Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Qp5JYGRpgabAjzvGb_WZhUyWq70.roa
File: Qp5JYGRpgabAjzvGb_WZhUyWq70.roa (raw, json)
Hash identifier: +zpVOBIRKOz6NgX8sBC7EMimeI9z3QNE/+pi0cbUiw0=
Subject key identifier: 42:9E:49:60:64:69:81:A6:C0:8F:3B:C6:6F:F5:99:85:4C:96:AB:BD
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 489B
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Qp5JYGRpgabAjzvGb_WZhUyWq70.roa
Signing time: Wed 25 May 2022 00:30:08 +0000
ROA not before: Wed 25 May 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18587 (0x489b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 25 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=429E4960646981A6C08F3BC66FF599854C96ABBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b6:67:ce:69:0d:72:aa:1a:84:4f:00:10:54:
f3:72:34:ee:e9:25:41:00:28:39:9a:2e:e8:51:73:
3a:7c:0f:65:6f:13:71:16:13:ee:24:9e:75:50:0f:
6e:24:00:2e:28:c0:a9:0f:dc:b8:09:01:63:2e:88:
9d:06:54:52:f7:25:df:43:dd:93:d9:72:43:78:f4:
aa:d4:50:e8:81:03:06:5e:27:fd:e9:87:6c:2b:3b:
de:94:e9:86:46:81:6b:b4:75:a0:9c:e3:48:2d:6e:
4e:ba:8a:e7:b4:40:55:ad:15:a3:cb:49:2d:2e:a4:
08:13:35:92:50:32:d0:a0:08:d5:90:a7:1e:54:b3:
80:fb:b8:e4:73:36:1e:4a:82:3c:b8:b6:eb:50:df:
1f:61:2c:c9:b1:dc:f9:2f:e1:64:d0:24:27:23:57:
95:d2:bd:6e:22:7d:d0:43:5b:56:e8:bd:10:7f:d4:
40:65:30:43:3f:04:99:2b:7c:cf:a0:76:17:b0:d1:
0d:a2:a5:dd:d2:d6:2d:bd:28:bd:24:7e:75:c4:04:
97:4f:69:d5:bd:5f:69:75:86:ee:70:08:2a:1d:41:
98:94:80:11:a3:2f:c3:0e:1e:ed:92:e5:65:5e:c9:
82:4f:39:42:81:3d:e3:9d:ee:f4:1b:07:7b:6f:3e:
87:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:9E:49:60:64:69:81:A6:C0:8F:3B:C6:6F:F5:99:85:4C:96:AB:BD
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Qp5JYGRpgabAjzvGb_WZhUyWq70.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:ba:b9:a1:80:a9:b6:a8:3b:6d:2d:89:93:51:d4:51:01:74:
d7:ec:a7:0f:eb:ce:7c:63:0b:72:1f:c4:9a:f0:bb:54:17:36:
6c:a3:dd:a9:36:d3:57:de:e8:6c:83:09:01:a2:fa:09:41:0b:
63:56:f7:33:b3:71:c0:26:06:55:42:0e:d9:76:18:60:e5:ac:
ad:31:90:8e:52:c3:85:9c:93:d7:06:0b:d3:30:ec:4a:d2:8e:
ad:13:fe:26:ca:bd:c2:a3:a8:45:bc:82:68:f7:87:09:ff:41:
d2:28:23:3b:ab:c8:38:29:13:bb:f1:99:f3:c4:e5:d2:c2:46:
5f:e7:6e:2d:99:c3:af:82:51:20:ef:c9:2f:39:73:97:0d:9e:
b7:a5:c6:d3:c6:b1:4c:3b:ae:82:4b:a8:05:a9:db:74:0d:d8:
2a:54:4b:cf:28:24:86:c7:83:46:89:16:4b:55:c9:7d:a8:70:
25:5e:70:66:26:31:2d:78:45:ea:b5:91:27:28:37:7f:69:eb:
d6:d5:83:ba:24:88:84:c5:32:62:c1:65:69:58:b9:f2:a2:fa:
5c:9c:d4:54:3b:ce:3f:d2:21:09:77:65:9a:fc:c3:c1:14:31:
f9:65:75:7b:54:f6:21:3a:9f:37:36:8d:d8:ce:da:23:b9:39:
19:d3:0a:82
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSJswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MjUw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDQyOUU0OTYwNjQ2OTgx
QTZDMDhGM0JDNjZGRjU5OTg1NEM5NkFCQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZtmfOaQ1yqhqETwAQVPNyNO7pJUEAKDmaLuhRczp8D2VvE3EW
E+4knnVQD24kAC4owKkP3LgJAWMuiJ0GVFL3Jd9D3ZPZckN49KrUUOiBAwZeJ/3p
h2wrO96U6YZGgWu0daCc40gtbk66iue0QFWtFaPLSS0upAgTNZJQMtCgCNWQpx5U
s4D7uORzNh5Kgjy4tutQ3x9hLMmx3Pkv4WTQJCcjV5XSvW4ifdBDW1bovRB/1EBl
MEM/BJkrfM+gdhew0Q2ipd3S1i29KL0kfnXEBJdPadW9X2l1hu5wCCodQZiUgBGj
L8MOHu2S5WVeyYJPOUKBPeOd7vQbB3tvPof3AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUQp5JYGRpgabAjzvGb/WZhUyWq70wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9RcDVKWUdScGdhYkFqenZHYl9XWmhVeVdxNzAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AJq6uaGAqbaoO20tiZNR1FEBdNfspw/rznxjC3IfxJrwu1QXNmyj3ak201fe6GyD
CQGi+glBC2NW9zOzccAmBlVCDtl2GGDlrK0xkI5Sw4Wck9cGC9Mw7ErSjq0T/ibK
vcKjqEW8gmj3hwn/QdIoIzuryDgpE7vxmfPE5dLCRl/nbi2Zw6+CUSDvyS85c5cN
nrelxtPGsUw7roJLqAWp23QN2CpUS88oJIbHg0aJFktVyX2ocCVecGYmMS14Req1
kScoN39p69bVg7okiITFMmLBZWlYufKi+lyc1FQ7zj/SIQl3ZZr8w8EUMflldXtU
9iE6nzc2jdjO2iO5ORnTCoI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org