Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/CqbpvxbX-18nGuARGBzuPXMQkK4.roa
File: CqbpvxbX-18nGuARGBzuPXMQkK4.roa (raw, json)
Hash identifier: LE/KCWBkA4kxb+m1znTLv703yYdc1mFbAJNiPiYFx+E=
Subject key identifier: 0A:A6:E9:BF:16:D7:FB:5F:27:1A:E0:11:18:1C:EE:3D:73:10:90:AE
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44E3
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/CqbpvxbX-18nGuARGBzuPXMQkK4.roa
Signing time: Fri 18 Mar 2022 01:07:28 +0000
ROA not before: Fri 18 Mar 2022 01:07:28 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17635 (0x44e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 18 01:07:28 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=0AA6E9BF16D7FB5F271AE011181CEE3D731090AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:41:43:17:55:45:db:d1:18:86:e1:55:11:66:
dd:7c:76:16:1b:d9:13:fe:2b:2e:3f:e3:f5:e9:fb:
10:f5:ce:6a:37:a5:ee:67:f6:7e:e7:ad:7d:cb:f9:
9c:1c:de:59:e6:bb:66:36:40:aa:f4:f8:9b:85:10:
66:ed:eb:65:65:35:4f:ab:fe:98:bd:1b:3b:dd:88:
50:06:60:97:be:4f:32:34:97:92:72:15:d2:aa:a9:
95:24:13:f4:ad:f1:d0:23:f2:85:fb:12:c8:b8:46:
eb:58:19:bc:fe:bc:4b:3a:a7:d6:ce:e0:74:78:4e:
83:a7:01:02:66:ee:40:6c:7f:88:ae:04:4c:75:cb:
7f:e9:dc:42:56:ea:4b:87:20:d5:a8:40:c2:10:fc:
1c:dc:2c:cc:7a:8f:82:fe:ed:67:3f:c1:5d:a2:33:
34:7a:c8:2e:c7:55:27:18:62:65:f8:62:8f:42:f3:
3c:32:55:85:a0:29:0c:4c:67:92:20:30:34:9c:03:
a8:cb:9d:79:bb:85:76:8d:c1:22:c1:b5:af:4b:74:
e0:2f:08:57:06:a7:f0:9f:cb:9d:09:30:0c:0f:90:
94:9f:fe:67:d5:1f:70:56:97:c2:ee:0f:56:a6:37:
b5:c6:0a:3d:57:d9:74:97:be:f0:c3:e3:94:bf:4a:
28:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A6:E9:BF:16:D7:FB:5F:27:1A:E0:11:18:1C:EE:3D:73:10:90:AE
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/CqbpvxbX-18nGuARGBzuPXMQkK4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.4.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:d8:e9:4c:81:34:dd:da:76:06:87:14:68:dc:ce:d4:84:bc:
80:06:d5:70:c3:c5:25:d0:2a:26:12:70:3d:a9:c2:59:74:ec:
c1:b6:40:2a:c3:1e:4d:0a:e9:b1:c8:1c:b9:f0:cd:8a:56:8e:
4c:85:16:c8:81:b6:92:6e:c2:d0:d4:cb:0b:d4:d2:ff:11:8e:
e4:f7:86:6f:50:2e:05:76:d8:37:53:69:7a:d7:0b:7d:7d:f2:
94:f3:b5:2f:4a:fa:f5:8d:96:80:d2:9f:86:e7:27:f0:77:b1:
72:55:17:fd:dd:27:a0:74:81:0e:bd:80:69:89:2f:20:c0:ee:
77:a8:fa:fb:75:1b:96:a7:57:bb:11:8a:2f:a9:fb:b8:f5:26:
9a:45:f3:5a:1c:b6:01:94:89:a9:a6:b3:6e:95:10:94:ed:2b:
03:28:e6:c6:39:cf:fa:15:4b:5e:82:7c:a0:e0:5e:48:30:f7:
dd:6d:cb:35:a9:fa:d5:71:79:33:da:31:f7:07:fa:0e:6f:0f:
42:53:74:1e:e5:0e:09:22:b7:ca:73:69:f0:1a:66:e8:0f:8b:
d2:27:c4:ff:0f:7d:10:b9:fe:f2:a2:c6:d0:fb:a7:02:a4:39:
e8:14:e6:49:f0:a1:4c:52:d1:db:1f:3f:82:e1:b9:df:2c:8f:
fb:53:1e:10
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICROMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTgw
MTA3MjhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDBBQTZFOUJGMTZEN0ZC
NUYyNzFBRTAxMTE4MUNFRTNENzMxMDkwQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxQUMXVUXb0RiG4VURZt18dhYb2RP+Ky4/4/Xp+xD1zmo3pe5n
9n7nrX3L+Zwc3lnmu2Y2QKr0+JuFEGbt62VlNU+r/pi9GzvdiFAGYJe+TzI0l5Jy
FdKqqZUkE/St8dAj8oX7Esi4RutYGbz+vEs6p9bO4HR4ToOnAQJm7kBsf4iuBEx1
y3/p3EJW6kuHINWoQMIQ/BzcLMx6j4L+7Wc/wV2iMzR6yC7HVScYYmX4Yo9C8zwy
VYWgKQxMZ5IgMDScA6jLnXm7hXaNwSLBta9LdOAvCFcGp/Cfy50JMAwPkJSf/mfV
H3BWl8LuD1amN7XGCj1X2XSXvvDD45S/SigrAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUCqbpvxbX+18nGuARGBzuPXMQkK4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9DcWJwdnhiWC0xOG5HdUFSR0J6dVBYTVFrSzQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAQwDQYJKoZIhvcNAQELBQADggEB
AAvY6UyBNN3adgaHFGjcztSEvIAG1XDDxSXQKiYScD2pwll07MG2QCrDHk0K6bHI
HLnwzYpWjkyFFsiBtpJuwtDUywvU0v8RjuT3hm9QLgV22DdTaXrXC3198pTztS9K
+vWNloDSn4bnJ/B3sXJVF/3dJ6B0gQ69gGmJLyDA7neo+vt1G5anV7sRii+p+7j1
JppF81octgGUiamms26VEJTtKwMo5sY5z/oVS16CfKDgXkgw991tyzWp+tVxeTPa
MfcH+g5vD0JTdB7lDgkit8pzafAaZugPi9InxP8PfRC5/vKixtD7pwKkOegU5knw
oUxS0dsfP4Lhud8sj/tTHhA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org