Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/KDQHydUIbVUyz6H4XKq1l_JB7pA.roa
File: KDQHydUIbVUyz6H4XKq1l_JB7pA.roa (raw, json)
Hash identifier: 5S4whd4i/tkQwW8vt89ncZBwIJoEoy+guA3L9gq6vTw=
Subject key identifier: 28:34:07:C9:D5:08:6D:55:32:CF:A1:F8:5C:AA:B5:97:F2:41:EE:90
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4791
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KDQHydUIbVUyz6H4XKq1l_JB7pA.roa
Signing time: Fri 06 May 2022 00:30:08 +0000
ROA not before: Fri 06 May 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18321 (0x4791)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 6 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=283407C9D5086D5532CFA1F85CAAB597F241EE90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0d:da:5a:8f:6d:df:82:4a:fc:cc:80:00:70:
47:ef:59:b3:19:61:5e:d8:50:35:68:b2:e5:49:7d:
be:09:bb:c4:b9:65:5e:91:68:37:13:50:bc:4c:58:
50:c8:58:1d:56:bd:75:c3:84:95:57:d1:76:c2:bf:
10:a0:0b:f7:55:46:73:60:21:db:50:94:71:46:e5:
5b:bb:7c:c5:4c:ab:25:d1:4b:02:e1:87:23:e3:d9:
4d:ce:c4:ed:4a:29:25:b2:c9:d0:a5:3c:c5:69:2a:
d8:2c:2f:3b:cf:2d:94:54:b7:65:63:ac:bf:bd:78:
df:0d:9e:01:8b:92:8d:d0:03:87:93:ad:05:91:f0:
6d:06:8d:15:d8:5e:d4:f4:87:8b:23:2c:66:50:11:
ac:62:bd:62:61:d8:d7:c8:3b:db:b4:52:98:6f:23:
da:cf:1e:3d:c0:c4:0e:80:21:9d:c4:06:55:0b:14:
47:e5:5d:51:35:07:50:87:26:60:44:00:b6:31:e8:
16:34:64:e4:fc:12:c8:ae:fd:08:09:2d:3c:a2:d5:
42:c3:bf:2b:c4:41:d2:e9:71:13:b4:7e:17:ff:df:
49:cb:a8:67:2b:ab:a5:85:9e:94:6c:e4:b3:3e:e2:
d8:3f:91:d7:34:01:3a:4e:48:a4:e8:65:1f:81:d7:
0e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:34:07:C9:D5:08:6D:55:32:CF:A1:F8:5C:AA:B5:97:F2:41:EE:90
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KDQHydUIbVUyz6H4XKq1l_JB7pA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
91:9e:08:f7:bf:8a:26:b4:a0:0f:7f:15:11:22:9e:f1:8d:c2:
ec:bb:87:87:ab:97:bd:9c:43:ef:80:c5:bf:8c:93:65:cf:ff:
7b:be:99:87:03:31:f1:a0:ed:d0:0a:78:f4:5e:12:0e:b0:bf:
dd:31:8b:f3:ad:f5:b9:0e:5a:ad:16:86:d2:a9:bf:31:5a:de:
20:e2:cf:86:99:1a:aa:4b:e6:ac:c5:13:7c:7c:e5:75:bb:a6:
47:48:08:bb:ba:81:31:bd:81:22:d3:1a:16:1a:cb:76:09:cb:
fc:0f:9c:28:60:f6:cb:2e:3b:6f:59:fd:5e:e0:04:58:e6:97:
bb:c3:35:7c:1a:b4:cb:f6:4b:0c:fb:44:2e:0c:a1:86:d8:91:
ac:4d:b6:a0:95:ea:81:cd:63:12:dd:00:5e:72:85:4b:d7:cf:
dd:61:a5:53:00:9c:c0:3f:18:94:96:ec:fb:07:49:36:86:be:
04:9c:6f:b5:ff:04:5c:b5:1d:e0:6c:27:ef:88:ac:a4:c7:a3:
8d:9f:ed:66:72:ec:cb:cf:94:18:d4:ea:28:c1:dd:37:bb:89:
39:ab:a6:e0:88:19:86:d0:34:dd:9a:bf:e4:84:bd:f9:b8:eb:
69:3b:31:d3:09:71:33:47:6c:cc:7b:43:f3:54:f4:e9:68:cd:
0d:c9:4c:28
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR5EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MDYw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDI4MzQwN0M5RDUwODZE
NTUzMkNGQTFGODVDQUFCNTk3RjI0MUVFOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClDdpaj23fgkr8zIAAcEfvWbMZYV7YUDVosuVJfb4Ju8S5ZV6R
aDcTULxMWFDIWB1WvXXDhJVX0XbCvxCgC/dVRnNgIdtQlHFG5Vu7fMVMqyXRSwLh
hyPj2U3OxO1KKSWyydClPMVpKtgsLzvPLZRUt2VjrL+9eN8NngGLko3QA4eTrQWR
8G0GjRXYXtT0h4sjLGZQEaxivWJh2NfIO9u0UphvI9rPHj3AxA6AIZ3EBlULFEfl
XVE1B1CHJmBEALYx6BY0ZOT8Esiu/QgJLTyi1ULDvyvEQdLpcRO0fhf/30nLqGcr
q6WFnpRs5LM+4tg/kdc0ATpOSKToZR+B1w6zAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUKDQHydUIbVUyz6H4XKq1l/JB7pAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LRFFIeWRVSWJWVXl6Nkg0WEtxMWxfSkI3cEEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AJGeCPe/iia0oA9/FREinvGNwuy7h4erl72cQ++Axb+Mk2XP/3u+mYcDMfGg7dAK
ePReEg6wv90xi/Ot9bkOWq0WhtKpvzFa3iDiz4aZGqpL5qzFE3x85XW7pkdICLu6
gTG9gSLTGhYay3YJy/wPnChg9ssuO29Z/V7gBFjml7vDNXwatMv2Swz7RC4MoYbY
kaxNtqCV6oHNYxLdAF5yhUvXz91hpVMAnMA/GJSW7PsHSTaGvgScb7X/BFy1HeBs
J++IrKTHo42f7WZy7MvPlBjU6ijB3Te7iTmrpuCIGYbQNN2av+SEvfm462k7MdMJ
cTNHbMx7Q/NU9OlozQ3JTCg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org