Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/LhcaN_KH7zeyzvEoOzRf6MKQOcg.roa
File: LhcaN_KH7zeyzvEoOzRf6MKQOcg.roa (raw, json)
Hash identifier: kn7U5lrXCrxNKJUQdKtgm7vVqrjPL8WCHe4vihf7sAI=
Subject key identifier: 2E:17:1A:37:F2:87:EF:37:B2:CE:F1:28:3B:34:5F:E8:C2:90:39:C8
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4299
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/LhcaN_KH7zeyzvEoOzRf6MKQOcg.roa
Signing time: Fri 04 Feb 2022 00:30:07 +0000
ROA not before: Fri 04 Feb 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17049 (0x4299)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 4 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=2E171A37F287EF37B2CEF1283B345FE8C29039C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2f:e9:bf:af:bf:f4:3b:67:0a:43:ba:60:ca:
10:4b:d4:6e:f6:b0:70:42:0a:bf:71:7f:a2:86:e4:
58:0c:95:fc:f0:2d:a3:81:c8:2a:dd:b4:26:14:93:
6a:0e:f0:18:9f:27:c7:85:51:23:10:38:e0:d1:b6:
b5:23:c8:85:9b:c0:d6:c4:ac:92:b0:2c:58:8f:5a:
95:fb:ab:a7:b6:71:32:cd:e7:0b:f4:90:a4:2f:4e:
7a:c5:17:26:3f:16:31:9e:ec:66:e9:89:36:8b:58:
f9:34:22:f8:24:35:77:a6:58:aa:3a:d5:69:71:3e:
30:53:7c:9b:99:db:a1:44:5f:74:ba:fe:34:3c:82:
3c:ea:91:cd:b3:6a:cf:e1:3c:8a:28:69:5b:7d:65:
a1:44:ae:34:3e:dd:69:40:1c:9d:00:ea:91:96:d2:
a2:d7:a6:ab:ae:50:ae:2d:31:dd:fb:e7:b8:e6:06:
e3:57:d8:04:bf:21:bb:b9:42:a6:44:3e:3c:24:e3:
f3:c5:7f:89:c3:1d:d7:69:13:9e:a4:11:ec:69:25:
af:e9:d2:dd:fe:8a:52:30:77:c9:a2:be:03:66:30:
ee:eb:9d:c0:eb:e1:17:9f:e6:14:e2:ff:ba:7d:74:
1b:b3:aa:d9:80:2a:fc:47:92:74:35:76:b7:2f:07:
20:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:17:1A:37:F2:87:EF:37:B2:CE:F1:28:3B:34:5F:E8:C2:90:39:C8
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/LhcaN_KH7zeyzvEoOzRf6MKQOcg.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
95:ce:fb:ec:f6:a5:ef:61:43:12:48:8e:8a:91:e4:a8:a2:14:
b5:f3:43:b6:34:51:3a:f0:02:9b:04:90:9d:c3:7e:2a:29:c3:
50:62:5b:59:ed:d1:a6:1a:0f:1e:4e:57:e2:d2:cb:f3:d4:e6:
65:b1:df:f2:49:7c:ed:41:08:5b:51:e5:e2:f1:13:97:96:72:
10:9d:b8:7a:3c:b0:c2:6d:33:14:b8:01:62:da:97:66:53:60:
bf:2b:64:52:94:d3:50:4a:4f:8b:56:12:dc:20:bf:65:c8:0b:
b4:e0:59:56:64:6c:b8:61:e7:58:18:8d:66:d5:46:8d:4a:97:
2b:6a:71:aa:68:b7:ce:7d:c4:08:d8:4e:0d:3e:47:e4:9b:1b:
a0:b3:31:ad:ac:68:95:34:8a:a9:d4:3f:bd:9a:26:ab:f9:ed:
01:97:b9:d4:64:67:86:90:f5:94:49:31:27:05:da:03:89:1e:
8d:f9:be:f4:b6:bd:9f:87:14:0b:af:de:fa:6f:bd:66:56:ef:
1a:92:16:8d:50:9f:15:ed:31:6e:99:a7:cb:9c:3b:34:a7:95:
ca:ab:31:12:ae:7b:91:8a:9b:09:7a:00:17:b2:f4:47:1d:09:
8c:ad:3f:89:d3:7d:d3:b0:75:4f:dd:ad:c9:f4:15:dc:4d:94:
2f:68:17:13
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQpkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDQw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDJFMTcxQTM3RjI4N0VG
MzdCMkNFRjEyODNCMzQ1RkU4QzI5MDM5QzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBL+m/r7/0O2cKQ7pgyhBL1G72sHBCCr9xf6KG5FgMlfzwLaOB
yCrdtCYUk2oO8BifJ8eFUSMQOODRtrUjyIWbwNbErJKwLFiPWpX7q6e2cTLN5wv0
kKQvTnrFFyY/FjGe7GbpiTaLWPk0IvgkNXemWKo61WlxPjBTfJuZ26FEX3S6/jQ8
gjzqkc2zas/hPIooaVt9ZaFErjQ+3WlAHJ0A6pGW0qLXpquuUK4tMd3757jmBuNX
2AS/Ibu5QqZEPjwk4/PFf4nDHddpE56kEexpJa/p0t3+ilIwd8mivgNmMO7rncDr
4Ref5hTi/7p9dBuzqtmAKvxHknQ1drcvByDZAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQULhcaN/KH7zeyzvEoOzRf6MKQOcgwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9MaGNhTl9LSDd6ZXl6dkVvT3pSZjZNS1FPY2cucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AJXO++z2pe9hQxJIjoqR5KiiFLXzQ7Y0UTrwApsEkJ3Dfiopw1BiW1nt0aYaDx5O
V+LSy/PU5mWx3/JJfO1BCFtR5eLxE5eWchCduHo8sMJtMxS4AWLal2ZTYL8rZFKU
01BKT4tWEtwgv2XIC7TgWVZkbLhh51gYjWbVRo1Klytqcapot859xAjYTg0+R+Sb
G6CzMa2saJU0iqnUP72aJqv57QGXudRkZ4aQ9ZRJMScF2gOJHo35vvS2vZ+HFAuv
3vpvvWZW7xqSFo1QnxXtMW6Zp8ucOzSnlcqrMRKue5GKmwl6ABey9EcdCYytP4nT
fdOwdU/drcn0FdxNlC9oFxM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org