Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/K4QaNbKLsYc793vWwzjKyNJI7A4.roa
File: K4QaNbKLsYc793vWwzjKyNJI7A4.roa (raw, json)
Hash identifier: bAdlTe4ZguEdv0mVdoWJFaFj/yOV6midAOrNPhNPLPI=
Subject key identifier: 2B:84:1A:35:B2:8B:B1:87:3B:F7:7B:D6:C3:38:CA:C8:D2:48:EC:0E
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 42A4
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/K4QaNbKLsYc793vWwzjKyNJI7A4.roa
Signing time: Sat 05 Feb 2022 00:30:05 +0000
ROA not before: Sat 05 Feb 2022 00:30:05 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17060 (0x42a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 5 00:30:05 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=2B841A35B28BB1873BF77BD6C338CAC8D248EC0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:90:36:43:89:2c:df:c4:59:8b:2e:9d:0d:d4:
02:c4:74:18:19:31:c0:a1:70:62:78:48:4b:f8:15:
ea:c0:47:d1:32:ce:71:b7:21:a0:73:8a:a8:64:a6:
a3:ce:1b:90:49:de:64:11:77:5e:ff:fd:03:fe:7f:
c7:e3:9e:36:1a:42:1d:23:14:5e:83:f8:a8:10:57:
d0:32:87:b2:57:f2:9f:2b:4e:ee:94:2c:9a:11:a2:
aa:2a:69:54:22:48:4a:9d:aa:2a:eb:90:20:b4:2b:
65:79:19:f9:e0:09:a4:96:1a:52:a4:49:93:58:ea:
d8:cd:19:f9:b1:7c:52:35:82:7e:af:dc:dd:0a:87:
f4:97:82:5e:85:42:02:ee:1b:11:a8:ea:94:49:44:
67:83:17:f7:ae:fd:71:9f:1d:b7:ec:67:87:34:b8:
7e:cb:4b:0e:e0:a7:90:de:b8:11:ef:b6:0a:bc:e0:
bc:8f:d9:84:51:cb:de:dc:00:38:ec:15:97:60:18:
e0:75:19:b2:85:1b:20:dd:b6:15:87:88:bb:c1:c7:
4a:4e:74:36:70:4b:61:23:54:85:02:95:af:6b:c1:
d6:cb:31:91:e4:3b:3d:a7:b4:84:d7:f8:0a:5e:1d:
65:1b:cf:a2:f7:ee:b7:96:8a:d0:a1:dd:5e:2b:c3:
6a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:84:1A:35:B2:8B:B1:87:3B:F7:7B:D6:C3:38:CA:C8:D2:48:EC:0E
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/K4QaNbKLsYc793vWwzjKyNJI7A4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:a9:b7:e6:cc:ec:2b:f9:7e:57:f9:6a:84:c3:40:63:71:cc:
f1:42:69:f3:92:fb:62:e6:19:c8:66:0a:1d:8e:da:ba:b4:2b:
01:5d:91:d2:68:55:b9:0c:34:6f:29:b4:ff:32:40:f5:0c:78:
c5:b4:72:bd:3e:ca:18:e2:7e:62:09:f2:62:56:c8:50:e1:38:
30:42:04:c9:4d:f2:bd:d5:dd:6e:91:77:ef:66:35:93:12:91:
cf:31:37:dd:c4:32:de:a5:4c:2f:70:ff:08:f8:46:06:be:13:
6f:5a:06:a9:d5:2d:7f:8e:40:66:f9:c2:43:07:83:01:92:65:
04:9c:11:12:a6:7c:f5:4c:b3:8c:5f:53:84:45:ed:94:cb:da:
a2:d3:cc:d3:f3:9f:bd:a2:13:28:03:8a:ed:13:b3:e4:4d:da:
6c:57:3a:33:3e:a6:e4:d0:0d:d0:e8:ae:cd:21:90:44:12:ad:
46:bc:e2:33:90:af:d4:b8:3f:ac:61:20:e5:71:24:06:66:58:
bd:60:fe:04:35:62:84:c0:0e:c1:df:aa:f0:98:db:87:d6:8d:
8b:0b:a3:ac:59:99:3c:ee:6f:b5:02:62:ac:ef:fd:86:65:03:
8c:a1:e4:d2:4e:30:02:4a:1b:d1:54:a0:2f:aa:d7:9e:cc:5d:
63:91:41:5b
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQqQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDUw
MDMwMDVaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDJCODQxQTM1QjI4QkIx
ODczQkY3N0JENkMzMzhDQUM4RDI0OEVDMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZkDZDiSzfxFmLLp0N1ALEdBgZMcChcGJ4SEv4FerAR9EyznG3
IaBziqhkpqPOG5BJ3mQRd17//QP+f8fjnjYaQh0jFF6D+KgQV9Ayh7JX8p8rTu6U
LJoRoqoqaVQiSEqdqirrkCC0K2V5GfngCaSWGlKkSZNY6tjNGfmxfFI1gn6v3N0K
h/SXgl6FQgLuGxGo6pRJRGeDF/eu/XGfHbfsZ4c0uH7LSw7gp5DeuBHvtgq84LyP
2YRRy97cADjsFZdgGOB1GbKFGyDdthWHiLvBx0pOdDZwS2EjVIUCla9rwdbLMZHk
Oz2ntITX+ApeHWUbz6L37reWitCh3V4rw2qXAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUK4QaNbKLsYc793vWwzjKyNJI7A4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LNFFhTmJLTHNZYzc5M3ZXd3pqS3lOSkk3QTQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AF+pt+bM7Cv5flf5aoTDQGNxzPFCafOS+2LmGchmCh2O2rq0KwFdkdJoVbkMNG8p
tP8yQPUMeMW0cr0+yhjifmIJ8mJWyFDhODBCBMlN8r3V3W6Rd+9mNZMSkc8xN93E
Mt6lTC9w/wj4Rga+E29aBqnVLX+OQGb5wkMHgwGSZQScERKmfPVMs4xfU4RF7ZTL
2qLTzNPzn72iEygDiu0Ts+RN2mxXOjM+puTQDdDors0hkEQSrUa84jOQr9S4P6xh
IOVxJAZmWL1g/gQ1YoTADsHfqvCY24fWjYsLo6xZmTzub7UCYqzv/YZlA4yh5NJO
MAJKG9FUoC+q157MXWORQVs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org