Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/PMf4J3Z8hDidMT2TGdPBro6bEmk.roa
File: PMf4J3Z8hDidMT2TGdPBro6bEmk.roa (raw, json)
Hash identifier: 3AyJuqk47vL6ADqIuW2lLoUHnjYLDmuzStOT8Lq+jcY=
Subject key identifier: 3C:C7:F8:27:76:7C:84:38:9D:31:3D:93:19:D3:C1:AE:8E:9B:12:69
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 42EF
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/PMf4J3Z8hDidMT2TGdPBro6bEmk.roa
Signing time: Thu 10 Feb 2022 00:30:09 +0000
ROA not before: Thu 10 Feb 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17135 (0x42ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 10 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=3CC7F827767C84389D313D9319D3C1AE8E9B1269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4a:fb:af:6a:1a:e0:33:28:bb:4d:f9:84:5f:
c3:21:6b:d5:24:67:40:55:cc:81:6b:dd:db:fa:91:
31:32:e0:a9:64:39:50:ce:4f:66:cb:68:f9:6a:63:
78:9a:b3:ef:96:fb:40:aa:97:ca:8c:61:b3:2c:85:
12:f1:4b:e9:2f:17:0d:e0:8a:a0:da:9b:ae:56:e0:
bc:44:ca:a4:e0:85:9e:ac:a9:4e:11:56:ee:0c:fe:
ed:6f:bb:17:db:2f:26:7d:fc:0b:cb:f3:b6:42:79:
8b:f3:03:b5:ea:f8:da:af:49:b7:87:e8:54:4b:5d:
3f:d1:c7:97:53:74:e6:81:4e:87:36:59:32:99:fc:
67:90:5d:8b:d3:74:9a:12:27:2d:93:38:ec:dd:61:
20:06:a8:f2:2d:41:34:c9:d6:f7:44:07:bc:91:45:
a3:2d:9f:e7:3c:12:5e:9c:5e:03:89:3f:1d:bd:f7:
27:a2:61:d1:4e:df:a0:79:31:20:c6:51:3a:ca:bd:
0f:11:ee:3e:14:19:1e:9e:95:3b:f1:18:7a:ed:1b:
5b:2c:18:08:3a:76:60:21:8e:e9:af:6c:70:39:11:
6b:e3:0a:41:a8:bd:c9:cb:1a:a5:e1:2c:45:3a:8c:
96:21:68:6d:c4:a1:e4:b0:3e:9a:1e:cf:e8:84:3e:
09:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C7:F8:27:76:7C:84:38:9D:31:3D:93:19:D3:C1:AE:8E:9B:12:69
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/PMf4J3Z8hDidMT2TGdPBro6bEmk.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
43:80:b4:66:45:cf:46:d7:2a:ee:52:c2:ca:8d:7e:59:93:c3:
26:9b:ae:8a:85:66:04:95:95:0f:30:9a:21:a5:36:00:cd:c9:
ea:ad:3c:82:13:74:8e:43:db:9e:20:bf:ef:83:db:17:30:9c:
2a:84:aa:ce:fb:82:d7:10:fc:a1:b4:73:5d:9e:95:3f:00:68:
6e:2b:1f:c2:22:45:4e:d7:f1:24:9c:b1:a4:0f:d6:f4:36:b5:
b3:a0:8d:b2:37:80:1d:b5:37:82:b6:f7:d3:58:99:55:56:3b:
06:21:5a:29:9f:dc:da:c7:e1:38:d0:ea:e3:0f:f6:94:bc:35:
3d:21:07:33:d2:85:33:73:a6:6b:24:6a:f5:37:93:e5:24:95:
d7:61:8e:83:cf:da:3a:70:ad:35:cc:44:6a:e0:6f:be:27:88:
bb:1c:04:9f:0c:a2:63:4f:c0:d1:4b:e9:49:da:1d:39:c3:84:
18:4c:45:27:d2:b2:f6:56:40:ac:eb:07:af:d2:9d:d8:40:db:
56:7a:2e:32:e3:7c:bb:28:59:fa:af:47:0d:58:1a:d6:db:19:
43:56:56:06:fa:8b:f8:eb:67:d9:fd:db:37:f7:d7:9e:45:e6:
1a:b9:6f:0e:e0:eb:4a:d9:61:c1:28:0f:26:5b:6a:cb:0c:3b:
ee:dc:d4:7f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQu8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTAw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDNDQzdGODI3NzY3Qzg0
Mzg5RDMxM0Q5MzE5RDNDMUFFOEU5QjEyNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvSvuvahrgMyi7TfmEX8Mha9UkZ0BVzIFr3dv6kTEy4KlkOVDO
T2bLaPlqY3ias++W+0Cql8qMYbMshRLxS+kvFw3giqDam65W4LxEyqTghZ6sqU4R
Vu4M/u1vuxfbLyZ9/AvL87ZCeYvzA7Xq+NqvSbeH6FRLXT/Rx5dTdOaBToc2WTKZ
/GeQXYvTdJoSJy2TOOzdYSAGqPItQTTJ1vdEB7yRRaMtn+c8El6cXgOJPx299yei
YdFO36B5MSDGUTrKvQ8R7j4UGR6elTvxGHrtG1ssGAg6dmAhjumvbHA5EWvjCkGo
vcnLGqXhLEU6jJYhaG3EoeSwPpoez+iEPgmLAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUPMf4J3Z8hDidMT2TGdPBro6bEmkwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9QTWY0SjNaOGhEaWRNVDJUR2RQQnJvNmJFbWsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AEOAtGZFz0bXKu5SwsqNflmTwyabroqFZgSVlQ8wmiGlNgDNyeqtPIITdI5D254g
v++D2xcwnCqEqs77gtcQ/KG0c12elT8AaG4rH8IiRU7X8SScsaQP1vQ2tbOgjbI3
gB21N4K299NYmVVWOwYhWimf3NrH4TjQ6uMP9pS8NT0hBzPShTNzpmskavU3k+Uk
lddhjoPP2jpwrTXMRGrgb74niLscBJ8MomNPwNFL6UnaHTnDhBhMRSfSsvZWQKzr
B6/SndhA21Z6LjLjfLsoWfqvRw1YGtbbGUNWVgb6i/jrZ9n92zf3155F5hq5bw7g
60rZYcEoDyZbassMO+7c1H8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org