Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/OTS1FHdbgQtoQNVpoAKFVBUaeF4.roa
File: OTS1FHdbgQtoQNVpoAKFVBUaeF4.roa (raw, json)
Hash identifier: bHWs5uCcFNUE+b+BkDmuV/qjaMXXs6Q1AuW8968y8kk=
Subject key identifier: 39:34:B5:14:77:5B:81:0B:68:40:D5:69:A0:02:85:54:15:1A:78:5E
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4439
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/OTS1FHdbgQtoQNVpoAKFVBUaeF4.roa
Signing time: Sun 06 Mar 2022 00:30:09 +0000
ROA not before: Sun 06 Mar 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17465 (0x4439)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 6 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=3934B514775B810B6840D569A0028554151A785E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:92:61:6c:5f:78:0a:81:88:02:39:3b:6c:e8:
02:10:3a:1e:07:07:97:e9:7e:71:41:8e:14:40:1e:
36:ac:17:28:55:0c:c8:4e:90:1b:5e:e5:f4:3e:7f:
ed:a5:ba:84:d3:ad:28:60:23:10:8d:f5:84:5e:ba:
01:ad:ac:c5:6f:7d:40:cc:7f:df:e1:93:c4:43:e1:
0b:7b:f7:fa:3d:72:50:60:a1:5a:09:e7:81:74:29:
07:e4:d6:6a:4b:d6:77:08:13:c1:06:d1:ef:e9:81:
de:c7:da:17:2f:6c:24:81:29:44:2d:7c:fa:bd:d7:
db:91:cf:7e:62:a3:0b:96:db:00:c1:ba:a4:8b:dc:
dc:97:8a:89:fd:8b:f8:5b:c4:c2:94:8b:17:11:41:
a6:83:a4:84:bc:ef:c2:ed:98:1d:89:b9:9f:b9:55:
62:e5:66:dd:e5:24:3e:5e:38:70:76:86:eb:61:c0:
1e:47:4b:b2:1c:15:cb:02:a5:4d:f5:ae:d6:23:27:
79:8b:b4:6d:32:c5:c1:3b:aa:db:82:3a:75:62:39:
be:d4:83:c3:d7:6c:57:f5:54:4c:8b:89:f6:c3:88:
48:1f:ea:e0:a7:94:70:a3:a0:77:90:e1:93:b1:7a:
4b:98:33:3b:65:45:b3:0a:63:72:ac:9c:4c:9c:71:
b5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:34:B5:14:77:5B:81:0B:68:40:D5:69:A0:02:85:54:15:1A:78:5E
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/OTS1FHdbgQtoQNVpoAKFVBUaeF4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:84:fd:7a:db:02:3d:b9:0f:db:c5:36:af:76:4c:9b:17:d2:
f9:81:40:5a:e4:44:8a:07:2f:48:35:28:81:d1:69:5a:3d:50:
3a:6d:7d:59:fc:ef:69:81:5a:1f:10:f8:d0:90:11:30:60:c3:
0b:f2:59:ee:f3:05:c0:96:1e:b5:6c:f4:a4:59:06:e9:da:d0:
40:e9:56:f5:aa:d4:da:61:33:cc:2b:b5:37:28:cf:01:a9:6a:
1b:98:96:a1:36:87:9e:83:5c:65:91:84:f8:aa:60:d8:c7:b4:
bf:8c:01:da:50:b0:ea:f5:7a:04:a9:cf:c2:9e:a5:8b:e1:e9:
96:eb:9e:ee:92:b6:5c:e6:13:b5:af:7c:d2:2a:73:45:f5:a2:
a2:f7:7b:3a:96:3c:6d:e7:52:2c:25:21:e7:d7:dc:39:35:26:
b4:56:31:1b:30:40:5b:d7:e2:4a:6f:c6:4a:d2:44:86:c0:53:
5d:d1:92:89:d7:93:67:8f:7a:1b:09:82:e2:ab:68:4a:08:19:
2e:0b:6a:95:ed:8e:0a:5d:6a:91:40:e5:56:f0:1a:ee:9f:14:
45:30:55:a7:fb:86:b3:bd:a3:b3:d4:a6:73:98:62:6b:88:bc:
45:39:2a:b6:60:72:00:bc:09:8c:38:a8:9e:54:ca:43:4b:c6:
2f:27:aa:2f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRDkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDYw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDM5MzRCNTE0Nzc1Qjgx
MEI2ODQwRDU2OUEwMDI4NTU0MTUxQTc4NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfkmFsX3gKgYgCOTts6AIQOh4HB5fpfnFBjhRAHjasFyhVDMhO
kBte5fQ+f+2luoTTrShgIxCN9YReugGtrMVvfUDMf9/hk8RD4Qt79/o9clBgoVoJ
54F0KQfk1mpL1ncIE8EG0e/pgd7H2hcvbCSBKUQtfPq919uRz35iowuW2wDBuqSL
3NyXion9i/hbxMKUixcRQaaDpIS878LtmB2JuZ+5VWLlZt3lJD5eOHB2huthwB5H
S7IcFcsCpU31rtYjJ3mLtG0yxcE7qtuCOnViOb7Ug8PXbFf1VEyLifbDiEgf6uCn
lHCjoHeQ4ZOxekuYMztlRbMKY3KsnEyccbWLAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUOTS1FHdbgQtoQNVpoAKFVBUaeF4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9PVFMxRkhkYmdRdG9RTlZwb0FLRlZCVWFlRjQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AF6E/XrbAj25D9vFNq92TJsX0vmBQFrkRIoHL0g1KIHRaVo9UDptfVn872mBWh8Q
+NCQETBgwwvyWe7zBcCWHrVs9KRZBuna0EDpVvWq1NphM8wrtTcozwGpahuYlqE2
h56DXGWRhPiqYNjHtL+MAdpQsOr1egSpz8KepYvh6Zbrnu6StlzmE7WvfNIqc0X1
oqL3ezqWPG3nUiwlIefX3Dk1JrRWMRswQFvX4kpvxkrSRIbAU13RkonXk2ePehsJ
guKraEoIGS4LapXtjgpdapFA5VbwGu6fFEUwVaf7hrO9o7PUpnOYYmuIvEU5KrZg
cgC8CYw4qJ5UykNLxi8nqi8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org