Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/PWJGqbUkac41tJUHskMHnaORAVY.roa
File: PWJGqbUkac41tJUHskMHnaORAVY.roa (raw, json)
Hash identifier: x9RSKszbR/5pZJQlffBoFjrybonqz9ypRNGAQJPGSpI=
Subject key identifier: 3D:62:46:A9:B5:24:69:CE:35:B4:95:07:B2:43:07:9D:A3:91:01:56
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43FE
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/PWJGqbUkac41tJUHskMHnaORAVY.roa
Signing time: Wed 02 Mar 2022 00:30:13 +0000
ROA not before: Wed 02 Mar 2022 00:30:13 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17406 (0x43fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 2 00:30:13 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=3D6246A9B52469CE35B49507B243079DA3910156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e3:86:e5:67:4e:44:7c:fe:7e:eb:e0:52:0e:
0f:2f:ca:e7:16:73:bd:14:01:ee:d2:a2:2d:ea:55:
57:7f:40:81:ce:94:73:0b:f7:a8:bf:2e:5c:d6:62:
31:c5:28:a7:29:2a:c8:c7:0a:c8:7b:7e:24:a3:bd:
6d:24:c8:be:8c:84:57:19:3d:b1:f0:f4:eb:c4:6b:
98:17:e2:eb:cd:32:5d:02:af:30:7c:c9:89:a7:cc:
4e:b1:01:a1:44:9a:08:b4:2b:2e:7c:a9:90:c9:2e:
49:ca:5b:c7:51:4d:df:b1:40:af:91:da:cc:b0:1f:
9f:c4:63:13:a3:58:61:e0:81:a6:1d:f2:33:26:45:
be:23:4d:43:eb:79:dc:6e:d8:69:5d:eb:32:37:34:
9f:21:fd:e8:5a:b4:6f:be:ff:87:89:f4:66:2a:14:
d9:9e:04:e0:95:a1:da:94:65:2f:30:de:54:a3:18:
1a:04:62:eb:40:72:2e:34:f3:a5:22:80:fe:19:02:
91:c6:b6:f4:6b:54:fa:51:32:a7:30:87:e3:24:d5:
f0:7e:97:29:cb:10:e3:97:c5:00:bf:07:53:58:17:
36:c4:18:3b:55:a5:44:00:15:b6:31:c6:9d:d1:42:
49:70:5a:f8:6d:2d:40:51:5f:7c:06:fd:7c:ef:20:
28:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:62:46:A9:B5:24:69:CE:35:B4:95:07:B2:43:07:9D:A3:91:01:56
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/PWJGqbUkac41tJUHskMHnaORAVY.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:33:86:2f:a7:59:52:04:2b:2c:d0:ec:d9:d4:77:0d:d9:7e:
6e:7c:d0:90:d1:cd:5e:f1:8f:6d:9f:5e:a7:71:48:08:fc:fc:
96:a4:6f:7a:08:ec:5c:30:c9:a6:f2:f5:fe:58:3d:a7:b9:60:
90:bb:a7:aa:1c:f0:cd:3c:54:48:5f:9b:ec:78:43:d4:6a:b2:
53:5b:63:eb:5d:a6:22:3d:13:58:ca:e6:b2:e0:82:d6:0b:dd:
4d:e6:ef:73:ca:36:6e:7a:c8:c2:13:fb:06:26:e0:ce:c8:f6:
35:31:d9:8c:c8:e4:45:d7:aa:d9:ee:60:b6:5e:da:de:f3:22:
17:b1:c1:60:bc:78:cb:5c:a1:ce:a3:33:3f:f2:e6:25:03:63:
46:75:61:4d:a4:5e:be:18:68:4d:19:29:4e:dc:5d:13:ed:6e:
12:c1:93:a3:9a:65:f4:c6:73:ae:79:15:0f:43:d1:fe:00:ea:
45:71:ef:1c:a4:75:21:55:0a:46:8a:76:b8:12:e8:ab:d9:7e:
fd:f7:62:ce:27:60:55:e4:36:3f:09:91:9e:13:13:2d:70:bf:
70:90:11:86:d6:a5:b6:08:48:42:12:91:72:1c:27:a1:48:e8:
85:55:97:1b:fb:67:1e:f1:97:65:36:f6:ce:15:b6:d3:f1:5e:
04:4b:fe:08
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ/4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDIw
MDMwMTNaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDNENjI0NkE5QjUyNDY5
Q0UzNUI0OTUwN0IyNDMwNzlEQTM5MTAxNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL44blZ05EfP5+6+BSDg8vyucWc70UAe7Soi3qVVd/QIHOlHML
96i/LlzWYjHFKKcpKsjHCsh7fiSjvW0kyL6MhFcZPbHw9OvEa5gX4uvNMl0CrzB8
yYmnzE6xAaFEmgi0Ky58qZDJLknKW8dRTd+xQK+R2sywH5/EYxOjWGHggaYd8jMm
Rb4jTUPredxu2Gld6zI3NJ8h/ehatG++/4eJ9GYqFNmeBOCVodqUZS8w3lSjGBoE
YutAci4086UigP4ZApHGtvRrVPpRMqcwh+Mk1fB+lynLEOOXxQC/B1NYFzbEGDtV
pUQAFbYxxp3RQklwWvhtLUBRX3wG/XzvICj3AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUPWJGqbUkac41tJUHskMHnaORAVYwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9QV0pHcWJVa2FjNDF0SlVIc2tNSG5hT1JBVlkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AAszhi+nWVIEKyzQ7NnUdw3Zfm580JDRzV7xj22fXqdxSAj8/Jakb3oI7Fwwyaby
9f5YPae5YJC7p6oc8M08VEhfm+x4Q9RqslNbY+tdpiI9E1jK5rLggtYL3U3m73PK
Nm56yMIT+wYm4M7I9jUx2YzI5EXXqtnuYLZe2t7zIhexwWC8eMtcoc6jMz/y5iUD
Y0Z1YU2kXr4YaE0ZKU7cXRPtbhLBk6OaZfTGc655FQ9D0f4A6kVx7xykdSFVCkaK
drgS6KvZfv33Ys4nYFXkNj8JkZ4TEy1wv3CQEYbWpbYISEISkXIcJ6FI6IVVlxv7
Zx7xl2U29s4VttPxXgRL/gg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org