Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/HNuOW_qZIWEKDH5NH8iGppr536k.roa
File: HNuOW_qZIWEKDH5NH8iGppr536k.roa (raw, json)
Hash identifier: A/BHPGw2YLCCrLzChdmFKSfB5YOymfPvIrMyKnseOFU=
Subject key identifier: 1C:DB:8E:5B:FA:99:21:61:0A:0C:7E:4D:1F:C8:86:A6:9A:F9:DF:A9
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4899
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/HNuOW_qZIWEKDH5NH8iGppr536k.roa
Signing time: Wed 25 May 2022 00:30:08 +0000
ROA not before: Wed 25 May 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18585 (0x4899)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 25 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=1CDB8E5BFA9921610A0C7E4D1FC886A69AF9DFA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ef:78:24:ab:1a:88:ab:02:8a:ce:02:81:f0:
f4:8f:1e:6d:0e:46:61:eb:5a:49:7a:da:94:79:9c:
8b:bf:b1:33:04:16:5b:56:8c:bb:a4:32:68:a6:5c:
b4:4e:44:7c:0f:56:25:cc:57:e5:76:db:ce:7e:ce:
04:8d:03:da:ac:37:62:96:57:0f:0a:17:88:19:29:
bc:92:2a:0a:06:39:b9:2d:de:55:db:86:fa:cc:1d:
a8:92:2b:13:f0:17:86:54:bb:e6:51:91:a8:90:9c:
d8:e4:b3:1b:81:8c:75:fa:34:9f:27:db:91:a5:76:
39:32:5f:aa:3d:f2:a0:3d:74:92:e2:e4:7f:f2:54:
bf:b2:fa:16:e8:f6:c6:44:11:70:dd:a2:0d:ba:96:
00:21:a1:d1:78:2e:25:02:66:84:0e:6b:1f:e6:fc:
c6:41:fd:1b:15:a8:b6:15:73:6a:2f:cc:10:62:ad:
7c:85:54:58:c1:ce:d5:17:9b:2c:0b:1d:79:c0:56:
82:98:bd:5d:75:86:fd:c7:37:4e:e8:62:d8:01:13:
29:24:75:ae:60:63:12:c4:d1:c8:1c:c2:2b:f7:28:
25:18:26:31:29:3b:9a:4d:ac:cb:da:bc:f2:18:90:
10:5b:20:c0:b4:39:c4:00:27:d2:8e:91:65:c6:b8:
8a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DB:8E:5B:FA:99:21:61:0A:0C:7E:4D:1F:C8:86:A6:9A:F9:DF:A9
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/HNuOW_qZIWEKDH5NH8iGppr536k.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:a3:76:c9:97:8a:51:4c:7b:f0:42:79:85:97:6b:6f:30:bf:
64:b6:34:61:47:84:5b:dd:7c:62:ef:97:47:0e:13:06:55:0a:
7d:e7:27:22:3f:40:b1:67:00:68:67:b4:f0:ee:0c:ba:71:b9:
6e:2c:4a:f0:5e:6a:66:2f:01:a9:7c:a0:b4:fc:75:d0:00:eb:
17:ef:a4:80:e9:29:0d:20:67:63:33:d8:64:d4:eb:0a:df:8f:
5a:dc:be:42:d4:26:d9:90:f3:c2:eb:44:8e:07:f3:3f:6a:81:
4c:e1:66:b3:b4:b1:4e:e9:6e:57:c9:b8:71:9f:20:e9:8d:04:
1b:dd:dd:3f:e1:e6:bd:08:88:b6:47:12:5b:6b:c3:8f:b8:1a:
71:63:f1:16:c8:18:f4:cb:e6:ba:05:41:73:7c:04:c7:b1:f9:
c3:5f:d8:bc:ca:6c:d2:0a:38:d9:d0:6b:98:a7:8a:ff:78:a6:
b7:8b:51:8b:e7:86:e4:3c:16:2d:4b:03:44:ea:51:a6:14:85:
7d:10:16:06:53:56:5b:09:f0:e1:c0:15:1f:1e:20:e8:4d:2e:
fd:84:1e:3f:4a:67:f2:1c:d7:25:0c:3f:28:c7:60:3d:60:39:
26:ce:ea:7f:7a:31:de:32:a7:02:39:af:a5:db:05:0c:8a:8d:
7e:ef:58:19
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MjUw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDFDREI4RTVCRkE5OTIx
NjEwQTBDN0U0RDFGQzg4NkE2OUFGOURGQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC473gkqxqIqwKKzgKB8PSPHm0ORmHrWkl62pR5nIu/sTMEFltW
jLukMmimXLRORHwPViXMV+V2285+zgSNA9qsN2KWVw8KF4gZKbySKgoGObkt3lXb
hvrMHaiSKxPwF4ZUu+ZRkaiQnNjksxuBjHX6NJ8n25GldjkyX6o98qA9dJLi5H/y
VL+y+hbo9sZEEXDdog26lgAhodF4LiUCZoQOax/m/MZB/RsVqLYVc2ovzBBirXyF
VFjBztUXmywLHXnAVoKYvV11hv3HN07oYtgBEykkda5gYxLE0cgcwiv3KCUYJjEp
O5pNrMvavPIYkBBbIMC0OcQAJ9KOkWXGuIrJAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUHNuOW/qZIWEKDH5NH8iGppr536kwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ITnVPV19xWklXRUtESDVOSDhpR3BwcjUzNmsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ALWjdsmXilFMe/BCeYWXa28wv2S2NGFHhFvdfGLvl0cOEwZVCn3nJyI/QLFnAGhn
tPDuDLpxuW4sSvBeamYvAal8oLT8ddAA6xfvpIDpKQ0gZ2Mz2GTU6wrfj1rcvkLU
JtmQ88LrRI4H8z9qgUzhZrO0sU7pblfJuHGfIOmNBBvd3T/h5r0IiLZHEltrw4+4
GnFj8RbIGPTL5roFQXN8BMex+cNf2LzKbNIKONnQa5iniv94preLUYvnhuQ8Fi1L
A0TqUaYUhX0QFgZTVlsJ8OHAFR8eIOhNLv2EHj9KZ/Ic1yUMPyjHYD1gOSbO6n96
Md4ypwI5r6XbBQyKjX7vWBk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org