Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/DxkEUsJRoPxEsXeNGgMeuKLkTb4.roa
File: DxkEUsJRoPxEsXeNGgMeuKLkTb4.roa (raw, json)
Hash identifier: ghYGw8Q4MhzYqfpTUIK3aYreR5CkGsB8Q4WEnsDpsSM=
Subject key identifier: 0F:19:04:52:C2:51:A0:FC:44:B1:77:8D:1A:03:1E:B8:A2:E4:4D:BE
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 492E
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/DxkEUsJRoPxEsXeNGgMeuKLkTb4.roa
Signing time: Fri 03 Jun 2022 00:30:07 +0000
ROA not before: Fri 03 Jun 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18734 (0x492e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 3 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=0F190452C251A0FC44B1778D1A031EB8A2E44DBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ca:d5:82:cc:60:11:91:5f:a7:91:01:6d:e9:
32:df:4f:58:6f:a2:8d:b0:7d:f5:f8:2e:5b:52:3a:
55:32:f7:bc:fa:dc:45:a9:6c:fa:3f:a6:42:70:c8:
d3:2b:8b:43:52:b0:2d:e9:b3:d9:4d:c7:70:08:1d:
df:99:78:07:da:81:4b:71:95:56:89:52:02:3f:ee:
b9:6a:6d:e3:33:ec:83:98:88:81:e2:7e:43:e2:12:
57:42:92:30:bf:bf:f5:43:30:f8:35:b5:52:93:ce:
c5:6c:3c:95:95:26:e1:64:90:a7:df:bf:f2:f0:10:
f7:c2:12:50:19:29:54:1f:8c:c8:a9:7b:27:b5:c8:
05:a5:14:04:be:fc:26:64:e6:4a:b1:0e:7e:8e:28:
89:88:03:22:5e:05:51:ea:ec:44:11:53:5b:c4:1f:
72:a4:7a:80:5b:f9:fd:2b:f3:f7:19:36:87:43:6b:
70:64:e1:5e:df:e9:a3:3b:2f:1e:f6:f8:f9:9e:67:
53:d4:6a:4a:7e:5c:65:ec:e5:7e:4a:71:7b:25:79:
12:20:ba:d9:94:6e:52:46:f2:b5:20:48:50:de:0a:
21:94:8e:b6:f8:71:d3:2f:51:88:8c:31:cb:f9:cf:
27:bd:6f:0b:61:be:50:9a:1a:cc:2d:95:bb:4b:4a:
6d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:19:04:52:C2:51:A0:FC:44:B1:77:8D:1A:03:1E:B8:A2:E4:4D:BE
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/DxkEUsJRoPxEsXeNGgMeuKLkTb4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:3f:45:2c:66:1b:cd:7d:16:71:43:83:09:f3:f9:73:79:36:
40:9f:70:90:c1:d5:22:27:57:85:3e:f1:7f:3d:03:e3:eb:a8:
36:4f:9e:dd:ed:62:11:ce:ac:6a:50:ad:30:e9:f3:a5:71:a4:
32:f6:a9:09:27:72:dc:dd:c6:2d:b3:44:07:33:db:9f:b8:0e:
74:52:d6:2a:d9:4c:7d:91:4a:17:0f:83:e3:37:d2:ec:65:62:
e6:05:e2:7b:4a:55:5b:8e:4e:a8:41:ac:eb:aa:d6:46:b4:a0:
0e:9d:5d:2d:0b:57:b4:d9:c9:af:1f:83:53:2a:2d:00:71:1f:
23:a5:81:3f:59:f8:bd:3a:48:4f:2b:22:09:81:3c:e0:d6:10:
f0:fb:e4:65:e1:81:a1:6e:73:da:7a:1b:bd:c9:db:1f:93:b0:
3e:16:91:8b:e5:f7:8d:8e:8e:72:fe:f5:78:5b:6c:0f:5f:78:
72:79:52:17:90:d4:d1:87:68:3e:9c:c3:1c:f7:df:14:6b:5d:
aa:77:0f:cb:b2:23:a8:36:b4:44:2a:58:31:fb:36:94:73:54:
a7:32:27:55:fd:92:f8:80:78:ae:50:08:40:83:ea:88:de:91:
80:a5:ed:5b:b0:3d:53:ee:d5:0f:9e:13:5d:18:32:ba:9f:d8:
b7:9e:f9:32
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSS4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDMw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDBGMTkwNDUyQzI1MUEw
RkM0NEIxNzc4RDFBMDMxRUI4QTJFNDREQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeytWCzGARkV+nkQFt6TLfT1hvoo2wffX4LltSOlUy97z63EWp
bPo/pkJwyNMri0NSsC3ps9lNx3AIHd+ZeAfagUtxlVaJUgI/7rlqbeMz7IOYiIHi
fkPiEldCkjC/v/VDMPg1tVKTzsVsPJWVJuFkkKffv/LwEPfCElAZKVQfjMipeye1
yAWlFAS+/CZk5kqxDn6OKImIAyJeBVHq7EQRU1vEH3KkeoBb+f0r8/cZNodDa3Bk
4V7f6aM7Lx72+PmeZ1PUakp+XGXs5X5KcXsleRIgutmUblJG8rUgSFDeCiGUjrb4
cdMvUYiMMcv5zye9bwthvlCaGswtlbtLSm2ZAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUDxkEUsJRoPxEsXeNGgMeuKLkTb4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9EeGtFVXNKUm9QeEVzWGVOR2dNZXVLTGtUYjQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AH8/RSxmG819FnFDgwnz+XN5NkCfcJDB1SInV4U+8X89A+PrqDZPnt3tYhHOrGpQ
rTDp86VxpDL2qQknctzdxi2zRAcz25+4DnRS1irZTH2RShcPg+M30uxlYuYF4ntK
VVuOTqhBrOuq1ka0oA6dXS0LV7TZya8fg1MqLQBxHyOlgT9Z+L06SE8rIgmBPODW
EPD75GXhgaFuc9p6G73J2x+TsD4WkYvl942OjnL+9XhbbA9feHJ5UheQ1NGHaD6c
wxz33xRrXap3D8uyI6g2tEQqWDH7NpRzVKcyJ1X9kviAeK5QCECD6ojekYCl7Vuw
PVPu1Q+eE10YMrqf2Lee+TI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org