Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/NrW7rKv0B4n-e7cGtWa1Zr0XaYk.roa
File: NrW7rKv0B4n-e7cGtWa1Zr0XaYk.roa (raw, json)
Hash identifier: xdsW3aQXKoHymUrDvmFuIh+XVSGlQ/X0ZyIeuKk0Yrk=
Subject key identifier: 36:B5:BB:AC:AB:F4:07:89:FE:7B:B7:06:B5:66:B5:66:BD:17:69:89
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 49B4
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NrW7rKv0B4n-e7cGtWa1Zr0XaYk.roa
Signing time: Sat 11 Jun 2022 00:30:09 +0000
ROA not before: Sat 11 Jun 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18868 (0x49b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 11 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=36B5BBACABF40789FE7BB706B566B566BD176989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:70:05:3a:a5:22:76:e9:bf:4b:9a:98:25:50:
7a:d5:4d:c7:2f:43:87:07:2a:fc:35:a6:ff:21:4f:
cc:cb:3a:e6:46:5c:a0:3d:38:1f:e7:f3:c9:c0:1a:
f4:3a:51:0b:b4:38:08:e6:9c:93:11:c5:fc:ff:4e:
1f:be:68:7c:f5:28:7a:67:58:3e:99:43:15:a3:b7:
33:aa:68:9b:34:42:4b:33:61:c4:41:e1:b4:b7:b6:
2d:1b:6b:5a:d6:47:36:48:32:13:2e:84:f6:d7:5b:
1c:c4:36:91:d6:06:bf:4d:55:76:bb:b7:f8:97:2b:
fa:24:ef:7a:12:11:e7:be:22:bd:84:84:28:70:e4:
8e:40:c1:83:25:c5:b9:97:d2:c1:5b:b9:a3:cc:74:
cf:41:29:c6:06:2d:81:f0:59:fa:a3:c6:ea:ae:c9:
b2:8e:eb:6b:e8:6f:51:08:61:13:15:1b:5d:a0:42:
96:5e:aa:7f:88:c5:21:5b:72:b4:c6:9c:47:38:3a:
0c:5e:9a:bf:ad:a8:d8:94:5c:9a:c1:1c:29:c2:6d:
e7:a0:c5:ce:ec:69:03:2c:27:b6:41:17:fd:ff:57:
6a:4d:1c:d7:9d:70:25:aa:eb:05:13:07:0a:3b:39:
0c:44:23:24:f1:e2:71:2e:55:d5:5d:f7:3d:b0:b6:
ef:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B5:BB:AC:AB:F4:07:89:FE:7B:B7:06:B5:66:B5:66:BD:17:69:89
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NrW7rKv0B4n-e7cGtWa1Zr0XaYk.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:2e:da:b8:f5:17:5f:03:e7:fa:5a:3c:a4:35:14:c4:5f:67:
4e:d2:e7:25:c2:96:2e:b7:2a:7c:d6:ff:4b:26:af:7f:a6:16:
3f:a6:70:49:d4:0b:a2:c9:1a:ab:99:28:b8:9c:82:16:7d:dc:
97:5c:70:ae:a7:ee:c0:de:6d:9f:b9:bf:bd:db:0e:1b:ce:a5:
78:ca:72:c9:71:12:33:34:20:fe:1e:c3:0b:e5:4f:d8:cf:cb:
67:cb:b4:8b:03:79:e4:81:c4:a0:85:7d:7a:69:4a:d1:b5:c7:
a5:a2:cb:4e:d0:7b:23:0b:64:06:1e:bc:a6:ff:78:53:8e:e1:
d2:8c:10:5d:89:f8:38:d5:ac:23:d9:4f:ac:06:25:1b:6a:55:
17:0e:7f:c1:81:f4:9c:ed:13:2a:99:d1:59:ae:35:53:fe:fe:
bd:5e:be:b3:86:6e:3c:97:b3:0e:ed:81:fe:25:ec:e2:88:c1:
dc:3a:96:ed:65:2a:f6:37:a6:73:41:82:cf:77:3a:b4:63:ac:
48:ed:5e:f0:90:d7:1d:c0:37:35:4e:b8:62:4d:08:46:d9:a6:
91:9d:c7:d4:c5:d5:df:ff:48:5b:f4:1c:98:00:49:61:0b:ff:
33:2d:ac:ee:26:f3:31:4b:aa:ef:0a:0d:68:9b:89:1b:91:ba:
aa:1f:55:0f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSbQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MTEw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDM2QjVCQkFDQUJGNDA3
ODlGRTdCQjcwNkI1NjZCNTY2QkQxNzY5ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCecAU6pSJ26b9LmpglUHrVTccvQ4cHKvw1pv8hT8zLOuZGXKA9
OB/n88nAGvQ6UQu0OAjmnJMRxfz/Th++aHz1KHpnWD6ZQxWjtzOqaJs0QkszYcRB
4bS3ti0ba1rWRzZIMhMuhPbXWxzENpHWBr9NVXa7t/iXK/ok73oSEee+Ir2EhChw
5I5AwYMlxbmX0sFbuaPMdM9BKcYGLYHwWfqjxuquybKO62vob1EIYRMVG12gQpZe
qn+IxSFbcrTGnEc4Ogxemr+tqNiUXJrBHCnCbeegxc7saQMsJ7ZBF/3/V2pNHNed
cCWq6wUTBwo7OQxEIyTx4nEuVdVd9z2wtu+3AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUNrW7rKv0B4n+e7cGtWa1Zr0XaYkwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9Oclc3ckt2MEI0bi1lN2NHdFdhMVpyMFhhWWsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AIwu2rj1F18D5/paPKQ1FMRfZ07S5yXCli63KnzW/0smr3+mFj+mcEnUC6LJGquZ
KLicghZ93JdccK6n7sDebZ+5v73bDhvOpXjKcslxEjM0IP4ewwvlT9jPy2fLtIsD
eeSBxKCFfXppStG1x6Wiy07QeyMLZAYevKb/eFOO4dKMEF2J+DjVrCPZT6wGJRtq
VRcOf8GB9JztEyqZ0VmuNVP+/r1evrOGbjyXsw7tgf4l7OKIwdw6lu1lKvY3pnNB
gs93OrRjrEjtXvCQ1x3ANzVOuGJNCEbZppGdx9TF1d//SFv0HJgASWEL/zMtrO4m
8zFLqu8KDWibiRuRuqofVQ8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org