Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/DJi8qZLbIRIM3Ya6KKZ3yDS1dyU.roa
File: DJi8qZLbIRIM3Ya6KKZ3yDS1dyU.roa (raw, json)
Hash identifier: ARJRDlCKYSCrJXToO72VkzT9DqY7mUxB9uAZbK9Lgas=
Subject key identifier: 0C:98:BC:A9:92:DB:21:12:0C:DD:86:BA:28:A6:77:C8:34:B5:77:25
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 45B3
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/DJi8qZLbIRIM3Ya6KKZ3yDS1dyU.roa
Signing time: Sat 02 Apr 2022 00:30:09 +0000
ROA not before: Sat 02 Apr 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17843 (0x45b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 2 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=0C98BCA992DB21120CDD86BA28A677C834B57725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:95:cb:61:b4:60:9f:8c:9c:34:a1:b1:9b:4e:
a8:ba:ce:64:28:95:8d:f2:e5:bb:7b:f6:bd:b6:e8:
f9:4c:00:28:e8:6b:5e:71:a8:fb:2f:b6:49:7e:bb:
6a:cc:ea:a4:39:73:88:b4:98:3f:47:90:32:74:fb:
63:87:fc:dc:b2:fb:81:11:2a:ec:33:96:55:38:30:
31:77:4d:c8:65:ab:c8:fb:35:2c:88:5b:ca:aa:95:
fa:71:4a:b7:bf:81:e6:36:83:37:87:36:7b:1a:c9:
72:71:20:bc:5c:6a:70:e0:17:ef:fd:1b:b1:67:20:
ff:70:91:a3:3f:b7:45:bd:e4:b6:17:b8:7f:4d:70:
ff:de:58:d3:c5:b5:8c:b7:fa:f7:f7:c2:c3:05:4a:
e9:ba:41:c9:5d:7b:64:18:3b:12:55:fe:d2:b6:a7:
e3:d0:60:bf:b9:73:81:39:8d:1b:06:31:3e:cf:63:
59:25:7c:7b:5a:59:c4:40:dc:18:00:86:e3:6a:cf:
7f:35:b4:aa:4f:c4:fb:a4:62:84:02:51:af:c5:e9:
d9:e4:5e:cc:79:ca:96:9f:23:3d:d6:6a:d5:eb:c1:
b0:5a:ec:07:c1:5b:72:94:34:3b:c8:45:17:fa:c8:
8d:a5:f3:ba:f5:09:12:f5:bc:f6:08:fa:8b:ce:0d:
89:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:98:BC:A9:92:DB:21:12:0C:DD:86:BA:28:A6:77:C8:34:B5:77:25
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/DJi8qZLbIRIM3Ya6KKZ3yDS1dyU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:cb:cd:08:14:e0:dc:2e:25:1d:82:df:ac:af:b6:d5:dc:9e:
3e:b0:31:13:12:45:b0:b3:7e:fb:63:02:e1:1f:1d:e4:86:d9:
77:fc:5d:09:71:d9:7c:ad:1f:78:37:e6:2a:95:46:08:a3:be:
92:78:6f:ca:ad:9f:f3:d8:f2:cf:67:4a:51:4f:ec:43:50:61:
a3:0a:44:a6:01:ae:c3:32:fb:57:ba:e1:89:d1:86:ee:a0:2e:
54:59:a3:de:65:81:7f:f7:4c:09:06:d6:1e:ec:59:18:14:49:
d2:27:74:68:8d:ed:f6:1b:f9:7d:b8:d4:f9:f2:8c:8e:e3:54:
56:d9:c5:0c:5b:cb:38:4b:e0:27:2f:f3:45:d4:e4:a7:d0:db:
9f:b0:f9:04:5b:61:47:fc:e7:aa:60:6a:af:ab:62:80:98:44:
9a:54:cf:de:ef:6e:5c:59:45:4b:d4:c2:c6:e6:b5:cc:99:8a:
e8:6d:03:8c:0e:d7:82:d6:62:a2:c5:c9:1f:a1:92:68:d0:8d:
aa:47:60:f5:6c:77:e5:6f:20:03:a6:95:c8:21:2e:9d:5f:b4:
db:8c:b0:99:55:a8:73:80:8b:4c:1a:ee:2d:c3:fd:7e:89:d5:
2b:4c:48:24:d5:56:a0:ea:50:d6:2c:81:41:54:25:b1:f1:82:
8a:a7:5b:de
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRbMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MDIw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDBDOThCQ0E5OTJEQjIx
MTIwQ0REODZCQTI4QTY3N0M4MzRCNTc3MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCklcthtGCfjJw0obGbTqi6zmQolY3y5bt79r226PlMACjoa15x
qPsvtkl+u2rM6qQ5c4i0mD9HkDJ0+2OH/Nyy+4ERKuwzllU4MDF3Tchlq8j7NSyI
W8qqlfpxSre/geY2gzeHNnsayXJxILxcanDgF+/9G7FnIP9wkaM/t0W95LYXuH9N
cP/eWNPFtYy3+vf3wsMFSum6Qclde2QYOxJV/tK2p+PQYL+5c4E5jRsGMT7PY1kl
fHtaWcRA3BgAhuNqz381tKpPxPukYoQCUa/F6dnkXsx5ypafIz3WatXrwbBa7AfB
W3KUNDvIRRf6yI2l87r1CRL1vPYI+ovODYlbAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUDJi8qZLbIRIM3Ya6KKZ3yDS1dyUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ESmk4cVpMYklSSU0zWWE2S0taM3lEUzFkeVUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AKnLzQgU4NwuJR2C36yvttXcnj6wMRMSRbCzfvtjAuEfHeSG2Xf8XQlx2XytH3g3
5iqVRgijvpJ4b8qtn/PY8s9nSlFP7ENQYaMKRKYBrsMy+1e64YnRhu6gLlRZo95l
gX/3TAkG1h7sWRgUSdIndGiN7fYb+X241PnyjI7jVFbZxQxbyzhL4Ccv80XU5KfQ
25+w+QRbYUf856pgaq+rYoCYRJpUz97vblxZRUvUwsbmtcyZiuhtA4wO14LWYqLF
yR+hkmjQjapHYPVsd+VvIAOmlcghLp1ftNuMsJlVqHOAi0wa7i3D/X6J1StMSCTV
VqDqUNYsgUFUJbHxgoqnW94=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org