Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/IMWdMYvMEw7FOMqXr6Don_Nyaw4.roa
File: IMWdMYvMEw7FOMqXr6Don_Nyaw4.roa (raw, json)
Hash identifier: k+5Eq82gQZUmT2UkcS/xPCCWrk1vzlKxj7MowUCnhXs=
Subject key identifier: 20:C5:9D:31:8B:CC:13:0E:C5:38:CA:97:AF:A0:E8:9F:F3:72:6B:0E
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 456C
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/IMWdMYvMEw7FOMqXr6Don_Nyaw4.roa
Signing time: Mon 28 Mar 2022 00:30:12 +0000
ROA not before: Mon 28 Mar 2022 00:30:12 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17772 (0x456c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 28 00:30:12 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=20C59D318BCC130EC538CA97AFA0E89FF3726B0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:fa:e8:1d:64:af:52:54:e1:68:f7:5c:10:c6:
ce:7a:f7:05:82:9a:a6:62:1e:d3:ec:35:1e:34:03:
e9:eb:6b:9d:19:a9:75:bb:ee:5f:56:5a:ff:81:be:
2c:a8:71:fa:82:89:03:cd:61:d0:80:60:dc:ad:dc:
9e:01:13:e5:86:95:45:5d:27:69:43:62:e8:a6:dd:
08:d5:c0:0c:77:2c:0a:dd:43:1f:89:2b:e6:ba:9e:
bc:01:e2:18:30:91:94:ac:82:ba:45:8e:e9:39:57:
3e:4b:ed:3c:f4:a6:5f:04:44:bf:8c:16:0e:d8:be:
1b:c9:c3:8b:32:50:f5:f8:cb:bc:4b:f2:78:6d:c2:
cb:a6:8f:1e:78:f3:82:ea:a9:87:85:1a:42:d7:e0:
5f:c3:29:8a:68:e5:ab:39:f2:b9:a3:da:68:ba:46:
80:84:2e:b0:da:62:f2:d3:64:ce:9c:f5:32:aa:4c:
5d:6f:9d:2a:56:fe:87:14:00:41:34:f7:74:af:3a:
94:74:4c:ad:7c:c6:a3:e0:0c:04:b1:63:13:56:df:
13:34:4b:f1:28:60:76:82:28:d0:93:b0:a1:09:e3:
cc:ab:05:2f:a9:aa:5f:01:7b:b4:6b:8f:37:45:57:
88:7a:16:07:0b:50:06:52:b9:d7:e1:92:da:0f:6d:
96:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C5:9D:31:8B:CC:13:0E:C5:38:CA:97:AF:A0:E8:9F:F3:72:6B:0E
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/IMWdMYvMEw7FOMqXr6Don_Nyaw4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:a1:68:77:fc:a4:00:52:ed:62:6f:75:bb:ff:e6:52:f2:25:
33:4a:da:5b:b6:ce:3a:2d:97:3f:eb:f5:f0:a7:4e:3f:6e:6a:
f6:5e:20:63:2e:e6:3c:c6:d5:a0:d4:2c:ed:78:ce:c7:40:53:
32:7a:79:ba:f7:b8:a7:93:b9:cb:23:65:a1:33:b0:e3:fc:f3:
14:32:38:e0:54:4b:e8:70:43:26:7b:51:a5:70:d1:f5:a3:52:
36:f5:c0:81:ff:cb:58:9c:36:fa:f0:ce:0b:53:02:18:ce:2f:
a6:1f:2e:bd:f7:fd:46:25:04:6d:c9:e6:d0:99:d4:14:fe:d4:
17:b8:05:e4:5b:58:55:fb:f5:f3:a2:5d:88:1b:d3:4f:2d:db:
14:2c:24:5d:58:44:27:23:8b:ae:9c:10:a2:c0:8d:af:00:2d:
fd:2d:50:3f:e9:a9:3e:4d:fb:86:bd:aa:db:41:54:01:c4:e0:
b3:26:4e:25:b4:94:de:f1:e6:aa:f7:cd:8c:25:a4:ad:1c:13:
6b:54:b2:31:59:20:19:f3:81:02:ec:3a:a8:d6:0a:3c:a3:f4:
42:f6:49:f0:ed:87:16:cc:9c:32:c1:6b:52:f1:b9:5e:1f:14:
ae:f4:05:ec:24:b5:b5:45:e6:3d:c4:90:55:0d:33:5a:a1:ba:
6b:c7:c9:21
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRWwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjgw
MDMwMTJaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDIwQzU5RDMxOEJDQzEz
MEVDNTM4Q0E5N0FGQTBFODlGRjM3MjZCMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDh+ugdZK9SVOFo91wQxs569wWCmqZiHtPsNR40A+nra50ZqXW7
7l9WWv+BviyocfqCiQPNYdCAYNyt3J4BE+WGlUVdJ2lDYuim3QjVwAx3LArdQx+J
K+a6nrwB4hgwkZSsgrpFjuk5Vz5L7Tz0pl8ERL+MFg7YvhvJw4syUPX4y7xL8nht
wsumjx5484LqqYeFGkLX4F/DKYpo5as58rmj2mi6RoCELrDaYvLTZM6c9TKqTF1v
nSpW/ocUAEE093SvOpR0TK18xqPgDASxYxNW3xM0S/EoYHaCKNCTsKEJ48yrBS+p
ql8Be7RrjzdFV4h6FgcLUAZSudfhktoPbZYDAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUIMWdMYvMEw7FOMqXr6Don/Nyaw4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9JTVdkTVl2TUV3N0ZPTXFYcjZEb25fTnlhdzQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ABuhaHf8pABS7WJvdbv/5lLyJTNK2lu2zjotlz/r9fCnTj9uavZeIGMu5jzG1aDU
LO14zsdAUzJ6ebr3uKeTucsjZaEzsOP88xQyOOBUS+hwQyZ7UaVw0fWjUjb1wIH/
y1icNvrwzgtTAhjOL6YfLr33/UYlBG3J5tCZ1BT+1Be4BeRbWFX79fOiXYgb008t
2xQsJF1YRCcji66cEKLAja8ALf0tUD/pqT5N+4a9qttBVAHE4LMmTiW0lN7x5qr3
zYwlpK0cE2tUsjFZIBnzgQLsOqjWCjyj9EL2SfDthxbMnDLBa1LxuV4fFK70Bewk
tbVF5j3EkFUNM1qhumvHySE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org