Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Otfa1hVIV6nJkFGMETNE6gBlrFE.roa
File: Otfa1hVIV6nJkFGMETNE6gBlrFE.roa (raw, json)
Hash identifier: NJsKcvnBieWR3EGRKvbKM1+vouA5OdPBg2u41snj33o=
Subject key identifier: 3A:D7:DA:D6:15:48:57:A9:C9:90:51:8C:11:33:44:EA:00:65:AC:51
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 48E8
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Otfa1hVIV6nJkFGMETNE6gBlrFE.roa
Signing time: Tue 31 May 2022 00:30:06 +0000
ROA not before: Tue 31 May 2022 00:30:06 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.6.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18664 (0x48e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 31 00:30:06 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=3AD7DAD6154857A9C990518C113344EA0065AC51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4a:52:f0:77:42:88:c4:e6:29:da:c3:4f:99:
cb:f2:3c:e4:d6:da:bb:6f:7e:31:d9:33:41:21:81:
82:8f:08:87:73:26:46:53:4b:ff:6e:4d:ab:20:9d:
82:18:c9:72:1e:37:3e:76:d1:44:3a:f6:62:33:3b:
4c:a0:30:0d:e8:cc:78:2d:00:a4:78:34:53:8d:4f:
21:73:81:57:90:35:f6:dd:6a:6d:b6:75:25:5d:ad:
26:12:ac:df:d8:4f:0e:32:b7:72:1c:93:3c:4b:59:
f3:ab:d8:5d:e1:82:cd:8a:b8:83:56:91:ed:85:6d:
22:1d:34:eb:51:cf:6e:c4:db:80:f8:3a:45:e5:6c:
71:ef:07:1e:58:00:b6:2d:a2:c5:e1:b2:5f:28:f1:
16:be:c9:97:6c:7d:4d:74:db:45:55:6f:da:ed:07:
0b:d4:fd:be:a4:48:77:0c:97:a3:b0:57:80:01:16:
64:8d:f7:28:25:89:b5:62:a6:44:cb:71:47:78:2e:
c5:44:df:de:cb:5b:e2:80:6a:b1:c7:d1:fb:fc:3e:
74:77:e8:ef:70:46:58:9e:5d:50:e6:c9:e3:07:b1:
45:7f:78:6f:8b:d2:eb:f7:e6:56:c6:fb:56:0d:b1:
ec:39:86:ec:7d:96:c7:bc:a4:17:da:27:4b:22:b1:
ba:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D7:DA:D6:15:48:57:A9:C9:90:51:8C:11:33:44:EA:00:65:AC:51
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Otfa1hVIV6nJkFGMETNE6gBlrFE.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.6.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:62:87:80:d4:55:f4:21:04:5a:ee:16:c5:3b:2c:e0:5c:a4:
a4:a4:4e:61:39:32:b8:1a:cd:a0:40:83:59:a6:55:9b:a6:b4:
1d:a5:74:88:e7:70:4f:98:c4:dd:7f:84:07:c5:a0:9d:9d:fc:
49:39:48:a7:2f:23:d0:5c:f0:63:42:62:e9:17:f5:18:c5:d0:
fb:f7:18:0f:3e:83:2b:2c:ce:51:59:90:fd:2d:d7:54:32:f4:
8d:d1:50:c2:f7:82:39:44:93:36:51:0f:de:95:3c:72:29:10:
03:69:bc:71:96:c1:8c:02:46:e3:94:2a:d0:7d:d0:da:7c:58:
7f:02:11:c5:d4:95:81:59:0b:e9:f5:3e:6a:21:ec:b1:72:6a:
5f:07:3b:15:e8:fe:ee:d1:cc:7a:4b:c4:ce:c2:1a:b9:ad:87:
ca:e7:ed:f8:84:ef:bc:dc:9b:07:89:a9:ae:ae:d2:88:d5:6f:
a6:81:63:04:94:23:0e:02:66:60:42:59:0d:74:2b:0c:59:7e:
8a:bc:9d:36:de:dc:02:0f:bf:67:81:f7:21:65:a1:33:e2:a5:
83:6d:f6:73:e5:86:6b:8e:b5:5b:d3:c2:f6:21:01:2b:d7:dd:
e1:c5:39:d9:f3:f6:1e:56:8a:13:72:05:bb:51:76:79:c9:4f:
2a:45:14:14
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSOgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MzEw
MDMwMDZaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDNBRDdEQUQ2MTU0ODU3
QTlDOTkwNTE4QzExMzM0NEVBMDA2NUFDNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBSlLwd0KIxOYp2sNPmcvyPOTW2rtvfjHZM0EhgYKPCIdzJkZT
S/9uTasgnYIYyXIeNz520UQ69mIzO0ygMA3ozHgtAKR4NFONTyFzgVeQNfbdam22
dSVdrSYSrN/YTw4yt3IckzxLWfOr2F3hgs2KuINWke2FbSIdNOtRz27E24D4OkXl
bHHvBx5YALYtosXhsl8o8Ra+yZdsfU1020VVb9rtBwvU/b6kSHcMl6OwV4ABFmSN
9yglibVipkTLcUd4LsVE397LW+KAarHH0fv8PnR36O9wRlieXVDmyeMHsUV/eG+L
0uv35lbG+1YNsew5hux9lse8pBfaJ0sisbovAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUOtfa1hVIV6nJkFGMETNE6gBlrFEwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9PdGZhMWhWSVY2bkprRkdNRVRORTZnQmxyRkUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAYwDQYJKoZIhvcNAQELBQADggEB
ALFih4DUVfQhBFruFsU7LOBcpKSkTmE5MrgazaBAg1mmVZumtB2ldIjncE+YxN1/
hAfFoJ2d/Ek5SKcvI9Bc8GNCYukX9RjF0Pv3GA8+gysszlFZkP0t11Qy9I3RUML3
gjlEkzZRD96VPHIpEANpvHGWwYwCRuOUKtB90Np8WH8CEcXUlYFZC+n1Pmoh7LFy
al8HOxXo/u7RzHpLxM7CGrmth8rn7fiE77zcmweJqa6u0ojVb6aBYwSUIw4CZmBC
WQ10KwxZfoq8nTbe3AIPv2eB9yFloTPipYNt9nPlhmuOtVvTwvYhASvX3eHFOdnz
9h5WihNyBbtRdnnJTypFFBQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org