Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Cub0dZFwNenOepOrxWRhfsY0f7g.roa
File: Cub0dZFwNenOepOrxWRhfsY0f7g.roa (raw, json)
Hash identifier: dXskG4X5rGVOwZ2FX48g+/hZobDNYer4KZzSRjeVELo=
Subject key identifier: 0A:E6:F4:75:91:70:35:E9:CE:7A:93:AB:C5:64:61:7E:C6:34:7F:B8
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4379
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Cub0dZFwNenOepOrxWRhfsY0f7g.roa
Signing time: Sun 20 Feb 2022 00:30:08 +0000
ROA not before: Sun 20 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17273 (0x4379)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 20 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=0AE6F475917035E9CE7A93ABC564617EC6347FB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:89:b1:dd:63:7e:ca:79:c8:fd:16:12:53:92:
55:e0:27:e9:a1:d6:56:a8:c0:ec:73:e5:8a:58:4f:
f3:54:44:5e:34:67:2a:ab:1f:e2:65:b7:85:dc:3a:
8f:7a:d1:6c:31:f7:80:3d:0b:e4:bc:f6:5b:97:34:
21:0f:8a:1b:14:a2:52:b2:30:3e:b3:ba:79:ab:86:
50:d2:fc:17:3a:1a:b6:f0:b2:96:ec:13:47:3c:51:
99:60:50:c5:cd:11:55:e8:a5:cd:da:3f:ae:dc:9e:
34:7a:ad:82:c1:8a:25:d7:ac:79:e6:f0:6c:a6:4d:
e3:66:26:83:d9:42:b6:6e:dc:e9:8d:c3:2d:9a:84:
ee:bd:57:92:e6:33:42:b7:60:39:cf:03:af:56:7b:
a8:83:f2:d0:b2:a9:91:a9:53:11:79:0d:38:8c:d5:
53:57:21:2e:e4:b8:9f:ea:4d:0d:2d:8b:99:1a:c1:
c2:1a:02:9b:05:1b:41:8d:00:34:43:42:f0:da:97:
55:16:02:fa:d6:84:40:60:84:6f:51:08:f5:71:d1:
ee:d7:ae:df:be:c6:f5:c1:eb:f3:ca:56:7c:af:d6:
be:9c:3a:8d:a2:1a:91:31:4d:ef:d9:ce:89:7f:44:
b3:07:aa:e3:da:af:72:40:eb:33:c6:27:0d:20:10:
51:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E6:F4:75:91:70:35:E9:CE:7A:93:AB:C5:64:61:7E:C6:34:7F:B8
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Cub0dZFwNenOepOrxWRhfsY0f7g.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
52:59:94:86:f2:0a:ea:25:d6:30:72:c3:03:31:e0:66:07:b4:
ad:6f:0a:70:c3:9e:cc:45:ac:78:f9:df:6d:a8:a5:1f:69:16:
9a:9c:f6:ee:b5:24:86:f8:f7:4b:cf:bb:4d:bc:12:db:44:cc:
8f:7d:95:21:1d:5c:d7:f7:3e:96:fb:80:67:b0:7e:f6:44:88:
f1:ac:67:6c:72:2e:63:a5:c7:02:07:56:78:21:d9:52:77:01:
a1:d3:3d:27:b9:e9:6e:34:f5:57:e0:20:fb:9b:88:c4:d4:e6:
41:3b:2e:0a:15:33:28:9d:3c:a4:1a:50:d4:38:3f:77:d4:eb:
a7:62:ce:35:9a:a7:9d:32:32:bd:f0:8c:8a:fd:98:73:dd:9c:
25:47:fb:45:ed:03:75:bd:61:de:e7:b2:5e:8f:ef:aa:10:eb:
1b:92:43:cc:8c:dd:34:4a:43:1e:4b:28:69:38:bd:a1:19:b3:
3c:f1:0b:ae:09:93:f6:7d:31:d5:60:ed:a1:b8:bb:13:c1:af:
9c:d2:56:23:7e:5b:ea:f2:f5:6b:13:a0:c2:83:bc:da:be:ba:
83:fc:a8:19:cf:40:42:5c:03:38:03:83:84:de:eb:0c:fa:7a:
d5:69:52:9a:66:bc:23:73:26:c4:df:7d:63:01:5d:74:86:6f:
18:c9:1e:51
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ3kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjAw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDBBRTZGNDc1OTE3MDM1
RTlDRTdBOTNBQkM1NjQ2MTdFQzYzNDdGQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7ibHdY37Kecj9FhJTklXgJ+mh1laowOxz5YpYT/NURF40Zyqr
H+Jlt4XcOo960Wwx94A9C+S89luXNCEPihsUolKyMD6zunmrhlDS/Bc6Grbwspbs
E0c8UZlgUMXNEVXopc3aP67cnjR6rYLBiiXXrHnm8GymTeNmJoPZQrZu3OmNwy2a
hO69V5LmM0K3YDnPA69We6iD8tCyqZGpUxF5DTiM1VNXIS7kuJ/qTQ0ti5kawcIa
ApsFG0GNADRDQvDal1UWAvrWhEBghG9RCPVx0e7Xrt++xvXB6/PKVnyv1r6cOo2i
GpExTe/Zzol/RLMHquPar3JA6zPGJw0gEFEPAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUCub0dZFwNenOepOrxWRhfsY0f7gwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9DdWIwZFpGd05lbk9lcE9yeFdSaGZzWTBmN2cucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AFJZlIbyCuol1jBywwMx4GYHtK1vCnDDnsxFrHj5322opR9pFpqc9u61JIb490vP
u028EttEzI99lSEdXNf3Ppb7gGewfvZEiPGsZ2xyLmOlxwIHVngh2VJ3AaHTPSe5
6W409VfgIPubiMTU5kE7LgoVMyidPKQaUNQ4P3fU66dizjWap50yMr3wjIr9mHPd
nCVH+0XtA3W9Yd7nsl6P76oQ6xuSQ8yM3TRKQx5LKGk4vaEZszzxC64Jk/Z9MdVg
7aG4uxPBr5zSViN+W+ry9WsToMKDvNq+uoP8qBnPQEJcAzgDg4Te6wz6etVpUppm
vCNzJsTffWMBXXSGbxjJHlE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org