Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/DxuLjIwPljqZMTLiykwqVsrhaLc.roa
File: DxuLjIwPljqZMTLiykwqVsrhaLc.roa (raw, json)
Hash identifier: rFQWDiDH31fXy5x5tqX62t5QcNm6VRuYKsFPLX/nw1I=
Subject key identifier: 0F:1B:8B:8C:8C:0F:96:3A:99:31:32:E2:CA:4C:2A:56:CA:E1:68:B7
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4345
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/DxuLjIwPljqZMTLiykwqVsrhaLc.roa
Signing time: Wed 16 Feb 2022 00:30:08 +0000
ROA not before: Wed 16 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17221 (0x4345)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 16 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=0F1B8B8C8C0F963A993132E2CA4C2A56CAE168B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a9:88:05:8b:52:1f:e3:bb:d9:44:64:7b:48:
f8:bb:6f:5d:18:4f:69:4e:4c:fa:04:14:ca:04:05:
39:06:cf:2f:4a:0f:eb:b7:75:76:f7:4d:2e:a3:8b:
45:72:8b:23:2f:18:59:cd:20:ae:1c:8a:37:2b:41:
e5:a5:a9:07:1d:4f:b8:ba:2e:74:bf:b5:80:7b:78:
f1:ea:f8:f3:a4:13:e4:14:d7:be:61:b5:5a:37:09:
90:3a:2f:a7:9e:a4:ec:f0:b3:a0:7c:9b:90:e5:ce:
e4:0a:9a:81:a1:51:7f:9b:8f:02:13:37:af:da:89:
38:e4:7b:7d:b0:5f:00:19:fa:71:7d:20:18:db:9c:
43:0d:0d:7f:68:48:6c:4d:41:30:6e:b6:64:eb:f1:
67:a9:50:ea:d8:7e:40:d5:08:98:24:e6:3e:4c:bd:
03:99:6d:0a:69:5b:82:1c:4b:8f:90:2c:28:dd:2b:
61:d8:82:04:6b:a3:0c:6e:af:74:e9:5d:20:02:c6:
e1:6e:71:58:a0:65:56:79:49:c5:98:be:c6:cf:d3:
4b:66:06:e6:03:95:2a:d4:f0:9c:3d:d9:e2:58:e3:
e8:24:bc:46:78:5c:0f:f5:e5:18:58:f6:df:80:6a:
cf:47:06:7b:07:05:ea:23:26:9c:7f:cb:2c:f2:83:
f4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:1B:8B:8C:8C:0F:96:3A:99:31:32:E2:CA:4C:2A:56:CA:E1:68:B7
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/DxuLjIwPljqZMTLiykwqVsrhaLc.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
82:ac:82:4e:56:e4:9e:cf:fd:fc:e7:3a:de:b5:37:ba:cb:d9:
2a:75:bd:88:b3:84:6d:e8:8f:da:16:02:70:b4:32:0e:22:96:
ea:8d:49:28:41:b4:35:fb:3a:29:c2:8a:0f:22:e8:7e:fb:f8:
5d:3f:42:d7:f0:26:5c:07:80:6b:d2:08:69:a7:da:b8:b5:d1:
23:5b:b1:3b:58:a1:26:72:b1:47:09:09:e2:62:41:12:10:eb:
cf:e9:1f:f2:a9:f6:f1:1e:40:40:50:c5:70:95:b2:3a:91:3e:
50:3e:b8:c9:39:8f:5b:ca:bf:e7:47:c4:09:0e:6a:d0:20:28:
0a:ea:4b:26:8d:e3:16:b8:ae:d6:2a:28:92:6f:63:94:f0:e6:
3f:52:73:02:09:f1:fe:f0:12:63:e3:69:80:4b:54:d8:8f:f7:
91:ef:92:6b:5c:9b:03:ca:06:0b:5d:b3:26:1a:d4:b6:b7:ab:
0d:65:7b:e4:3a:37:38:f3:4b:f7:2a:90:99:b0:49:bf:6b:04:
38:7a:e9:89:b9:16:31:46:75:03:1e:ec:bc:1b:0f:e8:e0:c1:
a5:60:60:7e:f2:70:8a:e4:8d:10:4c:5c:8c:16:65:c3:1e:b0:
e3:d5:67:ea:75:c8:d6:ed:95:1e:8c:e5:6a:9d:bd:4f:57:d6:
bb:72:06:be
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ0UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTYw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDBGMUI4QjhDOEMwRjk2
M0E5OTMxMzJFMkNBNEMyQTU2Q0FFMTY4QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyqYgFi1If47vZRGR7SPi7b10YT2lOTPoEFMoEBTkGzy9KD+u3
dXb3TS6ji0VyiyMvGFnNIK4cijcrQeWlqQcdT7i6LnS/tYB7ePHq+POkE+QU175h
tVo3CZA6L6eepOzws6B8m5DlzuQKmoGhUX+bjwITN6/aiTjke32wXwAZ+nF9IBjb
nEMNDX9oSGxNQTButmTr8WepUOrYfkDVCJgk5j5MvQOZbQppW4IcS4+QLCjdK2HY
ggRrowxur3TpXSACxuFucVigZVZ5ScWYvsbP00tmBuYDlSrU8Jw92eJY4+gkvEZ4
XA/15RhY9t+Aas9HBnsHBeojJpx/yyzyg/QDAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUDxuLjIwPljqZMTLiykwqVsrhaLcwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9EeHVMakl3UGxqcVpNVExpeWt3cVZzcmhhTGMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AIKsgk5W5J7P/fznOt61N7rL2Sp1vYizhG3oj9oWAnC0Mg4iluqNSShBtDX7OinC
ig8i6H77+F0/QtfwJlwHgGvSCGmn2ri10SNbsTtYoSZysUcJCeJiQRIQ68/pH/Kp
9vEeQEBQxXCVsjqRPlA+uMk5j1vKv+dHxAkOatAgKArqSyaN4xa4rtYqKJJvY5Tw
5j9ScwIJ8f7wEmPjaYBLVNiP95HvkmtcmwPKBgtdsyYa1La3qw1le+Q6NzjzS/cq
kJmwSb9rBDh66Ym5FjFGdQMe7LwbD+jgwaVgYH7ycIrkjRBMXIwWZcMesOPVZ+p1
yNbtlR6M5WqdvU9X1rtyBr4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org