Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/CUhKjkIRE-GOWaAfwB9YdMRb-Eo.roa
File: CUhKjkIRE-GOWaAfwB9YdMRb-Eo.roa (raw, json)
Hash identifier: /3HbQquMfZGiJqBR+3nqz8tf+5DMc+UAoprKTzIoftY=
Subject key identifier: 09:48:4A:8E:42:11:13:E1:8E:59:A0:1F:C0:1F:58:74:C4:5B:F8:4A
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4989
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/CUhKjkIRE-GOWaAfwB9YdMRb-Eo.roa
Signing time: Wed 08 Jun 2022 00:30:07 +0000
ROA not before: Wed 08 Jun 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18825 (0x4989)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 8 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=09484A8E421113E18E59A01FC01F5874C45BF84A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f2:b2:27:83:93:e8:0c:38:c5:b5:a2:6b:2b:
44:fb:26:40:1c:6c:1b:b7:b8:0c:60:a0:fb:0c:9f:
ba:ef:e9:fa:f2:72:d8:3d:42:7f:b0:cb:fa:9a:13:
c3:5f:04:7b:25:33:77:ba:85:fe:48:2d:0d:d3:9b:
d1:43:b5:5c:ce:ca:b3:b4:47:0d:24:d6:2f:bf:4a:
61:87:d3:6f:18:81:cc:7f:e2:f7:dd:ef:c1:b6:ea:
e7:61:ee:8b:38:b2:43:38:7c:ca:f8:3e:32:d1:a4:
88:83:89:0d:0c:28:cc:ae:b6:b5:0d:f1:a1:94:fa:
83:ae:27:4d:29:a6:84:de:43:33:79:4a:d3:86:3b:
4d:2c:a1:0c:a6:70:d6:d9:5d:75:b3:7e:09:3f:a4:
d6:62:34:98:99:dc:52:bf:3b:4d:bf:46:da:fd:15:
e1:e9:6b:23:ff:2a:95:f1:a4:89:c6:c8:76:cf:6d:
66:86:6d:e3:a1:bf:86:ad:3a:c7:7d:af:4c:a4:b8:
92:6d:cd:62:26:09:75:23:02:5b:4b:19:d9:74:27:
0b:bf:c0:65:e7:5b:26:a8:af:72:75:82:b7:4b:2e:
ff:ed:d4:0c:c9:75:49:10:3f:e8:36:23:80:b7:3e:
52:b6:73:62:06:43:e4:40:de:d2:47:13:9d:c2:26:
23:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:48:4A:8E:42:11:13:E1:8E:59:A0:1F:C0:1F:58:74:C4:5B:F8:4A
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/CUhKjkIRE-GOWaAfwB9YdMRb-Eo.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:82:c0:6f:6b:64:95:b7:db:25:bd:78:5c:68:5f:f7:c2:6e:
71:3a:50:47:2a:48:88:c2:4f:23:9e:18:7f:8e:8b:6a:b5:b5:
e1:ed:33:25:39:84:bc:16:ed:04:bb:f9:6f:75:fa:55:cc:1b:
ec:15:57:10:28:0f:05:16:b0:97:cb:98:3a:db:38:29:71:16:
cc:5e:75:b4:b1:7c:a9:93:c2:8b:25:a4:34:81:35:51:b7:44:
95:a3:31:60:8e:66:d8:7a:c4:28:e6:7b:0e:8d:31:44:cf:e9:
11:78:90:fb:d7:f8:a4:f5:70:2b:08:2c:a4:14:6b:cd:5c:15:
31:28:50:89:e5:41:ab:20:d5:f8:33:7b:ec:a3:52:60:1f:d4:
05:eb:35:e5:9f:de:cd:4b:43:2f:85:3e:9a:b5:b2:bc:15:24:
15:66:62:e2:15:95:ae:78:0b:b6:86:66:9b:8e:a3:23:54:db:
55:a4:55:06:eb:c9:6a:97:a4:ec:63:1d:f0:4a:70:06:6f:4b:
14:bd:47:05:3e:06:d7:80:51:64:f1:82:a4:44:70:b9:b4:f8:
36:01:81:7e:59:7b:3f:48:04:a2:20:34:ac:52:dc:95:af:ee:
93:bd:57:e0:6e:d0:af:ca:7f:e9:ab:0f:22:4c:89:43:30:b4:
60:91:2f:da
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSYkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDgw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDA5NDg0QThFNDIxMTEz
RTE4RTU5QTAxRkMwMUY1ODc0QzQ1QkY4NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDl8rIng5PoDDjFtaJrK0T7JkAcbBu3uAxgoPsMn7rv6fryctg9
Qn+wy/qaE8NfBHslM3e6hf5ILQ3Tm9FDtVzOyrO0Rw0k1i+/SmGH028Ygcx/4vfd
78G26udh7os4skM4fMr4PjLRpIiDiQ0MKMyutrUN8aGU+oOuJ00ppoTeQzN5StOG
O00soQymcNbZXXWzfgk/pNZiNJiZ3FK/O02/Rtr9FeHpayP/KpXxpInGyHbPbWaG
beOhv4atOsd9r0ykuJJtzWImCXUjAltLGdl0Jwu/wGXnWyaor3J1grdLLv/t1AzJ
dUkQP+g2I4C3PlK2c2IGQ+RA3tJHE53CJiMrAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUCUhKjkIRE+GOWaAfwB9YdMRb+EowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9DVWhLamtJUkUtR09XYUFmd0I5WWRNUmItRW8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AHyCwG9rZJW32yW9eFxoX/fCbnE6UEcqSIjCTyOeGH+Oi2q1teHtMyU5hLwW7QS7
+W91+lXMG+wVVxAoDwUWsJfLmDrbOClxFsxedbSxfKmTwoslpDSBNVG3RJWjMWCO
Zth6xCjmew6NMUTP6RF4kPvX+KT1cCsILKQUa81cFTEoUInlQasg1fgze+yjUmAf
1AXrNeWf3s1LQy+FPpq1srwVJBVmYuIVla54C7aGZpuOoyNU21WkVQbryWqXpOxj
HfBKcAZvSxS9RwU+BteAUWTxgqREcLm0+DYBgX5Zez9IBKIgNKxS3JWv7pO9V+Bu
0K/Kf+mrDyJMiUMwtGCRL9o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org