Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/QaNwtHFCnGSMxNcShTdcfAnb4N8.roa
File: QaNwtHFCnGSMxNcShTdcfAnb4N8.roa (raw, json)
Hash identifier: jHYdzBuqvcIj5REivkTZfMY9QC9tN5ni/rrC+4Ftlg4=
Subject key identifier: 41:A3:70:B4:71:42:9C:64:8C:C4:D7:12:85:37:5C:7C:09:DB:E0:DF
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4756
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/QaNwtHFCnGSMxNcShTdcfAnb4N8.roa
Signing time: Mon 02 May 2022 00:30:09 +0000
ROA not before: Mon 02 May 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18262 (0x4756)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 2 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=41A370B471429C648CC4D71285375C7C09DBE0DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:44:a4:5b:57:c9:42:6a:f2:da:83:ad:ff:f7:
5d:bb:87:ed:ce:8d:1d:1a:f1:3c:c7:80:65:e9:f4:
58:20:83:df:5d:f6:80:c3:d8:6e:94:16:5e:0e:d3:
e4:2c:85:6d:be:53:d5:9d:4a:66:bd:77:07:2c:e3:
04:43:e9:78:ac:de:47:dd:10:72:b6:89:5c:b9:50:
8b:d1:0a:3e:6d:9b:a7:51:8b:72:ff:8f:a7:c8:a4:
58:d4:94:74:db:01:c9:c2:6a:87:e8:36:e0:c7:13:
50:4f:e9:b0:0a:50:cc:15:80:81:be:25:c6:3b:80:
90:a5:83:e7:e7:2e:d3:a0:58:ed:0f:64:6f:3b:55:
da:15:0a:9c:21:13:df:06:d8:47:0f:ed:f3:26:4e:
c2:6e:1d:bf:0f:a1:9b:a0:d4:96:f5:54:7f:ef:f9:
d7:d9:04:05:f7:b6:99:3f:81:cd:2d:f1:e0:1c:e6:
e7:e5:2d:1c:4e:61:83:02:bd:85:0b:9c:14:02:0a:
44:58:5d:54:ce:73:51:5e:4c:4a:f4:39:14:01:bf:
c6:33:b4:b2:a4:66:0a:89:88:4a:b4:f7:45:ab:df:
c1:0c:d0:7e:45:1b:99:57:ab:2c:32:b5:65:7e:3f:
77:2a:14:48:5f:ee:f0:05:5a:9c:eb:ba:aa:cc:34:
ea:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A3:70:B4:71:42:9C:64:8C:C4:D7:12:85:37:5C:7C:09:DB:E0:DF
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/QaNwtHFCnGSMxNcShTdcfAnb4N8.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:20:8a:08:33:db:f6:a8:6b:10:a5:ec:f9:e6:64:c0:43:39:
b9:50:9d:a5:a7:c0:70:b1:fa:04:1b:13:b1:e6:15:04:ae:ae:
93:bd:9b:8a:b9:69:a3:05:f5:8d:6b:22:34:02:ca:af:2e:9c:
64:0b:11:7a:cf:3f:88:fb:ee:8f:e4:da:b4:9b:5a:24:e2:c9:
14:e3:a3:2a:7b:94:06:31:55:d9:d7:ad:d1:4f:9c:42:4a:81:
66:02:3b:ab:1d:de:e8:ec:3c:3b:f9:95:ee:de:73:25:5c:d6:
f3:77:a4:10:e6:5c:c3:2c:6d:d0:15:fd:13:bf:b3:5e:2f:11:
b7:db:63:b7:86:ca:aa:1f:a2:27:4f:70:b8:00:fa:8d:1d:fc:
ee:7b:c6:ec:f6:6c:06:b8:a8:f5:50:d3:f6:64:3d:76:54:b0:
ec:40:8f:0d:d5:4a:76:67:6d:8f:67:6d:39:57:dd:27:c9:4d:
b0:29:3c:eb:12:18:30:34:4a:4f:cb:73:6b:99:82:6e:80:e2:
31:a6:85:c0:a5:24:84:5e:35:a7:9c:6b:8f:18:a5:b2:c6:dc:
23:73:07:ed:aa:3f:3c:99:78:c0:6f:3f:98:c4:1b:26:92:cf:
c2:fe:b1:5c:08:66:c1:70:8e:d2:eb:17:8a:96:fb:e1:cf:32:
f6:d4:f1:b4
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR1YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MDIw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDQxQTM3MEI0NzE0MjlD
NjQ4Q0M0RDcxMjg1Mzc1QzdDMDlEQkUwREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7RKRbV8lCavLag63/9127h+3OjR0a8TzHgGXp9Fggg99d9oDD
2G6UFl4O0+QshW2+U9WdSma9dwcs4wRD6Xis3kfdEHK2iVy5UIvRCj5tm6dRi3L/
j6fIpFjUlHTbAcnCaofoNuDHE1BP6bAKUMwVgIG+JcY7gJClg+fnLtOgWO0PZG87
VdoVCpwhE98G2EcP7fMmTsJuHb8PoZug1Jb1VH/v+dfZBAX3tpk/gc0t8eAc5ufl
LRxOYYMCvYULnBQCCkRYXVTOc1FeTEr0ORQBv8YztLKkZgqJiEq090Wr38EM0H5F
G5lXqywytWV+P3cqFEhf7vAFWpzruqrMNOqnAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUQaNwtHFCnGSMxNcShTdcfAnb4N8wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9RYU53dEhGQ25HU014TmNTaFRkY2ZBbmI0Tjgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AGsgiggz2/aoaxCl7PnmZMBDOblQnaWnwHCx+gQbE7HmFQSurpO9m4q5aaMF9Y1r
IjQCyq8unGQLEXrPP4j77o/k2rSbWiTiyRTjoyp7lAYxVdnXrdFPnEJKgWYCO6sd
3ujsPDv5le7ecyVc1vN3pBDmXMMsbdAV/RO/s14vEbfbY7eGyqofoidPcLgA+o0d
/O57xuz2bAa4qPVQ0/ZkPXZUsOxAjw3VSnZnbY9nbTlX3SfJTbApPOsSGDA0Sk/L
c2uZgm6A4jGmhcClJIReNaeca48YpbLG3CNzB+2qPzyZeMBvP5jEGyaSz8L+sVwI
ZsFwjtLrF4qW++HPMvbU8bQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org