Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/K98JiugdAqaxgORGnrA5B06kKM0.roa
File: K98JiugdAqaxgORGnrA5B06kKM0.roa (raw, json)
Hash identifier: 7CKIBztjAiurNNl4eqBOdroxrKhjXHRrD6kDhaxKA/8=
Subject key identifier: 2B:DF:09:8A:E8:1D:02:A6:B1:80:E4:46:9E:B0:39:07:4E:A4:28:CD
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 42F9
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/K98JiugdAqaxgORGnrA5B06kKM0.roa
Signing time: Fri 11 Feb 2022 00:30:06 +0000
ROA not before: Fri 11 Feb 2022 00:30:06 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17145 (0x42f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 11 00:30:06 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=2BDF098AE81D02A6B180E4469EB039074EA428CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1c:b0:c1:9c:e5:72:c1:dc:90:e0:14:cc:df:
6b:01:36:ea:68:78:b8:df:04:b5:1a:c2:3c:79:6e:
1c:33:a7:a8:2d:dc:d4:d5:5e:c1:1a:ce:92:7f:69:
2a:26:33:ca:26:75:15:b1:d6:71:dd:6a:00:d8:99:
e2:34:6a:43:79:c6:63:c1:87:9d:34:27:3f:86:cf:
78:05:60:2c:ee:bc:4a:c1:db:d2:d4:53:b2:7f:6d:
c2:de:63:47:de:f1:4e:bd:bf:d1:8c:4d:40:09:3e:
a9:78:97:8c:e2:21:c1:36:15:5c:3e:a8:39:ae:43:
d9:2e:aa:9d:d1:e9:7d:cc:a7:f3:65:ca:8c:b9:f2:
7d:50:8e:92:21:69:75:67:66:62:4d:6b:9f:b3:73:
9a:72:93:c1:be:d5:99:de:55:8e:b1:1c:0e:2c:0b:
aa:c8:37:84:ef:82:82:82:a3:88:e9:ba:97:e4:66:
9d:f3:00:c2:66:7e:b7:55:b6:47:8a:18:14:72:ac:
fa:85:c4:aa:b8:08:9e:fc:1d:84:08:84:83:bf:1f:
7a:a2:18:f7:f4:04:3c:0b:ca:35:95:ee:39:2a:7a:
d3:ed:ea:14:57:65:c7:38:0d:20:cf:fa:52:b6:f8:
d3:08:25:19:8b:7f:13:34:50:42:44:83:8f:38:18:
85:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:DF:09:8A:E8:1D:02:A6:B1:80:E4:46:9E:B0:39:07:4E:A4:28:CD
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/K98JiugdAqaxgORGnrA5B06kKM0.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:f3:ef:ba:71:4f:6c:05:29:7d:14:fb:f6:31:24:f4:12:02:
45:46:b3:9c:9e:de:72:bc:7a:3b:52:39:fe:85:00:11:e9:a4:
c6:01:d0:cb:81:8d:ce:98:a8:e8:f3:b6:84:4b:31:b6:f6:97:
85:bb:30:df:0c:56:71:18:60:96:15:75:87:dd:a9:eb:31:20:
dd:c8:7d:ba:f7:4a:80:63:78:30:74:24:76:a3:8d:37:02:a4:
4d:ff:30:d3:9b:07:2e:e5:9a:a4:aa:d7:ce:32:94:47:fb:d2:
18:e7:f8:ae:ce:df:2c:c1:fa:52:2b:ee:48:11:60:63:5f:a2:
95:d9:3f:7d:4d:56:38:7e:30:03:e2:c3:c6:46:f3:c3:a6:c1:
a8:ff:cf:29:75:3c:4e:d5:a3:69:63:50:47:71:01:27:b5:3e:
73:8a:eb:38:8e:9d:66:0c:15:44:78:97:48:4e:b1:53:61:5f:
b2:91:92:2a:fc:f1:ff:d6:cd:13:ad:23:5a:5c:b5:fc:42:37:
a1:e5:03:42:67:76:0c:8d:9e:20:87:f4:7e:d0:51:f7:f1:80:
07:99:74:9e:d3:00:31:7f:e5:4d:56:5d:57:bf:90:dd:e8:9d:
d1:33:17:cd:b9:ce:6c:f7:c1:8c:8b:63:68:7c:65:cb:6b:27:
f6:fc:ee:f0
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQvkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTEw
MDMwMDZaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDJCREYwOThBRTgxRDAy
QTZCMTgwRTQ0NjlFQjAzOTA3NEVBNDI4Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpHLDBnOVywdyQ4BTM32sBNupoeLjfBLUawjx5bhwzp6gt3NTV
XsEazpJ/aSomM8omdRWx1nHdagDYmeI0akN5xmPBh500Jz+Gz3gFYCzuvErB29LU
U7J/bcLeY0fe8U69v9GMTUAJPql4l4ziIcE2FVw+qDmuQ9kuqp3R6X3Mp/Nlyoy5
8n1QjpIhaXVnZmJNa5+zc5pyk8G+1ZneVY6xHA4sC6rIN4TvgoKCo4jpupfkZp3z
AMJmfrdVtkeKGBRyrPqFxKq4CJ78HYQIhIO/H3qiGPf0BDwLyjWV7jkqetPt6hRX
Zcc4DSDP+lK2+NMIJRmLfxM0UEJEg484GIWzAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUK98JiugdAqaxgORGnrA5B06kKM0wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LOThKaXVnZEFxYXhnT1JHbnJBNUIwNmtLTTAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
AI/z77pxT2wFKX0U+/YxJPQSAkVGs5ye3nK8ejtSOf6FABHppMYB0MuBjc6YqOjz
toRLMbb2l4W7MN8MVnEYYJYVdYfdqesxIN3Ifbr3SoBjeDB0JHajjTcCpE3/MNOb
By7lmqSq184ylEf70hjn+K7O3yzB+lIr7kgRYGNfopXZP31NVjh+MAPiw8ZG88Om
waj/zyl1PE7Vo2ljUEdxASe1PnOK6ziOnWYMFUR4l0hOsVNhX7KRkir88f/WzROt
I1pctfxCN6HlA0JndgyNniCH9H7QUffxgAeZdJ7TADF/5U1WXVe/kN3ondEzF825
zmz3wYyLY2h8ZctrJ/b87vA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org