Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/HThcBde9oxZRS5jG0mp6Mkve3fE.roa
File: HThcBde9oxZRS5jG0mp6Mkve3fE.roa (raw, json)
Hash identifier: M7IITzz7Dn09kbYlBQ1KM474yjxKqKJDGkgnf6DCgGY=
Subject key identifier: 1D:38:5C:05:D7:BD:A3:16:51:4B:98:C6:D2:6A:7A:32:4B:DE:DD:F1
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 459F
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/HThcBde9oxZRS5jG0mp6Mkve3fE.roa
Signing time: Fri 01 Apr 2022 00:30:04 +0000
ROA not before: Fri 01 Apr 2022 00:30:04 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17823 (0x459f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 1 00:30:04 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=1D385C05D7BDA316514B98C6D26A7A324BDEDDF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:32:f5:7d:08:c0:31:70:71:22:2e:03:11:e5:
59:4a:ff:9f:57:ca:e5:27:ae:0d:f6:aa:d4:a3:99:
44:6d:93:55:73:3b:53:ff:62:70:2b:a6:28:17:88:
6e:54:28:fc:18:df:a0:29:63:56:6a:ae:72:1b:26:
79:b5:56:ed:1d:ef:5d:3d:40:9d:aa:68:65:0d:89:
0e:d7:86:68:ac:44:78:f6:1f:a1:4e:73:32:5c:2b:
73:8d:6a:b2:68:a5:dc:70:2a:1e:cf:de:23:da:14:
5c:13:bd:c6:65:8e:d9:84:99:33:f1:b6:e1:8b:82:
93:a3:ca:fe:53:e8:36:8a:dd:d0:40:09:38:0f:b7:
cb:d4:b5:58:9e:88:aa:1c:95:73:2e:b9:72:9c:5c:
5b:2e:69:10:fe:ce:87:83:a5:ef:5a:38:8d:de:2c:
81:01:8f:ed:74:55:f8:6e:67:a7:83:13:be:58:b0:
f0:8e:7f:b3:35:bb:e8:e3:0b:56:21:b9:76:7f:a8:
6d:6b:0c:38:88:e0:62:09:6d:52:1b:fd:f6:4a:ec:
a4:29:9b:e9:e6:89:22:47:49:8e:f1:30:70:6d:db:
c4:36:77:55:b2:2d:b9:42:93:3c:b2:d9:cc:e3:79:
6e:20:bb:df:14:4d:47:01:cc:60:01:d8:1b:d2:1c:
8d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:38:5C:05:D7:BD:A3:16:51:4B:98:C6:D2:6A:7A:32:4B:DE:DD:F1
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/HThcBde9oxZRS5jG0mp6Mkve3fE.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
07:db:78:b9:bb:99:79:20:9e:7a:94:1e:63:72:d5:97:a6:48:
0d:39:79:90:ab:03:42:da:bc:92:76:9e:0b:05:94:25:5b:b9:
f0:8f:14:12:89:33:e1:19:8b:17:2c:63:91:de:f1:92:d5:8f:
81:2b:70:bb:bf:97:8a:c8:c4:56:b2:42:05:68:26:4f:ff:7f:
67:d0:aa:d0:d2:a8:80:74:e4:bd:ce:b0:f7:be:21:5b:87:5f:
a6:ad:9b:97:6f:6e:be:23:65:73:f6:89:47:6b:49:d4:77:17:
07:65:b6:ae:d8:a4:fd:69:1e:e8:6a:d2:e9:0b:90:c9:36:f7:
3e:e7:2f:0a:bc:2e:3f:10:f0:bf:53:3d:01:75:a8:3a:50:cf:
4e:5b:39:ce:b2:52:56:75:2f:02:ed:4f:6a:0a:16:8b:73:6d:
fd:ce:63:d5:b7:37:45:3f:cc:cd:ae:3e:28:5b:2c:18:17:76:
8e:a6:5f:5c:4b:91:24:61:07:10:37:a7:9d:d1:26:a1:c2:46:
6d:ed:c9:64:44:65:56:18:fd:ad:2d:d5:fd:e3:ee:a5:55:5a:
5b:a2:c5:87:7e:70:ed:40:c5:7e:02:63:28:77:20:29:d2:60:
d5:d5:98:fc:6d:3f:34:11:b0:0a:e2:82:75:83:da:6a:b1:3a:
78:f7:3b:9f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRZ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MDEw
MDMwMDRaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDFEMzg1QzA1RDdCREEz
MTY1MTRCOThDNkQyNkE3QTMyNEJERURERjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4MvV9CMAxcHEiLgMR5VlK/59XyuUnrg32qtSjmURtk1VzO1P/
YnArpigXiG5UKPwY36ApY1ZqrnIbJnm1Vu0d7109QJ2qaGUNiQ7XhmisRHj2H6FO
czJcK3ONarJopdxwKh7P3iPaFFwTvcZljtmEmTPxtuGLgpOjyv5T6DaK3dBACTgP
t8vUtVieiKoclXMuuXKcXFsuaRD+zoeDpe9aOI3eLIEBj+10VfhuZ6eDE75YsPCO
f7M1u+jjC1YhuXZ/qG1rDDiI4GIJbVIb/fZK7KQpm+nmiSJHSY7xMHBt28Q2d1Wy
LblCkzyy2czjeW4gu98UTUcBzGAB2BvSHI0dAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUHThcBde9oxZRS5jG0mp6Mkve3fEwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9IVGhjQmRlOW94WlJTNWpHMG1wNk1rdmUzZkUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AAfbeLm7mXkgnnqUHmNy1ZemSA05eZCrA0LavJJ2ngsFlCVbufCPFBKJM+EZixcs
Y5He8ZLVj4ErcLu/l4rIxFayQgVoJk//f2fQqtDSqIB05L3OsPe+IVuHX6atm5dv
br4jZXP2iUdrSdR3Fwdltq7YpP1pHuhq0ukLkMk29z7nLwq8Lj8Q8L9TPQF1qDpQ
z05bOc6yUlZ1LwLtT2oKFotzbf3OY9W3N0U/zM2uPihbLBgXdo6mX1xLkSRhBxA3
p53RJqHCRm3tyWREZVYY/a0t1f3j7qVVWluixYd+cO1AxX4CYyh3ICnSYNXVmPxt
PzQRsArignWD2mqxOnj3O58=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org