Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/IDQOTn8YuW-4WG81PLuCSEKHCrI.roa
File: IDQOTn8YuW-4WG81PLuCSEKHCrI.roa (raw, json)
Hash identifier: L8vrkmPx+678mMO+8M3pA5HO9BvarLRLhRjZa1MVxfo=
Subject key identifier: 20:34:0E:4E:7F:18:B9:6F:B8:58:6F:35:3C:BB:82:48:42:87:0A:B2
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4378
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/IDQOTn8YuW-4WG81PLuCSEKHCrI.roa
Signing time: Sun 20 Feb 2022 00:30:07 +0000
ROA not before: Sun 20 Feb 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17272 (0x4378)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 20 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=20340E4E7F18B96FB8586F353CBB824842870AB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:cb:b6:b4:08:c4:d4:46:a4:82:2e:c6:0c:08:
bd:3d:22:d4:3f:95:b0:2a:5c:e4:5f:3b:04:21:16:
ab:77:fe:69:fc:59:07:4a:41:54:25:ee:c6:a5:9b:
67:01:d9:c7:5d:9c:1c:00:a3:a1:e5:77:ba:7b:73:
3e:a1:ec:9a:fb:4b:b3:80:82:3a:94:77:05:d0:50:
6f:21:f1:ad:b8:4e:71:31:29:7a:c7:e0:0c:b3:f1:
66:fe:85:06:0e:bb:d4:d4:e0:44:2b:df:3f:e1:10:
03:9e:05:9e:49:db:e7:27:39:dd:9b:48:0b:76:f0:
b5:aa:16:a7:2f:a3:53:b2:df:7e:a0:d6:9a:91:62:
c2:b1:b7:e6:fa:3a:b8:57:0d:e8:88:95:57:09:ac:
23:21:cc:a3:16:03:9e:83:dd:31:49:5d:b3:29:b6:
9c:9b:1e:0e:c9:e4:f2:39:94:6c:01:b9:32:63:51:
b4:3f:55:c5:e9:40:8f:e1:bc:18:4c:2a:9d:fd:7f:
a7:ad:d2:eb:b0:7a:d2:91:1c:f7:08:9d:0c:76:9a:
a0:8d:18:dc:8f:2f:e7:70:11:59:b7:de:d9:07:aa:
ed:b5:8a:3f:9e:e3:2b:4a:e7:56:28:39:64:02:cb:
63:36:d4:cb:5d:b9:0d:34:66:34:a7:56:32:65:0a:
02:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:34:0E:4E:7F:18:B9:6F:B8:58:6F:35:3C:BB:82:48:42:87:0A:B2
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/IDQOTn8YuW-4WG81PLuCSEKHCrI.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:32:b7:95:07:f8:67:94:87:9f:35:54:9f:6b:9b:62:1d:81:
cb:9f:e5:73:33:d8:9a:21:d9:d2:ed:35:3e:f7:a8:9f:bd:b0:
74:fc:fc:26:0d:0e:73:62:51:50:ad:67:58:27:b7:55:02:1e:
68:39:31:53:d1:e0:f4:3f:09:4c:2b:2d:63:11:b2:09:6a:62:
57:10:cf:1f:75:8e:7f:f3:19:bc:de:e0:a5:00:9f:de:19:31:
28:bd:ed:8c:d1:5c:c1:be:b1:0f:4f:e6:f3:2c:e9:6c:79:a7:
9d:9d:f2:3f:0d:40:6b:55:34:fc:8f:19:f0:ca:5d:d4:5d:e6:
65:bb:8d:64:18:71:1b:d3:a2:e9:38:ce:f8:96:bb:e5:8c:3d:
90:69:47:6a:a9:36:12:f7:9b:f6:dc:7d:a0:22:a2:9e:59:9b:
bb:d9:ae:26:46:5f:be:58:3b:52:0f:91:9e:c0:1b:11:ec:70:
b8:c2:ab:0d:7a:c0:75:05:d3:16:68:39:86:1f:40:bd:01:fb:
59:1c:14:56:52:32:15:ce:4f:ea:6b:3c:9d:fe:40:90:5d:07:
d4:45:f3:55:27:b3:d9:76:f3:11:ca:be:76:39:62:87:ca:aa:
e4:24:22:e8:5e:13:b2:d8:c9:d7:b9:dd:2f:b5:5d:47:17:07:
24:7f:6a:c0
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ3gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjAw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDIwMzQwRTRFN0YxOEI5
NkZCODU4NkYzNTNDQkI4MjQ4NDI4NzBBQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYy7a0CMTURqSCLsYMCL09ItQ/lbAqXORfOwQhFqt3/mn8WQdK
QVQl7salm2cB2cddnBwAo6Hld7p7cz6h7Jr7S7OAgjqUdwXQUG8h8a24TnExKXrH
4Ayz8Wb+hQYOu9TU4EQr3z/hEAOeBZ5J2+cnOd2bSAt28LWqFqcvo1Oy336g1pqR
YsKxt+b6OrhXDeiIlVcJrCMhzKMWA56D3TFJXbMptpybHg7J5PI5lGwBuTJjUbQ/
VcXpQI/hvBhMKp39f6et0uuwetKRHPcInQx2mqCNGNyPL+dwEVm33tkHqu21ij+e
4ytK51YoOWQCy2M21MtduQ00ZjSnVjJlCgIJAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUIDQOTn8YuW+4WG81PLuCSEKHCrIwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9JRFFPVG44WXVXLTRXRzgxUEx1Q1NFS0hDckkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AJoyt5UH+GeUh581VJ9rm2Idgcuf5XMz2Joh2dLtNT73qJ+9sHT8/CYNDnNiUVCt
Z1gnt1UCHmg5MVPR4PQ/CUwrLWMRsglqYlcQzx91jn/zGbze4KUAn94ZMSi97YzR
XMG+sQ9P5vMs6Wx5p52d8j8NQGtVNPyPGfDKXdRd5mW7jWQYcRvTouk4zviWu+WM
PZBpR2qpNhL3m/bcfaAiop5Zm7vZriZGX75YO1IPkZ7AGxHscLjCqw16wHUF0xZo
OYYfQL0B+1kcFFZSMhXOT+prPJ3+QJBdB9RF81Uns9l28xHKvnY5YofKquQkIuhe
E7LYyde53S+1XUcXByR/asA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org