Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/K7tZRNg-J5ehmjYh-zsN4Cs-kp8.roa
File: K7tZRNg-J5ehmjYh-zsN4Cs-kp8.roa (raw, json)
Hash identifier: lWwXbg/e0bjjg/1TMJ5Xj+hjjW9OP3l9APubxrNFim8=
Subject key identifier: 2B:BB:59:44:D8:3E:27:97:A1:9A:36:21:FB:3B:0D:E0:2B:3E:92:9F
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4901
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/K7tZRNg-J5ehmjYh-zsN4Cs-kp8.roa
Signing time: Wed 01 Jun 2022 00:30:07 +0000
ROA not before: Wed 01 Jun 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.14.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18689 (0x4901)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 1 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=2BBB5944D83E2797A19A3621FB3B0DE02B3E929F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4c:8e:47:e2:12:8a:57:24:47:d3:21:43:fc:
a6:5c:f8:8c:ac:35:b1:ae:4c:73:05:b9:48:0c:e0:
1d:34:bf:b1:84:3f:f7:f3:ea:61:0e:3f:83:36:b8:
a7:96:c3:69:32:b9:d6:f7:54:46:34:54:7e:85:c5:
2a:7e:2a:93:4e:1a:23:81:c0:32:0d:c0:3b:0a:3d:
a0:5e:0c:90:06:90:7e:56:ec:84:9d:68:3f:b0:a2:
5c:e5:ee:01:03:57:d8:c7:1d:23:bd:14:39:29:0e:
fd:f4:68:b8:18:f4:38:84:23:40:28:2f:49:b9:33:
71:c7:be:b6:24:10:cf:60:26:5a:0f:fe:d5:2a:68:
64:c4:1d:5f:8c:e8:24:4e:e3:d4:0f:83:75:fb:4a:
92:8d:21:b5:cb:27:fc:c3:cf:ae:5b:1b:09:6a:b4:
d3:97:b9:4c:4b:43:05:cd:0a:ec:50:a7:46:de:1d:
b3:25:8d:0f:f7:6c:6b:a0:9a:aa:c8:da:e5:03:69:
c4:53:ce:e1:02:a2:f4:bd:83:41:d1:da:d4:69:49:
ad:66:45:74:0e:03:89:b2:45:b5:c8:94:ac:b4:31:
29:5b:c2:dc:7c:0c:72:c6:76:f5:ce:99:53:ff:48:
ff:7b:3c:dd:01:4b:47:7e:43:08:10:5f:88:fd:28:
ba:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BB:59:44:D8:3E:27:97:A1:9A:36:21:FB:3B:0D:E0:2B:3E:92:9F
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/K7tZRNg-J5ehmjYh-zsN4Cs-kp8.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.14.0/24
Signature Algorithm: sha256WithRSAEncryption
63:1c:af:5b:03:ee:a9:51:8d:bb:ec:9f:6d:7f:37:2f:89:03:
00:1b:e3:ef:a2:ab:5b:23:18:6a:f0:89:db:da:06:f4:59:25:
bf:e6:d7:77:46:7b:58:89:c3:1b:ef:33:d0:aa:94:cc:64:18:
7e:e3:7c:18:cd:94:35:b8:c2:bd:90:8c:25:53:7f:ab:aa:80:
f5:4e:51:73:bd:17:a4:16:fd:6c:60:b5:71:e3:53:1b:0e:9d:
db:b7:c8:41:8a:d1:20:b1:41:05:c5:d3:d6:e5:c0:d3:24:ed:
44:37:71:e7:e3:be:bc:a0:d3:89:1e:6a:ad:d6:df:24:4a:02:
17:95:2e:08:4b:1d:f2:03:d6:bd:1b:a2:48:b1:9d:74:89:1b:
69:d3:f2:21:72:c4:5e:ac:f5:15:94:c1:28:75:26:50:12:89:
10:58:ac:49:4a:2c:64:3d:40:f9:1c:39:65:f1:60:c6:48:9f:
32:a5:a4:17:a0:e1:cd:f7:ed:e2:a0:27:d7:e5:2d:f8:31:7d:
e6:c6:ae:8f:70:76:a8:18:c1:e2:cd:f6:15:43:b1:4f:5e:a1:
c4:e3:ff:44:4e:dc:fc:fb:7b:4c:d3:e7:a7:ba:b2:8a:e4:83:
42:6f:f1:75:78:f9:ba:6e:57:6d:6b:f6:26:5c:06:5d:85:42:
cb:9a:ea:e7
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSQEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDEw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDJCQkI1OTQ0RDgzRTI3
OTdBMTlBMzYyMUZCM0IwREUwMkIzRTkyOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOTI5H4hKKVyRH0yFD/KZc+IysNbGuTHMFuUgM4B00v7GEP/fz
6mEOP4M2uKeWw2kyudb3VEY0VH6FxSp+KpNOGiOBwDINwDsKPaBeDJAGkH5W7ISd
aD+wolzl7gEDV9jHHSO9FDkpDv30aLgY9DiEI0AoL0m5M3HHvrYkEM9gJloP/tUq
aGTEHV+M6CRO49QPg3X7SpKNIbXLJ/zDz65bGwlqtNOXuUxLQwXNCuxQp0beHbMl
jQ/3bGugmqrI2uUDacRTzuECovS9g0HR2tRpSa1mRXQOA4myRbXIlKy0MSlbwtx8
DHLGdvXOmVP/SP97PN0BS0d+QwgQX4j9KLotAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUK7tZRNg+J5ehmjYh+zsN4Cs+kp8wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LN3RaUk5nLUo1ZWhtalloLXpzTjRDcy1rcDgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA4wDQYJKoZIhvcNAQELBQADggEB
AGMcr1sD7qlRjbvsn21/Ny+JAwAb4++iq1sjGGrwidvaBvRZJb/m13dGe1iJwxvv
M9CqlMxkGH7jfBjNlDW4wr2QjCVTf6uqgPVOUXO9F6QW/WxgtXHjUxsOndu3yEGK
0SCxQQXF09blwNMk7UQ3cefjvryg04keaq3W3yRKAheVLghLHfID1r0bokixnXSJ
G2nT8iFyxF6s9RWUwSh1JlASiRBYrElKLGQ9QPkcOWXxYMZInzKlpBeg4c337eKg
J9flLfgxfebGro9wdqgYweLN9hVDsU9eocTj/0RO3Pz7e0zT56e6sorkg0Jv8XV4
+bpuV21r9iZcBl2FQsua6uc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org