Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/NmXQrgPPA6pcZufMtLuMRbAD-O8.roa
File: NmXQrgPPA6pcZufMtLuMRbAD-O8.roa (raw, json)
Hash identifier: SlwyRzt0QTVqow2pOnKEmY2MySADCtR0W7uxNn4K6Rk=
Subject key identifier: 36:65:D0:AE:03:CF:03:AA:5C:66:E7:CC:B4:BB:8C:45:B0:03:F8:EF
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 48E9
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NmXQrgPPA6pcZufMtLuMRbAD-O8.roa
Signing time: Tue 31 May 2022 00:30:07 +0000
ROA not before: Tue 31 May 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18665 (0x48e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 31 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=3665D0AE03CF03AA5C66E7CCB4BB8C45B003F8EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8a:86:7f:37:82:e1:a9:6d:82:f9:85:a4:09:
1b:8a:08:5c:23:cf:9a:56:64:d8:ef:80:8e:22:bc:
59:44:47:25:83:7d:4f:f9:c5:3a:c2:6c:91:43:4f:
5b:2a:3a:05:8e:71:75:51:3a:24:c9:58:ba:98:f9:
38:31:e0:2d:c9:1e:97:51:0c:1d:ac:c3:6b:d9:bf:
74:49:38:d9:b7:d1:2a:5c:5c:df:25:5f:cd:e5:d3:
54:ea:63:d9:7a:8d:83:91:4b:2e:ed:48:57:a8:e8:
5f:72:3c:b1:e1:06:a2:ae:54:de:ed:d7:b7:4e:fc:
4d:2b:c6:9c:34:01:45:da:4a:ac:7b:8c:5b:67:7c:
55:87:42:d6:b8:df:a8:3d:9b:11:45:37:fc:c5:52:
01:d8:0a:06:a3:b6:0a:59:cd:1b:ce:de:90:af:c4:
36:8b:13:81:8a:4c:60:48:c9:28:ce:1f:ac:7a:63:
21:d3:c1:82:f8:27:37:57:c3:0d:ca:d3:40:71:6d:
ae:2a:86:fc:fa:c9:f1:81:2c:02:c6:d7:6d:15:7c:
77:aa:7a:de:0f:69:1f:76:a8:e8:4f:d9:5e:ea:5f:
fc:81:6b:be:21:bb:22:96:e0:60:13:fe:37:d7:d4:
d9:1d:59:c4:b3:e6:ff:50:d7:87:a6:f3:dd:4e:82:
af:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:65:D0:AE:03:CF:03:AA:5C:66:E7:CC:B4:BB:8C:45:B0:03:F8:EF
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NmXQrgPPA6pcZufMtLuMRbAD-O8.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
29:c5:08:99:f5:55:00:c2:f7:ad:57:65:0a:f3:b6:1d:e8:95:
e6:73:68:6e:cd:9a:ee:4f:b1:fc:1d:78:95:e0:6e:b8:e8:52:
eb:4d:5a:f2:78:7f:45:f9:11:1f:10:f5:22:aa:ab:3e:ad:19:
50:f6:ec:5e:c6:3d:9b:62:f7:34:de:75:68:de:ac:8c:7b:7d:
08:b8:7b:5f:f9:ce:c0:55:7d:61:66:ca:04:6a:c5:f4:1a:e3:
df:a1:2c:6e:60:e7:10:23:d1:5b:9b:e3:e3:65:00:e1:d1:cd:
bd:bb:4b:9a:a4:68:a0:b8:46:66:ba:88:74:40:bc:cb:b4:38:
1d:08:0b:e1:76:b0:8d:ab:a0:80:22:6b:9d:6a:78:7c:1a:ee:
34:35:7c:36:b5:65:4e:8e:b1:ee:96:8f:fc:0e:67:7b:70:08:
d2:1b:af:c1:89:d4:da:ae:53:37:f4:9c:21:56:04:77:2f:7d:
d3:6c:a8:99:84:20:1e:4a:b7:54:07:d8:1d:a0:3f:1a:88:d6:
b9:6a:d6:1d:ab:ae:e1:3d:4e:1d:69:4b:aa:ce:72:b3:44:56:
1e:6a:55:55:7e:c4:c6:7a:80:3e:ad:c1:8d:19:04:60:e4:db:
03:33:7b:31:d9:0b:ca:9e:30:3b:b0:cc:17:6b:ba:e3:81:cd:
38:f5:23:f5
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSOkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MzEw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDM2NjVEMEFFMDNDRjAz
QUE1QzY2RTdDQ0I0QkI4QzQ1QjAwM0Y4RUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+ioZ/N4LhqW2C+YWkCRuKCFwjz5pWZNjvgI4ivFlERyWDfU/5
xTrCbJFDT1sqOgWOcXVROiTJWLqY+Tgx4C3JHpdRDB2sw2vZv3RJONm30SpcXN8l
X83l01TqY9l6jYORSy7tSFeo6F9yPLHhBqKuVN7t17dO/E0rxpw0AUXaSqx7jFtn
fFWHQta436g9mxFFN/zFUgHYCgajtgpZzRvO3pCvxDaLE4GKTGBIySjOH6x6YyHT
wYL4JzdXww3K00Bxba4qhvz6yfGBLALG120VfHeqet4PaR92qOhP2V7qX/yBa74h
uyKW4GAT/jfX1NkdWcSz5v9Q14em891Ogq/1AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUNmXQrgPPA6pcZufMtLuMRbAD+O8wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ObVhRcmdQUEE2cGNadWZNdEx1TVJiQUQtTzgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
ACnFCJn1VQDC961XZQrzth3oleZzaG7Nmu5PsfwdeJXgbrjoUutNWvJ4f0X5ER8Q
9SKqqz6tGVD27F7GPZti9zTedWjerIx7fQi4e1/5zsBVfWFmygRqxfQa49+hLG5g
5xAj0Vub4+NlAOHRzb27S5qkaKC4Rma6iHRAvMu0OB0IC+F2sI2roIAia51qeHwa
7jQ1fDa1ZU6Ose6Wj/wOZ3twCNIbr8GJ1NquUzf0nCFWBHcvfdNsqJmEIB5Kt1QH
2B2gPxqI1rlq1h2rruE9Th1pS6rOcrNEVh5qVVV+xMZ6gD6twY0ZBGDk2wMzezHZ
C8qeMDuwzBdruuOBzTj1I/U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org