Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/NnqgZbdJFcdbhq2y-HGmXPRG25g.roa
File: NnqgZbdJFcdbhq2y-HGmXPRG25g.roa (raw, json)
Hash identifier: uPi+iVZf7H335D7xUDw+gXjBlHFTWL6Yh9arEHo7n6c=
Subject key identifier: 36:7A:A0:65:B7:49:15:C7:5B:86:AD:B2:F8:71:A6:5C:F4:46:DB:98
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4398
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NnqgZbdJFcdbhq2y-HGmXPRG25g.roa
Signing time: Tue 22 Feb 2022 00:30:11 +0000
ROA not before: Tue 22 Feb 2022 00:30:11 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17304 (0x4398)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 22 00:30:11 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=367AA065B74915C75B86ADB2F871A65CF446DB98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:65:75:92:00:99:37:bd:4a:3f:57:b8:2a:9b:
1b:67:39:c3:24:36:a5:ed:98:2d:18:56:10:c7:ef:
b7:ae:59:77:80:2c:1e:4d:ff:23:7c:da:f0:17:47:
ad:a2:68:ff:91:a3:c8:b0:94:46:5b:39:21:f9:bc:
a0:41:2b:45:e0:a2:70:67:38:e6:b0:e1:b2:1b:bc:
63:94:9b:e7:d1:e9:83:93:01:1d:4a:61:06:75:ae:
bb:06:cc:f9:05:6c:b9:ee:e3:5d:45:d8:ab:b1:8f:
76:e4:50:a2:12:2f:cd:7f:2a:ef:b9:dc:e4:c4:c7:
55:fc:d0:e5:80:6b:ef:f3:15:e2:8f:45:d6:e6:e6:
f3:64:6f:4b:28:1f:a9:90:d6:12:ff:db:57:f4:fb:
be:1a:18:13:33:af:29:9a:18:c3:1c:99:2f:2b:de:
a8:86:e8:3a:2b:13:e5:d1:c0:21:43:35:80:1d:a1:
a4:e2:c2:1e:4b:3e:94:d0:fb:6c:93:fc:b0:30:e2:
c5:fe:0f:8b:f0:1d:f4:74:c5:bf:99:a9:b7:da:59:
0a:eb:1e:4c:be:84:32:b4:55:e1:a8:e4:fd:b1:3a:
29:ce:ce:46:db:5e:f2:e2:98:6e:fa:c3:5f:c4:42:
f4:61:00:e1:c3:a8:72:1a:ba:4c:4a:ee:20:d4:da:
32:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:7A:A0:65:B7:49:15:C7:5B:86:AD:B2:F8:71:A6:5C:F4:46:DB:98
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NnqgZbdJFcdbhq2y-HGmXPRG25g.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:7e:ab:1b:82:b7:ac:e9:ab:2d:ab:ab:de:c1:89:7a:ce:7d:
df:7c:97:5b:e4:2c:3e:f3:fa:3b:d4:0a:fe:90:f7:77:d0:de:
a1:23:fb:fc:c2:97:31:72:e0:a6:a4:6a:f8:19:0c:a5:79:32:
52:2b:59:3f:fc:57:ab:34:2e:4b:78:96:04:3a:71:59:60:52:
2b:ad:d5:d7:53:5e:6c:6c:ae:b6:87:0f:6f:2e:da:6b:39:3f:
32:fe:c5:12:97:d8:45:7f:f7:64:e8:e6:e4:6c:8a:b6:49:1a:
95:f5:de:18:e5:88:e5:e3:e3:b3:55:a8:0a:de:c4:59:19:a2:
16:15:1e:c7:2c:8d:c8:88:98:78:9a:1c:07:a8:66:e6:63:11:
73:68:dc:c8:dc:61:b7:45:97:77:58:a7:0e:4f:bb:88:89:92:
23:ed:cb:f0:c5:25:20:e8:28:cc:03:ad:3c:28:71:61:c6:e6:
b8:8d:d8:ea:47:66:43:06:3e:d9:e7:29:da:b3:23:ee:a3:20:
b8:29:32:99:c1:5e:aa:73:a6:fb:93:b8:c7:16:20:0c:7b:74:
26:fb:56:a9:4d:b2:b4:9b:0e:24:da:8b:e7:e5:52:d2:45:11:
44:a0:16:ad:2f:b8:a1:60:08:d2:ed:dc:3f:a5:15:29:d7:d0:
93:b2:cf:30
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ5gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjIw
MDMwMTFaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDM2N0FBMDY1Qjc0OTE1
Qzc1Qjg2QURCMkY4NzFBNjVDRjQ0NkRCOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzZXWSAJk3vUo/V7gqmxtnOcMkNqXtmC0YVhDH77euWXeALB5N
/yN82vAXR62iaP+Ro8iwlEZbOSH5vKBBK0XgonBnOOaw4bIbvGOUm+fR6YOTAR1K
YQZ1rrsGzPkFbLnu411F2Kuxj3bkUKISL81/Ku+53OTEx1X80OWAa+/zFeKPRdbm
5vNkb0soH6mQ1hL/21f0+74aGBMzrymaGMMcmS8r3qiG6DorE+XRwCFDNYAdoaTi
wh5LPpTQ+2yT/LAw4sX+D4vwHfR0xb+ZqbfaWQrrHky+hDK0VeGo5P2xOinOzkbb
XvLimG76w1/EQvRhAOHDqHIaukxK7iDU2jLxAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUNnqgZbdJFcdbhq2y+HGmXPRG25gwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ObnFnWmJkSkZjZGJocTJ5LUhHbVhQUkcyNWcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AJt+qxuCt6zpqy2rq97BiXrOfd98l1vkLD7z+jvUCv6Q93fQ3qEj+/zClzFy4Kak
avgZDKV5MlIrWT/8V6s0Lkt4lgQ6cVlgUiut1ddTXmxsrraHD28u2ms5PzL+xRKX
2EV/92To5uRsirZJGpX13hjliOXj47NVqArexFkZohYVHscsjciImHiaHAeoZuZj
EXNo3MjcYbdFl3dYpw5Pu4iJkiPty/DFJSDoKMwDrTwocWHG5riN2OpHZkMGPtnn
KdqzI+6jILgpMpnBXqpzpvuTuMcWIAx7dCb7VqlNsrSbDiTai+flUtJFEUSgFq0v
uKFgCNLt3D+lFSnX0JOyzzA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org