Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/KnDJCHUl0vCsFm9kbSa7ZweoJ7Y.roa
File: KnDJCHUl0vCsFm9kbSa7ZweoJ7Y.roa (raw, json)
Hash identifier: N8RLTRv/IsyR28pUg/MBJnjsSSVzKvPzeAF/cbm/Q6E=
Subject key identifier: 2A:70:C9:08:75:25:D2:F0:AC:16:6F:64:6D:26:BB:67:07:A8:27:B6
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 456E
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KnDJCHUl0vCsFm9kbSa7ZweoJ7Y.roa
Signing time: Mon 28 Mar 2022 00:30:14 +0000
ROA not before: Mon 28 Mar 2022 00:30:14 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17774 (0x456e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 28 00:30:14 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=2A70C9087525D2F0AC166F646D26BB6707A827B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bd:b9:57:69:74:a1:f4:5d:6a:9e:bb:5d:35:
14:34:8a:a4:0c:e8:8d:4b:7f:78:64:94:d9:e1:7a:
96:66:97:1d:48:6d:06:70:20:ec:c2:14:24:8f:27:
55:47:32:da:22:34:b5:e1:39:37:c6:bc:3b:6f:ac:
45:87:61:35:42:a1:23:98:25:f0:2b:fd:2d:37:07:
5f:e1:8e:a1:17:cc:61:d5:90:00:1d:54:41:95:a8:
46:2f:0d:a8:6c:92:a6:ef:63:0a:64:1f:9c:ad:cf:
29:37:d1:df:cb:43:2d:04:86:0c:db:7a:21:1c:76:
22:45:c8:46:1b:3d:7d:83:c1:95:cc:80:79:ac:7c:
9c:ba:f2:fd:5c:a0:52:82:8e:1b:82:39:81:67:14:
15:b2:9c:db:74:d9:5a:52:b6:89:b8:d8:75:7e:94:
28:c9:db:68:54:4f:24:e4:83:a4:f0:69:dd:ad:d0:
26:02:76:03:b9:46:60:be:59:f8:23:5f:77:c3:8a:
99:3c:c6:68:73:9e:3f:f4:0e:14:e0:f8:5f:a0:60:
38:6c:a2:e3:41:51:41:b7:0a:62:36:96:46:d6:5a:
7b:c3:bf:16:c5:c0:40:ca:b7:b0:79:01:c3:1e:de:
c6:1c:62:29:8d:7c:b8:e8:0d:9b:3d:56:ab:d6:c1:
9e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:70:C9:08:75:25:D2:F0:AC:16:6F:64:6D:26:BB:67:07:A8:27:B6
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/KnDJCHUl0vCsFm9kbSa7ZweoJ7Y.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:4b:6e:e6:ac:19:6e:6c:b8:b1:7f:a7:6c:28:23:f8:95:ec:
8f:72:35:c7:42:d2:7e:de:00:87:c5:54:9a:fe:9b:5c:14:67:
ca:d9:de:7b:71:7e:36:27:98:22:7f:65:a8:d0:58:f9:9e:c8:
a5:10:a6:e9:4c:48:2f:66:e9:f8:98:d0:8d:ee:ad:17:56:d9:
11:41:13:0e:a2:a7:d3:9c:72:08:64:5f:ee:14:c1:e8:3e:88:
95:da:57:b7:f3:ff:7f:c2:12:73:b1:3b:15:d0:22:bf:c1:cc:
1a:f6:73:2a:72:90:7d:86:7d:e1:56:04:5a:40:ed:ea:9f:15:
70:8e:20:b8:99:64:3f:2a:ba:f1:b4:64:03:3b:ef:b3:ad:4c:
ee:86:de:d9:03:ed:24:8a:a0:03:8f:65:a0:7d:bf:0d:8d:13:
80:19:07:4e:30:58:a8:03:06:b8:e1:37:b0:8a:cc:a9:da:fa:
b6:31:1b:42:59:bc:2b:9c:11:e4:88:aa:f8:b9:44:bc:a9:e1:
de:b7:c9:bb:ac:bf:7f:80:64:dd:6d:fa:7e:a1:84:5f:75:90:
f5:49:9b:0e:53:73:83:19:eb:1d:06:7f:7e:cf:8a:06:f8:06:
86:b2:d2:90:92:9e:5d:87:15:a2:08:48:d7:5d:a8:10:b2:fb:
b4:a6:cd:b2
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjgw
MDMwMTRaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDJBNzBDOTA4NzUyNUQy
RjBBQzE2NkY2NDZEMjZCQjY3MDdBODI3QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIvblXaXSh9F1qnrtdNRQ0iqQM6I1Lf3hklNnhepZmlx1IbQZw
IOzCFCSPJ1VHMtoiNLXhOTfGvDtvrEWHYTVCoSOYJfAr/S03B1/hjqEXzGHVkAAd
VEGVqEYvDahskqbvYwpkH5ytzyk30d/LQy0EhgzbeiEcdiJFyEYbPX2DwZXMgHms
fJy68v1coFKCjhuCOYFnFBWynNt02VpStom42HV+lCjJ22hUTyTkg6Twad2t0CYC
dgO5RmC+WfgjX3fDipk8xmhznj/0DhTg+F+gYDhsouNBUUG3CmI2lkbWWnvDvxbF
wEDKt7B5AcMe3sYcYimNfLjoDZs9VqvWwZ5HAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUKnDJCHUl0vCsFm9kbSa7ZweoJ7YwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LbkRKQ0hVbDB2Q3NGbTlrYlNhN1p3ZW9KN1kucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
ACxLbuasGW5suLF/p2woI/iV7I9yNcdC0n7eAIfFVJr+m1wUZ8rZ3ntxfjYnmCJ/
ZajQWPmeyKUQpulMSC9m6fiY0I3urRdW2RFBEw6ip9OccghkX+4Uweg+iJXaV7fz
/3/CEnOxOxXQIr/BzBr2cypykH2GfeFWBFpA7eqfFXCOILiZZD8quvG0ZAM777Ot
TO6G3tkD7SSKoAOPZaB9vw2NE4AZB04wWKgDBrjhN7CKzKna+rYxG0JZvCucEeSI
qvi5RLyp4d63ybusv3+AZN1t+n6hhF91kPVJmw5Tc4MZ6x0Gf37Pigb4Boay0pCS
nl2HFaIISNddqBCy+7SmzbI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org