Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/NhZxahljzdM488I8xkMEq5oC0OA.roa
File: NhZxahljzdM488I8xkMEq5oC0OA.roa (raw, json)
Hash identifier: Xm+EXEvllv+IZhGH5PBlJmB3+4tTgYLDhQq+Z30ozr4=
Subject key identifier: 36:16:71:6A:19:63:CD:D3:38:F3:C2:3C:C6:43:04:AB:9A:02:D0:E0
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 486E
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NhZxahljzdM488I8xkMEq5oC0OA.roa
Signing time: Sun 22 May 2022 00:30:09 +0000
ROA not before: Sun 22 May 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18542 (0x486e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 22 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=3616716A1963CDD338F3C23CC64304AB9A02D0E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e6:35:8d:30:4a:fa:21:1f:e8:0b:5b:45:34:
0e:92:eb:f9:91:7e:60:50:f8:19:39:0f:96:b9:28:
6a:a5:fe:57:ba:19:e6:6d:be:fd:84:4b:7c:09:ee:
7c:3c:cf:31:73:9e:c3:b7:eb:73:06:82:0d:43:b7:
fe:80:65:a0:c7:06:2e:8e:0f:df:86:c0:1b:e3:3c:
cd:54:d3:c1:9a:bd:4e:ca:71:f6:40:d5:ff:cb:3a:
88:12:ae:fc:b1:bd:9e:fe:64:4b:86:65:b7:d1:c5:
b0:75:e3:31:6d:09:50:91:6f:b3:58:3a:74:e9:30:
c0:10:9c:b9:8b:de:b2:ee:36:8b:50:5c:01:ac:06:
c4:46:ad:b8:20:c0:97:b4:a3:cb:d0:02:83:3a:ab:
95:f9:6f:a4:c1:d1:db:f7:b0:04:0b:f3:ff:ca:a7:
4c:e1:92:3c:e2:ad:35:ed:f9:81:f9:03:2c:9d:e4:
7f:0a:97:4e:3e:c8:4c:a3:93:c5:40:65:e3:b0:18:
6f:57:89:66:56:c9:57:85:56:a9:c6:a5:38:a8:e7:
c8:51:5a:06:65:33:6a:0e:e9:1c:a0:c8:b8:a0:99:
f7:56:ea:5f:5d:61:08:91:9f:ab:32:09:b1:fa:45:
e9:b7:d9:78:fd:28:40:13:6d:74:33:7e:bc:e6:06:
69:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:16:71:6A:19:63:CD:D3:38:F3:C2:3C:C6:43:04:AB:9A:02:D0:E0
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NhZxahljzdM488I8xkMEq5oC0OA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
22:07:9c:30:70:63:de:d0:a1:8e:7a:24:91:23:7d:60:b8:8e:
77:9b:8d:06:8f:5e:55:20:65:b2:11:f8:43:37:bc:70:0c:a2:
c1:aa:5e:77:1b:21:63:2a:15:66:7b:8e:59:f4:df:36:8e:34:
9c:7d:98:50:c6:d5:12:43:c8:cd:a2:6c:24:73:60:9e:d6:bb:
84:81:d2:56:1a:11:fb:af:2e:bb:e0:27:5a:7a:bc:12:66:88:
22:4a:bc:a1:a8:c4:be:62:34:84:9a:b2:c2:42:c6:83:cd:4f:
86:e2:24:7f:b3:63:12:00:b5:0a:bd:48:f2:fa:6b:1f:c5:f6:
a3:8e:c4:c6:94:60:48:71:af:5e:74:d6:e4:a4:30:51:0d:e9:
f4:4d:7a:3d:c3:ff:d1:9a:a2:81:23:37:4c:0a:4d:62:ae:93:
ef:94:1f:a0:b4:e7:81:da:18:1f:aa:fb:34:3a:48:fb:45:aa:
7a:d9:5a:e8:8d:ea:3d:cf:1b:84:db:c8:4a:21:a0:10:81:2e:
1e:e7:79:b4:7f:f1:4d:c9:86:70:87:1a:d0:52:1f:16:f0:7a:
4d:cf:27:75:3d:39:f2:36:6a:cc:82:83:3a:ae:39:13:f0:b9:
a6:ff:7d:50:0c:e1:c8:f2:40:58:e8:5d:46:b0:bd:ed:71:da:
af:2f:04:f7
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSG4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MjIw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDM2MTY3MTZBMTk2M0NE
RDMzOEYzQzIzQ0M2NDMwNEFCOUEwMkQwRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDY5jWNMEr6IR/oC1tFNA6S6/mRfmBQ+Bk5D5a5KGql/le6GeZt
vv2ES3wJ7nw8zzFznsO363MGgg1Dt/6AZaDHBi6OD9+GwBvjPM1U08GavU7KcfZA
1f/LOogSrvyxvZ7+ZEuGZbfRxbB14zFtCVCRb7NYOnTpMMAQnLmL3rLuNotQXAGs
BsRGrbggwJe0o8vQAoM6q5X5b6TB0dv3sAQL8//Kp0zhkjzirTXt+YH5Ayyd5H8K
l04+yEyjk8VAZeOwGG9XiWZWyVeFVqnGpTio58hRWgZlM2oO6RygyLigmfdW6l9d
YQiRn6syCbH6Rem32Xj9KEATbXQzfrzmBmkTAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUNhZxahljzdM488I8xkMEq5oC0OAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9OaFp4YWhsanpkTTQ4OEk4eGtNRXE1b0MwT0Eucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
ACIHnDBwY97QoY56JJEjfWC4jnebjQaPXlUgZbIR+EM3vHAMosGqXncbIWMqFWZ7
jln03zaONJx9mFDG1RJDyM2ibCRzYJ7Wu4SB0lYaEfuvLrvgJ1p6vBJmiCJKvKGo
xL5iNISassJCxoPNT4biJH+zYxIAtQq9SPL6ax/F9qOOxMaUYEhxr1501uSkMFEN
6fRNej3D/9GaooEjN0wKTWKuk++UH6C054HaGB+q+zQ6SPtFqnrZWuiN6j3PG4Tb
yEohoBCBLh7nebR/8U3JhnCHGtBSHxbwek3PJ3U9OfI2asyCgzquORPwuab/fVAM
4cjyQFjoXUawve1x2q8vBPc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org