Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/GSEgZCfjr7254YkSk_zh08qABJg.roa
File: GSEgZCfjr7254YkSk_zh08qABJg.roa (raw, json)
Hash identifier: 4kApMaZaGP6YWkZDGnFgd8uDkk1vKQEle0mJTmhTA7M=
Subject key identifier: 19:21:20:64:27:E3:AF:BD:B9:E1:89:12:93:FC:E1:D3:CA:80:04:98
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43CB
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/GSEgZCfjr7254YkSk_zh08qABJg.roa
Signing time: Sat 26 Feb 2022 00:30:09 +0000
ROA not before: Sat 26 Feb 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17355 (0x43cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 26 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=1921206427E3AFBDB9E1891293FCE1D3CA800498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:fb:2c:b1:4b:ba:2a:18:4b:5b:8e:77:e5:
44:a3:b6:17:15:7a:39:c6:4a:98:eb:5b:02:1f:ae:
e9:03:fd:36:b9:bf:c6:c8:38:cd:cc:18:54:3a:a9:
8d:4c:e0:d6:09:79:8e:1b:25:bc:63:88:2d:bb:0e:
75:a9:31:d4:e2:3e:48:53:43:d0:9e:99:6c:d8:88:
80:fd:eb:3d:c8:c2:1b:03:55:2c:0e:47:f6:a3:14:
a4:63:e2:ea:f6:02:08:68:0c:6b:6c:b6:36:50:00:
91:93:8e:26:70:f2:0f:55:b7:a3:b2:f9:f7:3f:91:
d1:a8:66:91:27:c6:17:83:2c:91:5a:bd:03:49:e0:
07:92:8b:12:33:f1:52:c2:47:e0:71:45:27:88:57:
34:4a:74:75:67:c4:5b:0c:94:bf:ca:5a:3b:13:7c:
10:d8:0d:c8:1c:70:94:50:68:4f:ba:cd:99:82:79:
f6:85:cb:32:ed:5c:f4:03:0b:c5:3b:7f:e6:b1:06:
c8:d9:85:eb:c0:b1:0f:90:aa:ab:70:6a:40:ee:22:
d2:82:e6:e9:fc:93:8d:9e:fa:ef:f7:ea:38:49:a0:
94:aa:e1:46:ed:e1:01:e3:d6:2f:98:70:05:c6:f6:
42:de:6f:02:62:d3:b5:b9:c1:94:b2:15:3f:77:9b:
a3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:21:20:64:27:E3:AF:BD:B9:E1:89:12:93:FC:E1:D3:CA:80:04:98
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/GSEgZCfjr7254YkSk_zh08qABJg.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
24:d6:1f:d8:6e:0f:b8:43:19:be:60:94:84:a0:74:e5:a5:46:
da:a3:4e:56:35:27:95:47:0e:cd:98:7e:fc:39:87:d0:d0:c2:
94:bb:ed:f5:21:d9:87:68:9b:42:0b:fb:6c:62:12:7f:ef:82:
b6:61:32:e1:13:85:e8:0a:9e:f3:16:3b:fa:a7:d0:bf:c2:6c:
36:95:1d:83:63:dc:35:b6:76:e6:d1:e3:31:db:18:e7:7d:02:
99:a1:ce:9f:e9:b6:30:63:8f:de:0e:d3:f3:fe:fa:6e:7a:bd:
0f:79:61:48:9b:69:c4:20:1d:90:b9:21:17:de:70:65:50:8a:
50:4e:9f:c1:dc:55:d3:e2:c9:06:60:65:04:cb:7f:7d:59:e2:
da:79:55:62:e3:25:06:ff:12:1a:d5:be:28:7f:d8:76:3f:4d:
56:a2:91:6e:10:ba:2e:86:20:29:0d:e2:e5:ab:8c:2f:95:39:
81:1a:26:14:e1:80:93:4d:8d:d1:35:16:57:7c:bb:31:bb:ac:
03:c2:35:f4:45:ac:be:c7:93:ac:d6:db:55:f9:9b:8a:39:a9:
0a:7f:ef:f2:66:49:99:12:80:d5:b0:74:99:80:0d:08:10:ab:
40:3a:8e:e5:d9:98:7a:68:73:97:d5:db:5c:87:04:6b:af:c4:
07:b4:3b:9c
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ8swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjYw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDE5MjEyMDY0MjdFM0FG
QkRCOUUxODkxMjkzRkNFMUQzQ0E4MDA0OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqN/sssUu6KhhLW4535USjthcVejnGSpjrWwIfrukD/Ta5v8bI
OM3MGFQ6qY1M4NYJeY4bJbxjiC27DnWpMdTiPkhTQ9CemWzYiID96z3IwhsDVSwO
R/ajFKRj4ur2AghoDGtstjZQAJGTjiZw8g9Vt6Oy+fc/kdGoZpEnxheDLJFavQNJ
4AeSixIz8VLCR+BxRSeIVzRKdHVnxFsMlL/KWjsTfBDYDcgccJRQaE+6zZmCefaF
yzLtXPQDC8U7f+axBsjZhevAsQ+QqqtwakDuItKC5un8k42e+u/36jhJoJSq4Ubt
4QHj1i+YcAXG9kLebwJi07W5wZSyFT93m6O5AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUGSEgZCfjr7254YkSk/zh08qABJgwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9HU0VnWkNmanI3MjU0WWtTa196aDA4cUFCSmcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ACTWH9huD7hDGb5glISgdOWlRtqjTlY1J5VHDs2Yfvw5h9DQwpS77fUh2Ydom0IL
+2xiEn/vgrZhMuEThegKnvMWO/qn0L/CbDaVHYNj3DW2dubR4zHbGOd9Apmhzp/p
tjBjj94O0/P++m56vQ95YUibacQgHZC5IRfecGVQilBOn8HcVdPiyQZgZQTLf31Z
4tp5VWLjJQb/EhrVvih/2HY/TVaikW4Qui6GICkN4uWrjC+VOYEaJhThgJNNjdE1
Fld8uzG7rAPCNfRFrL7Hk6zW21X5m4o5qQp/7/JmSZkSgNWwdJmADQgQq0A6juXZ
mHpoc5fV21yHBGuvxAe0O5w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org