Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/DLFWM4n8WRcUGHlwFgIx5Xvicz0.roa
File: DLFWM4n8WRcUGHlwFgIx5Xvicz0.roa (raw, json)
Hash identifier: 1lRklauYf9zy01WjkMUtgQoUCVkc+0wQao/5m1i3w9k=
Subject key identifier: 0C:B1:56:33:89:FC:59:17:14:18:79:70:16:02:31:E5:7B:E2:73:3D
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 49AF
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/DLFWM4n8WRcUGHlwFgIx5Xvicz0.roa
Signing time: Sat 11 Jun 2022 00:30:06 +0000
ROA not before: Sat 11 Jun 2022 00:30:06 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18863 (0x49af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 11 00:30:06 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=0CB1563389FC591714187970160231E57BE2733D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:51:f6:86:25:eb:e5:72:c1:73:8a:02:de:47:
f6:94:37:e7:2e:a8:61:e7:7f:ca:38:63:f7:33:30:
43:42:9f:a9:c3:8a:79:47:1c:7e:90:dc:7e:8d:1d:
9a:3c:ad:17:be:2e:df:56:82:60:09:31:63:e9:ad:
85:e0:ec:f3:73:59:4f:cd:14:15:81:73:49:b6:a9:
d4:b2:21:8a:0c:58:c1:06:89:6c:23:d7:ee:9d:5d:
86:34:18:6c:35:0a:6e:ad:8f:d1:10:3c:6a:a5:01:
78:ea:f3:4d:92:10:c2:71:7b:29:d9:06:ea:03:3d:
66:29:a4:bb:79:82:2e:60:30:b0:f4:ec:76:45:8e:
b9:b8:02:06:12:5c:87:bf:24:4a:ac:b3:85:8d:2a:
78:1b:6d:fb:8b:a9:ce:58:6f:de:ab:1a:75:b8:d4:
b0:71:01:94:ea:9c:69:9c:e2:27:a2:48:68:95:3d:
2c:13:ba:7f:1d:8c:f5:56:57:46:03:db:c6:20:aa:
a7:a4:ad:01:99:61:3e:ee:9e:6d:b5:ba:a2:58:f1:
5c:ad:41:50:d2:99:6c:50:71:97:26:d1:7e:ad:eb:
53:74:db:31:b6:69:63:02:b4:5a:cb:33:79:ea:16:
dd:13:cf:2f:aa:96:e9:40:91:3b:ab:c7:37:2b:7b:
b2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:B1:56:33:89:FC:59:17:14:18:79:70:16:02:31:E5:7B:E2:73:3D
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/DLFWM4n8WRcUGHlwFgIx5Xvicz0.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:34:f1:b4:54:89:a0:1f:d6:16:52:4d:65:a2:42:5c:37:40:
2f:e2:37:05:b1:51:31:a7:17:ca:43:a7:f4:79:e7:ad:2f:d8:
ab:03:39:29:55:3f:b8:cb:bd:6b:8e:91:84:22:de:0a:c0:f5:
c9:f8:01:dd:7a:48:e0:13:a3:3b:54:65:99:66:56:4b:36:cb:
7b:84:a2:ac:9c:b7:c6:c1:a8:86:ac:4a:4f:27:9a:5d:97:4d:
0f:31:aa:25:0f:e7:36:4f:b9:41:15:ca:c3:46:26:44:d7:dd:
de:fa:b2:88:ed:bf:e8:31:3f:d1:cd:af:0c:e8:a0:4b:ac:d4:
43:53:7a:c2:86:b0:b4:73:21:a4:60:52:31:07:e1:40:8e:ad:
a2:cd:3a:0b:20:74:f7:86:52:d7:0f:7d:db:71:da:cc:8f:09:
d1:9f:ff:72:35:40:9c:b8:3c:27:a8:6e:de:dc:68:d6:37:80:
50:c9:49:87:76:24:72:50:45:1a:fa:b3:0b:18:d9:03:ef:48:
a2:c0:ee:0c:63:32:35:c0:d4:07:45:c4:41:28:f6:cd:4e:76:
1d:b4:de:1a:b1:8b:1f:86:f3:b3:48:15:19:07:5a:b8:c7:71:
1a:50:62:1d:42:81:14:cf:c1:4c:db:19:70:1d:58:24:50:67:
8a:59:cb:47
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSa8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MTEw
MDMwMDZaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDBDQjE1NjMzODlGQzU5
MTcxNDE4Nzk3MDE2MDIzMUU1N0JFMjczM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaUfaGJevlcsFzigLeR/aUN+cuqGHnf8o4Y/czMENCn6nDinlH
HH6Q3H6NHZo8rRe+Lt9WgmAJMWPprYXg7PNzWU/NFBWBc0m2qdSyIYoMWMEGiWwj
1+6dXYY0GGw1Cm6tj9EQPGqlAXjq802SEMJxeynZBuoDPWYppLt5gi5gMLD07HZF
jrm4AgYSXIe/JEqss4WNKngbbfuLqc5Yb96rGnW41LBxAZTqnGmc4ieiSGiVPSwT
un8djPVWV0YD28YgqqekrQGZYT7unm21uqJY8VytQVDSmWxQcZcm0X6t61N02zG2
aWMCtFrLM3nqFt0Tzy+qlulAkTurxzcre7KjAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUDLFWM4n8WRcUGHlwFgIx5Xvicz0wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ETEZXTTRuOFdSY1VHSGx3RmdJeDVYdmljejAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AD808bRUiaAf1hZSTWWiQlw3QC/iNwWxUTGnF8pDp/R5560v2KsDOSlVP7jLvWuO
kYQi3grA9cn4Ad16SOAToztUZZlmVks2y3uEoqyct8bBqIasSk8nml2XTQ8xqiUP
5zZPuUEVysNGJkTX3d76sojtv+gxP9HNrwzooEus1ENTesKGsLRzIaRgUjEH4UCO
raLNOgsgdPeGUtcPfdtx2syPCdGf/3I1QJy4PCeobt7caNY3gFDJSYd2JHJQRRr6
swsY2QPvSKLA7gxjMjXA1AdFxEEo9s1Odh203hqxix+G87NIFRkHWrjHcRpQYh1C
gRTPwUzbGXAdWCRQZ4pZy0c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org