Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/NGt_DbmZyzFR31SkJ12IukCezxg.roa
File: NGt_DbmZyzFR31SkJ12IukCezxg.roa (raw, json)
Hash identifier: A+vhrhBwSIaFoyz8P5Y22fztWPNB6/NlcajJd5rFioE=
Subject key identifier: 34:6B:7F:0D:B9:99:CB:31:51:DF:54:A4:27:5D:88:BA:40:9E:CF:18
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 49B0
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NGt_DbmZyzFR31SkJ12IukCezxg.roa
Signing time: Sat 11 Jun 2022 00:30:07 +0000
ROA not before: Sat 11 Jun 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18864 (0x49b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 11 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=346B7F0DB999CB3151DF54A4275D88BA409ECF18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a8:ec:ed:62:85:f7:8c:97:27:26:85:f6:61:
21:be:86:d6:61:df:a0:d2:cf:ea:f5:cf:1a:a3:fd:
b8:08:5e:5d:78:c5:d5:3f:9c:5b:4c:83:f5:50:9d:
b3:49:bf:75:02:3b:05:7a:be:33:4d:67:5c:10:4c:
04:1e:78:46:e8:d9:85:70:24:33:19:57:e5:fa:65:
08:b4:73:e3:cb:f5:cd:a1:9c:8e:0c:f6:4a:b4:c8:
0d:d9:0f:fd:57:c6:ba:b3:86:1b:6d:ce:94:3a:57:
e0:69:f1:1e:a8:e6:9f:86:9b:77:ec:6e:23:67:7e:
94:b9:8f:d8:6e:6f:c3:40:60:7e:99:4e:3b:0e:08:
7a:b8:7f:67:de:15:b0:5d:a8:00:4b:94:43:fe:39:
35:8f:4c:ae:4d:f5:14:52:06:22:83:38:fb:71:3e:
d0:01:f9:69:76:22:7f:c3:47:a1:48:3b:2e:65:06:
cb:1d:c0:ac:e0:e2:98:fb:e2:49:40:70:c0:9a:7c:
ab:df:a2:2e:99:21:f6:18:01:91:01:00:7d:47:6d:
e7:5f:5c:23:36:d8:fb:61:0a:e1:66:34:bb:2f:0b:
31:87:57:30:da:b3:93:42:45:78:e2:e4:f3:3d:4d:
91:2f:28:48:f1:0c:a8:21:13:f1:20:e6:65:84:f0:
29:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:6B:7F:0D:B9:99:CB:31:51:DF:54:A4:27:5D:88:BA:40:9E:CF:18
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NGt_DbmZyzFR31SkJ12IukCezxg.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:2b:73:2e:40:0c:fa:e7:be:19:5b:2b:5c:e7:cb:46:ba:c2:
69:cc:6c:08:fb:39:e0:66:db:86:0c:3a:0b:33:ef:85:11:c1:
b0:27:d6:73:d9:39:0c:9d:a3:51:e6:9d:fb:6a:8a:1b:64:86:
f0:7b:e6:55:4f:aa:f6:6d:18:3d:04:18:d9:c6:d1:ea:55:c1:
79:e8:27:93:8d:7a:1b:da:d2:e2:85:79:07:e4:cb:4d:14:c6:
fc:fc:0e:59:cd:4b:5d:be:6e:a6:f3:8d:12:c4:59:81:d8:df:
ea:28:fb:cd:28:d2:70:13:2a:8c:1a:2e:b6:ad:8d:5b:a7:3a:
c4:ce:bf:f4:ec:75:f6:45:9c:73:ec:bd:5b:d8:e5:22:76:8d:
b7:92:d4:19:e9:fc:9f:22:08:5c:f2:e7:1c:28:22:ac:78:04:
08:39:ff:6b:76:c1:6f:9a:8a:58:38:74:b4:af:3c:a7:0a:fd:
5d:34:7c:a9:6d:70:db:01:3b:14:25:2a:f2:a5:06:c3:f1:4e:
72:94:7d:37:f2:65:19:c1:56:e9:80:9e:62:f2:fb:8d:9d:d9:
33:6f:c7:63:37:aa:e2:34:00:1f:b4:be:cd:c7:de:f6:31:38:
4c:a8:83:f0:93:fd:2b:bf:67:83:64:8d:cf:bb:0e:7a:53:ad:
1a:7b:d8:b5
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSbAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MTEw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDM0NkI3RjBEQjk5OUNC
MzE1MURGNTRBNDI3NUQ4OEJBNDA5RUNGMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+qOztYoX3jJcnJoX2YSG+htZh36DSz+r1zxqj/bgIXl14xdU/
nFtMg/VQnbNJv3UCOwV6vjNNZ1wQTAQeeEbo2YVwJDMZV+X6ZQi0c+PL9c2hnI4M
9kq0yA3ZD/1XxrqzhhttzpQ6V+Bp8R6o5p+Gm3fsbiNnfpS5j9hub8NAYH6ZTjsO
CHq4f2feFbBdqABLlEP+OTWPTK5N9RRSBiKDOPtxPtAB+Wl2In/DR6FIOy5lBssd
wKzg4pj74klAcMCafKvfoi6ZIfYYAZEBAH1HbedfXCM22PthCuFmNLsvCzGHVzDa
s5NCRXji5PM9TZEvKEjxDKghE/Eg5mWE8Cn7AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUNGt/DbmZyzFR31SkJ12IukCezxgwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9OR3RfRGJtWnl6RlIzMVNrSjEySXVrQ2V6eGcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
AF8rcy5ADPrnvhlbK1zny0a6wmnMbAj7OeBm24YMOgsz74URwbAn1nPZOQydo1Hm
nftqihtkhvB75lVPqvZtGD0EGNnG0epVwXnoJ5ONehva0uKFeQfky00Uxvz8DlnN
S12+bqbzjRLEWYHY3+oo+80o0nATKowaLratjVunOsTOv/TsdfZFnHPsvVvY5SJ2
jbeS1Bnp/J8iCFzy5xwoIqx4BAg5/2t2wW+ailg4dLSvPKcK/V00fKltcNsBOxQl
KvKlBsPxTnKUfTfyZRnBVumAnmLy+42d2TNvx2M3quI0AB+0vs3H3vYxOEyog/CT
/Su/Z4Nkjc+7DnpTrRp72LU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org