Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/JrHFSMk4M4yTuvpziv5fAIyBT7w.roa
File: JrHFSMk4M4yTuvpziv5fAIyBT7w.roa (raw, json)
Hash identifier: n/GFTGZSEdGl1vCifjLGiEx18+uNYZt/xQbKKAUDpVs=
Subject key identifier: 26:B1:C5:48:C9:38:33:8C:93:BA:FA:73:8A:FE:5F:00:8C:81:4F:BC
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 498A
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/JrHFSMk4M4yTuvpziv5fAIyBT7w.roa
Signing time: Wed 08 Jun 2022 00:30:07 +0000
ROA not before: Wed 08 Jun 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18826 (0x498a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 8 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=26B1C548C938338C93BAFA738AFE5F008C814FBC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b2:d0:ac:35:6a:1a:eb:a3:8c:52:fa:7d:d9:
36:41:f1:d3:52:2f:86:5e:2d:93:39:57:de:d2:59:
f2:7e:b9:2d:de:db:dd:54:68:2b:49:a2:7e:d5:04:
d7:7a:bb:bc:71:49:9c:f0:11:d2:e3:86:70:1d:2d:
d9:f2:1f:81:46:7d:1a:a5:b2:71:9f:3e:fa:f4:e4:
a8:9c:52:0e:e6:c1:e0:80:45:74:2a:a0:4f:5e:db:
75:34:96:63:8f:9f:b9:60:6d:da:3f:08:9f:00:23:
1e:3a:e4:e9:5b:07:14:ce:fb:da:18:90:d4:bc:07:
d0:40:18:d0:8e:84:ce:a7:c2:8a:44:aa:3c:42:d9:
74:f1:aa:80:cb:f9:44:6b:ab:71:7f:ca:a3:3b:19:
c3:15:8d:44:56:90:7b:f5:5d:19:1b:cd:ab:41:3d:
95:a2:5e:f3:46:ed:b1:c1:d7:c5:5c:18:8a:cb:4e:
c4:99:02:34:4d:0d:30:cc:3b:7e:8f:0e:99:d9:e8:
70:ca:f7:ed:89:99:c4:01:63:dd:63:30:46:22:82:
78:8d:13:5d:ed:dc:23:ec:70:88:28:4f:cf:27:24:
6a:d7:78:e5:e5:76:55:a7:38:ae:49:0c:60:02:13:
87:20:b9:0d:0e:99:9f:b3:4a:86:b4:46:bd:d2:43:
8a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B1:C5:48:C9:38:33:8C:93:BA:FA:73:8A:FE:5F:00:8C:81:4F:BC
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/JrHFSMk4M4yTuvpziv5fAIyBT7w.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:7a:2a:28:a8:74:39:a5:01:41:b1:af:5b:1c:7d:c3:6b:02:
95:c9:70:72:0c:1b:aa:5a:81:50:8e:ea:0c:10:2c:e3:a7:b6:
d4:d1:1c:09:2d:39:c9:d6:5b:2a:26:41:cf:a7:62:ca:69:d2:
52:13:ae:45:11:67:ce:4a:89:54:84:e5:1e:6a:0a:02:83:f5:
14:32:4f:b3:a6:d9:ef:10:a6:83:41:2d:7f:e9:f6:ac:f5:3f:
20:31:16:85:de:38:a7:01:72:c7:28:f6:3a:34:91:9d:9a:a2:
ec:ca:7c:d8:62:54:6e:c2:0e:ec:ab:9c:36:d2:17:f8:bf:59:
da:b3:af:0e:88:82:34:bf:fe:78:71:ff:4a:af:71:1c:06:65:
a2:c7:34:f0:ec:6e:2d:1c:b4:72:34:51:a9:6b:31:c8:81:85:
b4:af:54:3d:a2:fb:96:9f:c7:7e:6b:7d:22:d5:fd:88:88:5e:
35:b2:35:ed:c1:3b:ef:b5:30:48:7a:41:80:e9:bb:b9:65:6c:
40:87:5e:82:cd:25:6e:27:d1:34:2b:a4:bc:09:ed:66:4e:44:
02:c0:cd:33:f5:66:e9:54:55:e2:0e:14:d7:65:04:65:39:89:
20:91:2a:37:df:cd:67:02:4b:2d:cc:5b:b7:53:26:65:a8:bb:
9f:70:10:29
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSYowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDgw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDI2QjFDNTQ4QzkzODMz
OEM5M0JBRkE3MzhBRkU1RjAwOEM4MTRGQkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJstCsNWoa66OMUvp92TZB8dNSL4ZeLZM5V97SWfJ+uS3e291U
aCtJon7VBNd6u7xxSZzwEdLjhnAdLdnyH4FGfRqlsnGfPvr05KicUg7mweCARXQq
oE9e23U0lmOPn7lgbdo/CJ8AIx465OlbBxTO+9oYkNS8B9BAGNCOhM6nwopEqjxC
2XTxqoDL+URrq3F/yqM7GcMVjURWkHv1XRkbzatBPZWiXvNG7bHB18VcGIrLTsSZ
AjRNDTDMO36PDpnZ6HDK9+2JmcQBY91jMEYigniNE13t3CPscIgoT88nJGrXeOXl
dlWnOK5JDGACE4cguQ0OmZ+zSoa0Rr3SQ4rtAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUJrHFSMk4M4yTuvpziv5fAIyBT7wwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9KckhGU01rNE00eVR1dnB6aXY1ZkFJeUJUN3cucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ALV6KiiodDmlAUGxr1scfcNrApXJcHIMG6pagVCO6gwQLOOnttTRHAktOcnWWyom
Qc+nYspp0lITrkURZ85KiVSE5R5qCgKD9RQyT7Om2e8QpoNBLX/p9qz1PyAxFoXe
OKcBcsco9jo0kZ2aouzKfNhiVG7CDuyrnDbSF/i/Wdqzrw6IgjS//nhx/0qvcRwG
ZaLHNPDsbi0ctHI0UalrMciBhbSvVD2i+5afx35rfSLV/YiIXjWyNe3BO++1MEh6
QYDpu7llbECHXoLNJW4n0TQrpLwJ7WZORALAzTP1ZulUVeIOFNdlBGU5iSCRKjff
zWcCSy3MW7dTJmWou59wECk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org