:33:91:17:56:4F:2D:D5:91:2A:8D:71:38:19:B1:CA:AC
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 47D0
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/CPtYzTORF1ZPLdWRKo1xOBmxyqw.roa
Signing time: Wed 11 May 2022 00:30:10 +0000
ROA not before: Wed 11 May 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18384 (0x47d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 11 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=08FB58CD339117564F2DD5912A8D713819B1CAAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ce:b1:e7:e4:17:1e:b7:f4:5c:20:18:e9:24:
1d:92:69:9c:07:5b:7a:27:0c:e5:b8:f6:62:be:53:
c2:5b:fd:1d:98:9f:6e:59:06:5d:4e:29:77:f3:42:
ed:05:28:09:25:77:88:0f:e9:50:1b:e0:8f:d3:b8:
b1:62:d8:74:98:d6:7f:67:a3:ee:9d:53:94:4f:48:
cf:db:48:57:7c:33:d4:ee:b3:f0:f2:a2:ec:03:81:
6c:9c:a1:4a:0d:f2:e8:79:83:75:a0:cc:a0:fd:07:
4e:88:ca:e5:df:19:38:f9:11:8d:bf:41:4f:c7:76:
c1:9b:32:4f:19:af:a5:64:6a:26:c2:fa:3f:0e:f9:
72:19:44:3c:54:8d:c9:72:c1:18:01:12:ef:70:6f:
25:3a:36:c9:01:d0:6c:6e:00:84:ac:fb:0a:60:28:
27:4c:91:71:ab:f7:8f:fc:9f:08:03:55:c7:48:af:
5a:4e:1a:09:da:70:76:18:4a:f3:1a:c9:b3:34:97:
1b:75:3f:fc:7b:19:c2:18:6a:d7:b4:6e:54:38:04:
43:0d:f1:cc:31:b0:cc:67:a6:3b:bd:42:0c:6f:98:
4f:13:81:0f:19:d3:6c:56:ae:9b:6d:73:c8:26:b6:
a2:c5:ca:e9:01:39:2b:d0:c4:95:1c:94:23:a0:6a:
58:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:FB:58:CD:33:91:17:56:4F:2D:D5:91:2A:8D:71:38:19:B1:CA:AC
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/CPtYzTORF1ZPLdWRKo1xOBmxyqw.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
08:6c:55:0f:5a:4f:2f:25:36:77:46:4e:44:88:86:c1:d8:2e:
a4:d3:fd:f7:5a:29:79:b8:f0:95:2d:2e:8e:3d:f8:a1:c9:8b:
92:24:76:6f:e8:a1:9a:45:af:46:59:db:c5:0b:98:06:81:a7:
2e:2b:3d:3b:85:4d:47:37:30:c4:b2:97:8d:39:93:1c:41:4b:
71:e8:f4:5a:f1:36:06:b6:f8:47:cf:73:97:5b:98:c5:61:80:
d8:40:9f:6c:58:c7:a2:e3:61:f3:52:5d:5d:4c:e8:e3:c5:fd:
08:1a:75:ff:0d:ef:df:37:9a:ea:f9:23:cc:dd:10:ed:87:e4:
b2:d7:41:25:0c:56:0a:16:11:22:f0:7a:93:6d:8b:7c:20:db:
25:bc:84:87:ad:f2:d2:87:32:af:f0:86:11:28:7f:6f:01:b0:
13:e8:40:93:d4:2c:35:40:ff:e5:ec:c4:03:69:32:39:bd:ec:
3a:f1:e3:a8:7d:78:da:20:cd:0d:b5:62:95:26:f7:d5:80:2f:
e1:bd:78:b2:29:09:b1:b3:73:5a:f5:e8:e1:f3:b3:70:e4:fb:
ae:3b:ab:01:dc:51:06:b8:66:e0:39:86:03:d7:f4:a5:82:c8:
56:15:24:cf:40:f4:f4:0e:8c:f5:9e:ec:c3:7c:e1:f6:24:08:
9c:57:7e:ba
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR9AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MTEw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDA4RkI1OENEMzM5MTE3
NTY0RjJERDU5MTJBOEQ3MTM4MTlCMUNBQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtzrHn5Bcet/RcIBjpJB2SaZwHW3onDOW49mK+U8Jb/R2Yn25Z
Bl1OKXfzQu0FKAkld4gP6VAb4I/TuLFi2HSY1n9no+6dU5RPSM/bSFd8M9Tus/Dy
ouwDgWycoUoN8uh5g3WgzKD9B06IyuXfGTj5EY2/QU/HdsGbMk8Zr6VkaibC+j8O
+XIZRDxUjclywRgBEu9wbyU6NskB0GxuAISs+wpgKCdMkXGr94/8nwgDVcdIr1pO
GgnacHYYSvMaybM0lxt1P/x7GcIYate0blQ4BEMN8cwxsMxnpju9QgxvmE8TgQ8Z
02xWrpttc8gmtqLFyukBOSvQxJUclCOgalgBAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUCPtYzTORF1ZPLdWRKo1xOBmxyqwwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9DUHRZelRPUkYxWlBMZFdSS28xeE9CbXh5cXcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AAhsVQ9aTy8lNndGTkSIhsHYLqTT/fdaKXm48JUtLo49+KHJi5Ikdm/ooZpFr0ZZ
28ULmAaBpy4rPTuFTUc3MMSyl405kxxBS3Ho9FrxNga2+EfPc5dbmMVhgNhAn2xY
x6LjYfNSXV1M6OPF/Qgadf8N7983mur5I8zdEO2H5LLXQSUMVgoWESLwepNti3wg
2yW8hIet8tKHMq/whhEof28BsBPoQJPULDVA/+XsxANpMjm97Drx46h9eNogzQ21
YpUm99WAL+G9eLIpCbGzc1r16OHzs3Dk+647qwHcUQa4ZuA5hgPX9KWCyFYVJM9A
9PQOjPWe7MN84fYkCJxXfro=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org