Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/JUFEQY9UFZsZpy9giC1nx43kKcU.roa
File: JUFEQY9UFZsZpy9giC1nx43kKcU.roa (raw, json)
Hash identifier: Wtr4JdyrbtI5wwzs9WA9zVu+OQbFt2kGH/GhpR8RQ5Q=
Subject key identifier: 25:41:44:41:8F:54:15:9B:19:A7:2F:60:88:2D:67:C7:8D:E4:29:C5
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4641
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/JUFEQY9UFZsZpy9giC1nx43kKcU.roa
Signing time: Tue 12 Apr 2022 00:30:12 +0000
ROA not before: Tue 12 Apr 2022 00:30:12 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17985 (0x4641)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 12 00:30:12 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=254144418F54159B19A72F60882D67C78DE429C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5b:7e:cb:21:bf:e1:c5:86:3e:85:44:d5:f9:
23:bd:a2:f3:e8:5b:fd:1b:02:c6:c1:b7:8e:b0:6a:
25:75:7b:d7:d4:f8:ea:cc:8d:a6:d0:26:f5:dd:9e:
f9:ef:c7:57:9e:5b:ce:4f:73:99:d0:61:11:e3:4c:
80:19:09:0d:55:f8:03:40:e9:9b:ce:13:11:e0:b9:
9f:8e:11:9d:10:3d:6b:6b:63:00:5a:da:c3:ce:3f:
0e:1e:24:ad:21:91:40:54:2c:5c:31:eb:e0:33:cd:
cc:00:72:aa:50:b2:9b:0f:36:37:e0:3a:36:3a:42:
58:97:7e:d1:04:96:8a:9e:75:ee:c4:fb:e1:ed:30:
03:03:c0:46:2c:09:11:7c:fe:b7:c8:ae:94:0e:a6:
90:18:fa:65:b9:0a:cd:85:00:e7:9d:12:d0:d0:8b:
74:77:7d:83:15:86:9c:39:12:0e:59:d0:47:8e:fb:
30:63:09:11:39:1b:84:ab:dd:2b:9b:41:be:ad:b9:
37:4e:2a:ac:dc:4e:ee:59:6a:18:99:2f:d4:80:aa:
f0:88:44:f4:c5:b0:ff:0f:97:46:41:c6:7e:42:22:
5a:29:53:e2:fe:aa:39:e4:22:2e:17:e9:df:29:65:
cf:c8:1d:34:af:4e:c1:0f:81:28:25:b4:ac:02:70:
a2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:41:44:41:8F:54:15:9B:19:A7:2F:60:88:2D:67:C7:8D:E4:29:C5
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/JUFEQY9UFZsZpy9giC1nx43kKcU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:e4:0a:d8:8a:21:5d:09:10:b9:91:af:f1:32:38:84:f2:61:
b8:83:cc:dc:34:78:91:ad:d4:6b:4b:89:79:23:0e:e1:89:09:
b8:33:8b:f4:31:31:2e:bc:0e:5c:60:75:97:6e:4d:ab:5a:11:
fd:a1:1a:75:38:fc:66:4b:df:91:6f:fe:1d:ad:26:2b:40:0d:
e4:22:77:48:f4:d5:0d:34:01:90:fe:5b:b8:7c:45:de:c1:14:
ea:ea:e4:ee:9a:d8:3d:29:7d:9c:50:9f:4f:f3:87:19:d3:2f:
bb:5b:0a:93:3b:30:b4:b0:f9:c4:c7:dd:02:17:3f:3d:0f:7f:
21:81:fd:14:57:ea:9e:64:29:3f:d7:72:9f:8a:d4:98:75:27:
04:84:76:1f:b1:ac:e3:54:ab:59:7c:84:d4:6e:f3:cb:9f:85:
70:33:ee:f2:52:46:e0:a7:bf:d2:fa:da:b6:f4:ad:3f:04:a5:
8a:0c:53:06:19:a4:5a:02:15:3f:2e:8f:66:d2:6a:59:15:cc:
33:73:8b:2c:88:c6:f8:46:35:5e:d5:02:c3:c7:4d:d3:c8:4d:
9b:be:31:4a:8f:77:c1:15:a2:97:fe:fa:14:5d:b0:3c:cd:7a:
7b:9c:23:5d:d9:b7:55:61:de:ff:88:84:69:23:7a:00:79:d8:
1c:f7:db:78
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRkEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MTIw
MDMwMTJaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDI1NDE0NDQxOEY1NDE1
OUIxOUE3MkY2MDg4MkQ2N0M3OERFNDI5QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcW37LIb/hxYY+hUTV+SO9ovPoW/0bAsbBt46waiV1e9fU+OrM
jabQJvXdnvnvx1eeW85Pc5nQYRHjTIAZCQ1V+ANA6ZvOExHguZ+OEZ0QPWtrYwBa
2sPOPw4eJK0hkUBULFwx6+AzzcwAcqpQspsPNjfgOjY6QliXftEEloqede7E++Ht
MAMDwEYsCRF8/rfIrpQOppAY+mW5Cs2FAOedEtDQi3R3fYMVhpw5Eg5Z0EeO+zBj
CRE5G4Sr3SubQb6tuTdOKqzcTu5ZahiZL9SAqvCIRPTFsP8Pl0ZBxn5CIlopU+L+
qjnkIi4X6d8pZc/IHTSvTsEPgSgltKwCcKKhAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUJUFEQY9UFZsZpy9giC1nx43kKcUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9KVUZFUVk5VUZac1pweTlnaUMxbng0M2tLY1Uucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
ABrkCtiKIV0JELmRr/EyOITyYbiDzNw0eJGt1GtLiXkjDuGJCbgzi/QxMS68Dlxg
dZduTataEf2hGnU4/GZL35Fv/h2tJitADeQid0j01Q00AZD+W7h8Rd7BFOrq5O6a
2D0pfZxQn0/zhxnTL7tbCpM7MLSw+cTH3QIXPz0PfyGB/RRX6p5kKT/Xcp+K1Jh1
JwSEdh+xrONUq1l8hNRu88ufhXAz7vJSRuCnv9L62rb0rT8EpYoMUwYZpFoCFT8u
j2bSalkVzDNziyyIxvhGNV7VAsPHTdPITZu+MUqPd8EVopf++hRdsDzNenucI13Z
t1Vh3v+IhGkjegB52Bz323g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org