Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Q8Isf3KZhFWbq7VVN-eRLQDcqA8.roa
File: Q8Isf3KZhFWbq7VVN-eRLQDcqA8.roa (raw, json)
Hash identifier: xJbQxdSwheLhwLBpgaRsXRcwR1dUYjCADEq4aqI39qE=
Subject key identifier: 43:C2:2C:7F:72:99:84:55:9B:AB:B5:55:37:E7:91:2D:00:DC:A8:0F
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44A5
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Q8Isf3KZhFWbq7VVN-eRLQDcqA8.roa
Signing time: Mon 14 Mar 2022 00:30:09 +0000
ROA not before: Mon 14 Mar 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17573 (0x44a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 14 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=43C22C7F729984559BABB55537E7912D00DCA80F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bc:fe:cf:c0:e0:d9:b6:44:69:56:30:72:36:
1c:7e:a3:24:cf:11:a0:17:fa:8d:51:9e:87:b3:44:
04:8b:2a:8a:8c:2c:ba:9c:18:77:c4:3e:b2:d9:cc:
be:3b:51:57:b9:7a:73:91:ba:ef:13:bd:1c:b7:54:
ee:7b:86:b6:a2:1c:1a:6c:c3:c6:94:14:af:4c:26:
13:3c:23:f9:ca:90:78:a9:9f:a3:fa:de:2c:4f:c9:
17:c8:b2:a2:89:6d:3c:5f:6d:43:31:2f:9e:e6:dd:
6e:f0:91:f9:5f:2b:88:47:4a:d8:46:c9:9c:c6:70:
0e:15:37:e7:61:16:1e:5f:08:ad:c4:ee:86:6d:b5:
3e:79:3e:8d:e9:d2:07:4a:51:ce:91:a6:be:4d:8b:
2e:af:12:cd:6a:eb:a9:ef:6d:02:c8:64:3d:59:2f:
42:e3:da:03:db:ee:b4:86:1b:75:be:b3:55:01:33:
be:ca:f9:a1:63:2f:e7:c5:21:02:fa:0d:ee:78:4d:
9f:08:b5:40:6a:1b:15:9c:63:1b:11:79:71:5c:d6:
07:06:3e:31:56:3b:ff:40:fd:17:2d:2c:3b:ee:da:
86:7a:fc:56:12:b3:54:a2:81:0e:d1:f9:da:31:51:
e8:e1:1e:b8:cb:81:54:e5:18:fe:61:21:48:42:de:
25:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:C2:2C:7F:72:99:84:55:9B:AB:B5:55:37:E7:91:2D:00:DC:A8:0F
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Q8Isf3KZhFWbq7VVN-eRLQDcqA8.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
33:0f:03:07:bb:45:02:b2:b8:ab:65:aa:fc:fb:7e:8b:9a:af:
d4:e8:26:d0:7b:2b:be:9f:8f:46:aa:f7:b9:f7:06:85:89:9e:
e5:8a:48:1e:78:c6:32:0d:09:20:ea:60:97:13:33:ce:eb:15:
3b:59:8e:c5:13:e7:52:45:83:48:b1:78:7d:ac:6b:ac:54:8b:
b6:f3:ae:f1:1b:64:a7:39:f8:64:3f:07:58:35:55:2f:49:e5:
63:48:89:47:12:66:86:8b:72:c8:27:5a:c0:13:26:86:fc:0b:
5a:b5:51:8c:e8:18:28:5f:fc:21:a0:90:ff:77:c8:25:17:e1:
9d:c0:bd:fc:4a:ce:4d:a7:0c:56:e5:09:60:4b:66:33:5d:bd:
e8:9f:f6:80:f0:e0:f2:de:b6:bb:c5:78:c5:70:09:8c:cb:a0:
9b:88:55:00:fd:be:4f:5e:19:d0:d0:15:58:c5:b1:7f:4b:07:
e8:ad:62:51:50:1c:47:25:c5:e4:72:7c:b0:56:73:5d:1a:89:
af:cf:d8:cd:e4:a7:29:69:f1:aa:cd:0f:fb:f8:bb:76:bd:2f:
81:85:2a:59:ee:9c:59:6e:e1:e4:00:8b:b6:36:5c:fc:25:a2:
4d:c3:ce:89:f6:a2:9a:06:a7:ea:39:d8:6c:42:27:7b:31:d4:
58:e1:ee:5c
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTQw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDQzQzIyQzdGNzI5OTg0
NTU5QkFCQjU1NTM3RTc5MTJEMDBEQ0E4MEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1vP7PwODZtkRpVjByNhx+oyTPEaAX+o1RnoezRASLKoqMLLqc
GHfEPrLZzL47UVe5enORuu8TvRy3VO57hraiHBpsw8aUFK9MJhM8I/nKkHipn6P6
3ixPyRfIsqKJbTxfbUMxL57m3W7wkflfK4hHSthGyZzGcA4VN+dhFh5fCK3E7oZt
tT55Po3p0gdKUc6Rpr5Niy6vEs1q66nvbQLIZD1ZL0Lj2gPb7rSGG3W+s1UBM77K
+aFjL+fFIQL6De54TZ8ItUBqGxWcYxsReXFc1gcGPjFWO/9A/RctLDvu2oZ6/FYS
s1SigQ7R+doxUejhHrjLgVTlGP5hIUhC3iXVAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUQ8Isf3KZhFWbq7VVN+eRLQDcqA8wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ROElzZjNLWmhGV2JxN1ZWTi1lUkxRRGNxQTgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
ADMPAwe7RQKyuKtlqvz7fouar9ToJtB7K76fj0aq97n3BoWJnuWKSB54xjINCSDq
YJcTM87rFTtZjsUT51JFg0ixeH2sa6xUi7bzrvEbZKc5+GQ/B1g1VS9J5WNIiUcS
ZoaLcsgnWsATJob8C1q1UYzoGChf/CGgkP93yCUX4Z3AvfxKzk2nDFblCWBLZjNd
veif9oDw4PLetrvFeMVwCYzLoJuIVQD9vk9eGdDQFVjFsX9LB+itYlFQHEclxeRy
fLBWc10aia/P2M3kpylp8arND/v4u3a9L4GFKlnunFlu4eQAi7Y2XPwlok3Dzon2
opoGp+o52GxCJ3sx1Fjh7lw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org