Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Kx8AtxY9XvxwlGKUHK-qyK9nN9o.roa
File: Kx8AtxY9XvxwlGKUHK-qyK9nN9o.roa (raw, json)
Hash identifier: hqMupcfvFmHvu8Wmgv/wSuRBDMyE8rdniVcwPdTCJxs=
Subject key identifier: 2B:1F:00:B7:16:3D:5E:FC:70:94:62:94:1C:AF:AA:C8:AF:67:37:DA
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 48ED
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Kx8AtxY9XvxwlGKUHK-qyK9nN9o.roa
Signing time: Tue 31 May 2022 00:30:08 +0000
ROA not before: Tue 31 May 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18669 (0x48ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 31 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=2B1F00B7163D5EFC709462941CAFAAC8AF6737DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:73:eb:6e:6c:5d:72:26:37:3b:96:5e:e7:d9:
76:4b:05:1d:17:ab:58:b8:7a:d3:34:e1:82:a6:c6:
0f:ef:62:bd:da:fb:0f:e8:7e:41:25:56:6a:00:2b:
17:29:b7:4b:f2:78:1e:1c:07:71:8e:59:74:36:5f:
e6:6b:6b:b1:14:aa:cc:00:3e:a1:58:33:ec:e6:24:
06:91:21:0e:85:af:2c:f8:93:d5:ad:6d:70:16:7d:
aa:f6:e9:07:6c:b9:3e:30:fe:4a:4d:81:63:b1:93:
08:13:c6:51:40:31:c3:49:12:3a:a6:25:1d:84:4d:
1b:2f:32:55:3f:80:fb:4f:9e:e3:07:02:c3:69:7c:
6f:7f:4a:70:11:fd:51:69:e7:3c:34:23:8a:d6:e7:
d8:83:94:77:6f:16:68:d9:d1:f7:ef:c8:c1:9b:47:
5c:e5:49:b9:c3:d8:85:6f:3a:fa:43:a5:ad:1d:e9:
e3:34:6f:49:7a:6b:4a:79:0f:d4:5c:82:02:14:40:
02:a6:d6:6d:86:70:0d:62:d9:17:a0:98:e7:22:67:
ce:64:03:05:92:6e:b9:4f:80:a4:28:cf:94:f2:f3:
82:60:52:64:e5:e7:da:31:08:50:8f:79:d9:67:61:
d9:e1:72:fe:09:89:8d:ba:13:41:0c:17:3a:d8:e3:
73:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:1F:00:B7:16:3D:5E:FC:70:94:62:94:1C:AF:AA:C8:AF:67:37:DA
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Kx8AtxY9XvxwlGKUHK-qyK9nN9o.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
95:bc:fe:64:46:57:bd:8f:6c:9b:e7:ce:3d:24:c3:90:78:5d:
fb:91:05:67:85:19:f1:17:6c:be:ea:dc:84:f4:13:30:67:12:
d8:7b:9a:d0:e1:cb:44:12:9a:af:63:ef:ec:37:08:fa:4d:4a:
cf:e8:9a:1e:a0:c3:b8:38:47:bb:ee:27:bd:39:f3:cd:c8:18:
97:17:7b:01:ec:cb:15:71:89:e3:1d:16:31:97:1e:d8:e7:89:
37:f3:d9:37:99:2a:86:c0:0a:b2:92:99:2f:b9:55:15:68:af:
ba:98:cf:90:a3:b6:ad:fc:80:33:26:0b:54:ec:03:cd:58:1a:
94:ae:f8:57:fd:61:62:30:e9:c8:8c:22:95:26:c0:b3:ac:32:
4c:e4:52:48:88:2d:56:d0:2c:c4:62:0e:39:3f:0b:aa:1f:37:
c2:3e:9a:f3:36:bb:c5:be:9f:7a:0f:3d:38:9f:8f:94:a7:19:
e2:fb:61:3a:35:96:9b:f6:f2:5b:b8:c4:73:fc:8e:a3:3e:59:
96:ac:ee:72:ed:4a:69:50:4e:03:22:b9:c5:dd:16:09:24:57:
1d:4b:52:36:9a:9f:de:20:6b:4e:05:27:07:7b:31:32:10:76:
ab:fa:d8:fe:c4:46:5c:22:1a:33:4b:eb:2e:a8:32:d6:b6:3d:
1f:a3:bc:88
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSO0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MzEw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDJCMUYwMEI3MTYzRDVF
RkM3MDk0NjI5NDFDQUZBQUM4QUY2NzM3REEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtc+tubF1yJjc7ll7n2XZLBR0Xq1i4etM04YKmxg/vYr3a+w/o
fkElVmoAKxcpt0vyeB4cB3GOWXQ2X+Zra7EUqswAPqFYM+zmJAaRIQ6Fryz4k9Wt
bXAWfar26QdsuT4w/kpNgWOxkwgTxlFAMcNJEjqmJR2ETRsvMlU/gPtPnuMHAsNp
fG9/SnAR/VFp5zw0I4rW59iDlHdvFmjZ0ffvyMGbR1zlSbnD2IVvOvpDpa0d6eM0
b0l6a0p5D9RcggIUQAKm1m2GcA1i2RegmOciZ85kAwWSbrlPgKQoz5Ty84JgUmTl
59oxCFCPedlnYdnhcv4JiY26E0EMFzrY43O5AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUKx8AtxY9XvxwlGKUHK+qyK9nN9owHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9LeDhBdHhZOVh2eHdsR0tVSEstcXlLOW5OOW8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AJW8/mRGV72PbJvnzj0kw5B4XfuRBWeFGfEXbL7q3IT0EzBnEth7mtDhy0QSmq9j
7+w3CPpNSs/omh6gw7g4R7vuJ705883IGJcXewHsyxVxieMdFjGXHtjniTfz2TeZ
KobACrKSmS+5VRVor7qYz5Cjtq38gDMmC1TsA81YGpSu+Ff9YWIw6ciMIpUmwLOs
MkzkUkiILVbQLMRiDjk/C6ofN8I+mvM2u8W+n3oPPTifj5SnGeL7YTo1lpv28lu4
xHP8jqM+WZas7nLtSmlQTgMiucXdFgkkVx1LUjaan94ga04FJwd7MTIQdqv62P7E
RlwiGjNL6y6oMta2PR+jvIg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org