Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/KYNvcvEKs3ePKbdGsjI65ZVAa6g.roa
File: KYNvcvEKs3ePKbdGsjI65ZVAa6g.roa (raw, json)
Hash identifier: evMuK0jzfQuBYdrhu5QpHcFCVgtq1/4VnLaLIHyZfbA=
Subject key identifier: 29:83:6F:72:F1:0A:B3:77:8F:29:B7:46:B2:32:3A:E5:95:40:6B:A8
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 455D
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KYNvcvEKs3ePKbdGsjI65ZVAa6g.roa
Signing time: Sun 27 Mar 2022 00:30:08 +0000
ROA not before: Sun 27 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17757 (0x455d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 27 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=29836F72F10AB3778F29B746B2323AE595406BA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4e:b9:f2:51:3f:0e:73:3c:d2:8f:4a:5f:2e:
9c:b6:c5:bf:8d:ff:a2:6e:2c:0f:92:92:3a:38:19:
e4:9e:ce:c4:cc:e5:25:2e:85:fc:fd:99:b0:b3:8e:
07:12:06:e9:fe:e1:85:a5:39:90:eb:7a:b1:59:36:
02:1b:92:93:8b:78:b0:95:98:46:14:54:01:85:87:
12:55:83:32:24:af:df:8c:0b:a5:a4:4e:24:45:90:
f4:b6:70:54:36:24:1f:8a:9a:19:1e:4f:32:8f:6b:
5e:18:04:42:2a:0f:58:22:f5:6c:91:64:2c:bf:65:
ad:be:b4:a6:2c:01:c9:ac:5c:42:00:ee:45:92:c9:
58:16:07:1f:be:77:46:ef:69:f4:0a:b0:ac:82:ab:
21:29:23:a2:0b:07:61:74:94:00:1c:90:9f:b4:a8:
11:e1:50:2e:fa:c6:2b:45:fa:d6:e1:e3:b9:90:4b:
10:eb:a9:16:00:46:e3:d1:2b:84:60:f5:b4:b3:d4:
17:18:79:b3:17:b6:f1:d3:e1:39:7c:f8:17:69:47:
81:94:ed:be:06:86:fc:a9:a7:e2:d7:76:2d:bc:41:
eb:27:e4:99:a2:f6:e5:31:96:1b:e7:45:d2:94:22:
d9:75:7b:82:dc:67:af:75:f2:d0:e2:00:7f:e9:f2:
ff:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:83:6F:72:F1:0A:B3:77:8F:29:B7:46:B2:32:3A:E5:95:40:6B:A8
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KYNvcvEKs3ePKbdGsjI65ZVAa6g.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
68:ca:76:bc:21:fa:21:34:64:36:9d:e9:6f:e3:9e:01:6f:4e:
56:66:ba:c8:0f:46:f4:14:07:aa:a8:fd:bb:cd:97:84:ad:47:
70:47:de:80:de:f4:60:38:b8:54:f8:23:ec:b9:81:72:e0:ec:
8a:ed:42:46:54:4c:a0:dc:1d:ee:48:ef:f9:8c:78:bc:cf:96:
cc:65:e9:aa:94:aa:47:b6:17:36:a5:1e:2c:71:7d:53:ec:0f:
86:4f:ad:cb:38:53:00:6f:ad:dc:97:24:0b:9b:6f:56:06:03:
d6:9e:69:ba:d4:6d:ad:51:1d:52:9b:81:d2:73:9c:df:dc:8f:
4b:0f:1a:34:30:69:0f:15:cb:c9:ae:b8:c9:09:dc:e7:bb:8a:
79:67:6c:bb:d0:a7:2d:26:45:5e:78:82:86:f5:d8:61:84:63:
28:fc:f3:e1:d5:f1:59:00:d5:d8:9d:8a:50:84:a4:a6:01:bb:
6f:51:93:e5:f1:6a:c6:73:c1:ed:01:2b:8c:ea:3c:d9:0f:62:
ce:88:e3:8c:bb:62:73:9e:cf:6d:9a:16:96:60:78:ff:58:3f:
b9:b8:8b:22:b6:82:cc:a4:53:00:3d:e2:b6:61:50:7c:ca:51:
c5:74:9e:46:81:f6:e0:ee:e3:87:f5:42:16:eb:07:7b:4c:fd:
ba:c8:08:54
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjcw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDI5ODM2RjcyRjEwQUIz
Nzc4RjI5Qjc0NkIyMzIzQUU1OTU0MDZCQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQTrnyUT8OczzSj0pfLpy2xb+N/6JuLA+Skjo4GeSezsTM5SUu
hfz9mbCzjgcSBun+4YWlOZDrerFZNgIbkpOLeLCVmEYUVAGFhxJVgzIkr9+MC6Wk
TiRFkPS2cFQ2JB+KmhkeTzKPa14YBEIqD1gi9WyRZCy/Za2+tKYsAcmsXEIA7kWS
yVgWBx++d0bvafQKsKyCqyEpI6ILB2F0lAAckJ+0qBHhUC76xitF+tbh47mQSxDr
qRYARuPRK4Rg9bSz1BcYebMXtvHT4Tl8+BdpR4GU7b4Ghvypp+LXdi28Qesn5Jmi
9uUxlhvnRdKUItl1e4LcZ6918tDiAH/p8v+lAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUKYNvcvEKs3ePKbdGsjI65ZVAa6gwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LWU52Y3ZFS3MzZVBLYmRHc2pJNjVaVkFhNmcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AGjKdrwh+iE0ZDad6W/jngFvTlZmusgPRvQUB6qo/bvNl4StR3BH3oDe9GA4uFT4
I+y5gXLg7IrtQkZUTKDcHe5I7/mMeLzPlsxl6aqUqke2FzalHixxfVPsD4ZPrcs4
UwBvrdyXJAubb1YGA9aeabrUba1RHVKbgdJznN/cj0sPGjQwaQ8Vy8muuMkJ3Oe7
inlnbLvQpy0mRV54gob12GGEYyj88+HV8VkA1didilCEpKYBu29Rk+XxasZzwe0B
K4zqPNkPYs6I44y7YnOez22aFpZgeP9YP7m4iyK2gsykUwA94rZhUHzKUcV0nkaB
9uDu44f1QhbrB3tM/brICFQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org