Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/MP00iHZaTCETAjcFTJyiq64IAFE.roa
File: MP00iHZaTCETAjcFTJyiq64IAFE.roa (raw, json)
Hash identifier: gAjs8PAqQ55ssNFZGvhs4k5d0ezKskh7ZXPun8wfrlA=
Subject key identifier: 30:FD:34:88:76:5A:4C:21:13:02:37:05:4C:9C:A2:AB:AE:08:00:51
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4752
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/MP00iHZaTCETAjcFTJyiq64IAFE.roa
Signing time: Mon 02 May 2022 00:30:07 +0000
ROA not before: Mon 02 May 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18258 (0x4752)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 2 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=30FD3488765A4C21130237054C9CA2ABAE080051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1a:7a:2f:f0:9a:99:75:d8:2e:43:ff:38:1d:
78:96:ec:be:e6:7b:a8:50:7d:d4:a4:b9:3d:ef:01:
da:31:92:eb:28:43:13:4d:22:a1:1c:0a:f1:2e:87:
3f:eb:81:97:55:7a:c5:e8:b3:0a:84:6d:aa:72:e8:
ca:ca:29:a8:71:e9:09:30:ad:29:fc:7a:36:ff:5d:
19:ea:81:c8:18:d2:cd:d0:e0:87:e8:6b:60:f4:5e:
97:84:70:b9:b1:e9:8b:6b:d7:29:32:1c:de:23:d4:
20:08:86:26:a5:bf:68:b4:bd:d6:d7:22:41:50:96:
93:fa:c3:fd:c9:5b:d5:dc:e5:17:5a:0d:ed:c8:1f:
29:d8:c9:ac:15:06:ff:85:e0:c3:d2:db:4a:77:4b:
06:af:82:13:34:d7:57:85:7a:5e:d8:07:11:7c:39:
1a:5c:47:22:7a:1b:5c:1d:81:cd:fc:37:44:95:ad:
ab:ba:d5:78:6e:db:50:5c:34:a3:38:b2:f5:e3:5d:
37:ac:3c:8a:17:1c:ce:64:a1:76:78:84:02:cb:a4:
3f:ad:fb:2c:a7:65:1d:73:05:04:a2:f7:a7:e1:39:
0b:f9:1f:09:c3:cd:3b:b7:2d:6f:63:9e:86:1b:27:
68:92:d9:07:c3:79:e0:e9:58:11:84:15:41:0c:3b:
3e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:FD:34:88:76:5A:4C:21:13:02:37:05:4C:9C:A2:AB:AE:08:00:51
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/MP00iHZaTCETAjcFTJyiq64IAFE.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:f6:e2:26:b9:a7:7e:6d:cc:66:46:4f:78:57:67:7e:a8:4d:
9e:e0:e8:e6:c3:2f:10:a1:43:78:e6:85:58:54:93:ac:38:0a:
96:2c:e1:d8:b4:b9:5f:5e:18:c7:25:a1:04:76:d5:30:9a:f3:
6c:5f:4d:f0:95:ca:95:7a:7f:13:5f:c8:66:24:14:e5:20:e2:
31:c3:7a:64:02:e4:d6:43:13:2b:d1:bd:d7:c0:2c:6b:95:7e:
d3:05:a1:76:df:6a:82:60:ce:b2:5e:c4:06:1c:55:d2:b0:ef:
bc:f1:92:de:80:61:d3:1c:27:3a:3a:01:a4:17:ac:01:65:72:
98:85:fe:d4:c6:35:62:33:33:a4:76:ab:ff:f9:5e:fd:97:34:
fc:d7:64:bc:24:9b:c8:83:e8:60:e0:76:59:de:23:4b:08:0f:
c1:bd:3f:21:ec:23:38:7d:87:bd:11:2c:b0:e3:c5:18:52:43:
14:82:b7:d0:fc:f1:b0:54:f9:ed:40:bd:0a:4a:25:5f:28:8f:
71:a2:d6:a4:85:36:b8:25:4f:c9:44:97:17:b9:bf:6d:31:e9:
79:56:a9:b2:ad:26:6a:a0:c3:b8:92:79:b5:9a:28:49:74:9e:
cd:9c:97:c1:f0:dd:4e:dc:77:a4:77:d0:75:07:21:8f:b6:34:
e1:15:37:34
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR1IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MDIw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDMwRkQzNDg4NzY1QTRD
MjExMzAyMzcwNTRDOUNBMkFCQUUwODAwNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDGnov8JqZddguQ/84HXiW7L7me6hQfdSkuT3vAdoxkusoQxNN
IqEcCvEuhz/rgZdVesXoswqEbapy6MrKKahx6QkwrSn8ejb/XRnqgcgY0s3Q4Ifo
a2D0XpeEcLmx6Ytr1ykyHN4j1CAIhialv2i0vdbXIkFQlpP6w/3JW9Xc5RdaDe3I
HynYyawVBv+F4MPS20p3SwavghM011eFel7YBxF8ORpcRyJ6G1wdgc38N0SVrau6
1Xhu21BcNKM4svXjXTesPIoXHM5koXZ4hALLpD+t+yynZR1zBQSi96fhOQv5HwnD
zTu3LW9jnoYbJ2iS2QfDeeDpWBGEFUEMOz57AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUMP00iHZaTCETAjcFTJyiq64IAFEwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9NUDAwaUhaYVRDRVRBamNGVEp5aXE2NElBRkUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AL324ia5p35tzGZGT3hXZ36oTZ7g6ObDLxChQ3jmhVhUk6w4CpYs4di0uV9eGMcl
oQR21TCa82xfTfCVypV6fxNfyGYkFOUg4jHDemQC5NZDEyvRvdfALGuVftMFoXbf
aoJgzrJexAYcVdKw77zxkt6AYdMcJzo6AaQXrAFlcpiF/tTGNWIzM6R2q//5Xv2X
NPzXZLwkm8iD6GDgdlneI0sID8G9PyHsIzh9h70RLLDjxRhSQxSCt9D88bBU+e1A
vQpKJV8oj3Gi1qSFNrglT8lElxe5v20x6XlWqbKtJmqgw7iSebWaKEl0ns2cl8Hw
3U7cd6R30HUHIY+2NOEVNzQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org