Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/D3WeZqynxicOCvkqN4asTv9jfOk.roa
File: D3WeZqynxicOCvkqN4asTv9jfOk.roa (raw, json)
Hash identifier: 5U07FifBM6jSLFBbQgLdH6eJ4s+nJOfUKzsG/MezxxU=
Subject key identifier: 0F:75:9E:66:AC:A7:C6:27:0E:0A:F9:2A:37:86:AC:4E:FF:63:7C:E9
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 46D9
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/D3WeZqynxicOCvkqN4asTv9jfOk.roa
Signing time: Sat 23 Apr 2022 00:30:09 +0000
ROA not before: Sat 23 Apr 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18137 (0x46d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 23 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=0F759E66ACA7C6270E0AF92A3786AC4EFF637CE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7e:4e:19:dd:f1:3e:39:ee:35:85:6b:14:04:
cd:d4:f3:a9:23:9a:44:7a:29:a1:fa:da:46:1a:fd:
ce:4b:fe:ee:b2:99:b0:48:45:99:92:a6:a3:46:1a:
ac:c0:bc:77:c7:8a:04:78:8e:38:71:44:76:ef:2b:
01:87:2d:af:27:eb:64:a1:8d:11:10:03:fa:76:e1:
62:a8:29:86:ab:e5:19:35:79:6e:b6:d6:3b:2e:12:
87:58:28:f9:d5:de:ab:3d:58:cf:1a:d9:49:84:c0:
d1:65:0b:54:7b:b4:44:f6:65:c9:f1:9d:a0:86:16:
a3:72:5c:1f:98:d3:df:28:45:7c:e4:1c:15:53:5d:
ac:04:5e:07:64:e0:75:3d:25:7e:b4:44:72:dd:2d:
bc:a1:77:8a:82:72:a1:46:f3:57:ef:8b:c1:2d:19:
e5:94:c4:9e:3f:43:81:b1:6b:de:bd:ff:65:4b:56:
33:62:12:0c:59:93:b4:60:07:0c:c0:80:1b:3d:2e:
7a:23:99:f3:dc:9b:98:7d:21:8a:1a:cf:2d:55:5f:
be:8e:d0:ad:bd:a3:30:66:c5:f3:71:c4:bd:5b:9d:
ea:36:c7:ef:be:23:a7:e2:c4:81:99:c9:2e:e2:95:
ae:eb:5b:32:9d:e7:aa:6c:5a:f6:9f:81:2f:ae:36:
ce:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:75:9E:66:AC:A7:C6:27:0E:0A:F9:2A:37:86:AC:4E:FF:63:7C:E9
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/D3WeZqynxicOCvkqN4asTv9jfOk.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:6e:59:ff:e6:2d:47:c8:ad:52:de:3d:77:84:9b:7a:35:d5:
46:af:52:38:22:22:ce:50:df:5b:07:ff:46:2e:12:56:a8:c2:
3c:15:f7:16:4b:47:ef:b7:fe:44:8a:18:5c:0d:f0:9f:b5:08:
b6:2a:e6:31:6f:3f:51:29:35:b1:db:7b:d4:fa:c7:8d:e2:e4:
0c:01:80:4c:40:f5:fa:79:62:9f:75:c7:21:fa:2e:d1:e3:ff:
e0:c0:2d:9d:63:aa:a0:b2:b7:28:b6:72:8c:db:47:f8:b0:17:
7f:9d:6b:eb:cd:f5:dc:03:4c:a8:0d:50:18:fc:10:f5:dd:24:
89:f7:c6:11:38:06:bb:2a:e4:f6:6b:d8:c0:d1:66:7a:a6:f4:
76:6a:6a:81:ad:63:8e:a3:35:66:2e:0a:69:58:f3:2d:1a:85:
2b:a2:48:00:7b:16:ad:dd:ef:de:04:56:43:07:cb:60:07:33:
e7:7f:d9:fd:39:72:9a:4c:57:c7:0b:5c:5e:79:89:93:a6:1b:
5d:cd:18:22:95:27:e3:9a:5e:1f:47:16:6e:a5:95:73:1d:cd:
f3:a4:5c:74:11:56:88:99:3f:63:b7:de:60:c7:be:b2:76:60:
4d:10:5f:6e:7e:b3:bb:de:c0:58:a3:ca:5b:8d:eb:fa:64:6e:
0b:a4:c5:82
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRtkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MjMw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDBGNzU5RTY2QUNBN0M2
MjcwRTBBRjkyQTM3ODZBQzRFRkY2MzdDRTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPfk4Z3fE+Oe41hWsUBM3U86kjmkR6KaH62kYa/c5L/u6ymbBI
RZmSpqNGGqzAvHfHigR4jjhxRHbvKwGHLa8n62ShjREQA/p24WKoKYar5Rk1eW62
1jsuEodYKPnV3qs9WM8a2UmEwNFlC1R7tET2ZcnxnaCGFqNyXB+Y098oRXzkHBVT
XawEXgdk4HU9JX60RHLdLbyhd4qCcqFG81fvi8EtGeWUxJ4/Q4Gxa969/2VLVjNi
EgxZk7RgBwzAgBs9LnojmfPcm5h9IYoazy1VX76O0K29ozBmxfNxxL1bneo2x+++
I6fixIGZyS7ila7rWzKd56psWvafgS+uNs4HAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUD3WeZqynxicOCvkqN4asTv9jfOkwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9EM1dlWnF5bnhpY09DdmtxTjRhc1R2OWpmT2sucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ALFuWf/mLUfIrVLePXeEm3o11UavUjgiIs5Q31sH/0YuElaowjwV9xZLR++3/kSK
GFwN8J+1CLYq5jFvP1EpNbHbe9T6x43i5AwBgExA9fp5Yp91xyH6LtHj/+DALZ1j
qqCytyi2cozbR/iwF3+da+vN9dwDTKgNUBj8EPXdJIn3xhE4Brsq5PZr2MDRZnqm
9HZqaoGtY46jNWYuCmlY8y0ahSuiSAB7Fq3d794EVkMHy2AHM+d/2f05cppMV8cL
XF55iZOmG13NGCKVJ+OaXh9HFm6llXMdzfOkXHQRVoiZP2O33mDHvrJ2YE0QX25+
s7vewFijyluN6/pkbgukxYI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org