Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/ItolVuFq0SGopeB5dTgs8JyT9pg.roa
File: ItolVuFq0SGopeB5dTgs8JyT9pg.roa (raw, json)
Hash identifier: 6BLIA4XazUKW33AqsOeM0eT9cp5aWWooB5DyxfCXWV8=
Subject key identifier: 22:DA:25:56:E1:6A:D1:21:A8:A5:E0:79:75:38:2C:F0:9C:93:F6:98
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 479D
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ItolVuFq0SGopeB5dTgs8JyT9pg.roa
Signing time: Sat 07 May 2022 00:30:12 +0000
ROA not before: Sat 07 May 2022 00:30:12 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18333 (0x479d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 7 00:30:12 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=22DA2556E16AD121A8A5E07975382CF09C93F698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:dc:c8:cc:a3:36:be:17:59:57:87:1b:4b:29:
99:21:a9:02:52:36:a3:ad:89:3d:e7:bd:56:bb:ce:
fe:9e:dd:07:75:aa:2d:69:fe:81:21:5c:dc:98:52:
ba:d8:62:47:25:08:ef:bd:c8:95:63:3d:82:32:8d:
db:cb:3e:14:69:ec:9a:af:4e:a5:ee:fb:90:7d:0c:
7d:32:c3:16:bc:b3:57:ff:99:aa:66:43:c3:7f:61:
87:1f:46:8f:5d:01:26:97:93:63:d4:ee:0b:6a:d3:
de:bf:1d:14:fc:59:b8:9f:b7:53:ae:ee:e7:d8:44:
3b:5c:e4:1c:dc:f5:15:10:7e:94:7e:1b:1a:96:0e:
9b:b0:3e:f2:25:21:96:be:1b:10:52:33:3c:a0:7d:
f2:5d:f8:1d:d0:cf:e9:cb:bf:3f:9e:e2:8c:85:73:
f9:30:a3:e8:d1:db:d8:29:ec:d9:30:48:91:1c:0e:
ee:87:22:74:3f:7a:61:59:57:b6:0f:e3:6c:23:39:
f9:e1:b4:c4:8a:8c:d0:6a:54:16:3a:5b:9a:bd:ec:
56:1c:78:63:f8:3e:83:1f:de:47:fa:ea:71:5f:0f:
e3:d2:0e:5a:5c:f6:3e:15:e4:34:08:9b:aa:4c:f4:
74:f2:a6:00:47:4e:6c:ea:8c:cf:b8:be:59:4e:7f:
4b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:DA:25:56:E1:6A:D1:21:A8:A5:E0:79:75:38:2C:F0:9C:93:F6:98
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ItolVuFq0SGopeB5dTgs8JyT9pg.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:bb:37:59:1c:2a:89:76:e1:f7:af:8c:ec:ee:44:96:32:9e:
ac:4e:aa:57:af:2b:49:70:0b:1c:cb:4c:b2:1b:17:ad:2a:f0:
f0:42:03:47:bc:f1:ee:9a:d2:9e:35:48:b2:24:a0:75:e2:4e:
d4:d4:16:04:86:9d:41:30:54:0c:85:1d:26:47:94:39:6f:9c:
6f:49:92:e3:2b:48:ae:ef:93:bb:f7:0f:e3:b7:55:e4:da:5d:
9c:d7:1e:7d:19:1c:63:cb:32:40:a2:6d:af:e6:da:9b:44:3a:
fb:27:da:07:74:e7:44:f7:49:95:2a:37:90:e3:66:9e:5f:1f:
0c:30:e6:90:0e:59:91:f4:ee:33:59:f3:57:f3:f1:97:f4:0b:
60:c3:72:18:ac:a5:00:84:5c:e9:30:1d:fe:c5:cd:b6:30:1b:
2e:c0:59:ec:82:3b:6e:b9:57:12:a3:77:bf:de:34:24:42:c4:
86:97:36:fd:ac:f1:15:3b:6a:a5:5f:f5:be:15:1d:b2:ea:97:
28:de:ed:f6:e0:8e:9e:12:a8:49:4c:6d:38:03:a7:86:2f:25:
7b:03:f8:ba:ac:4d:fb:68:35:5f:68:97:56:4b:19:c1:38:63:
ea:9b:a0:ae:07:10:59:04:be:fa:03:6f:77:ce:8b:b4:52:57:
a9:1c:c0:c7
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR50wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MDcw
MDMwMTJaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDIyREEyNTU2RTE2QUQx
MjFBOEE1RTA3OTc1MzgyQ0YwOUM5M0Y2OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc3MjMoza+F1lXhxtLKZkhqQJSNqOtiT3nvVa7zv6e3Qd1qi1p
/oEhXNyYUrrYYkclCO+9yJVjPYIyjdvLPhRp7JqvTqXu+5B9DH0ywxa8s1f/mapm
Q8N/YYcfRo9dASaXk2PU7gtq096/HRT8Wbift1Ou7ufYRDtc5Bzc9RUQfpR+GxqW
DpuwPvIlIZa+GxBSMzygffJd+B3Qz+nLvz+e4oyFc/kwo+jR29gp7NkwSJEcDu6H
InQ/emFZV7YP42wjOfnhtMSKjNBqVBY6W5q97FYceGP4PoMf3kf66nFfD+PSDlpc
9j4V5DQIm6pM9HTypgBHTmzqjM+4vllOf0ujAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUItolVuFq0SGopeB5dTgs8JyT9pgwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9JdG9sVnVGcTBTR29wZUI1ZFRnczhKeVQ5cGcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AL+7N1kcKol24fevjOzuRJYynqxOqlevK0lwCxzLTLIbF60q8PBCA0e88e6a0p41
SLIkoHXiTtTUFgSGnUEwVAyFHSZHlDlvnG9JkuMrSK7vk7v3D+O3VeTaXZzXHn0Z
HGPLMkCiba/m2ptEOvsn2gd050T3SZUqN5DjZp5fHwww5pAOWZH07jNZ81fz8Zf0
C2DDchispQCEXOkwHf7FzbYwGy7AWeyCO265VxKjd7/eNCRCxIaXNv2s8RU7aqVf
9b4VHbLqlyje7fbgjp4SqElMbTgDp4YvJXsD+LqsTftoNV9ol1ZLGcE4Y+qboK4H
EFkEvvoDb3fOi7RSV6kcwMc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org