Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/RKqxKebOTKfJo23cEIcWvgu8pco.roa
File: RKqxKebOTKfJo23cEIcWvgu8pco.roa (raw, json)
Hash identifier: UmjworpxpkHVrssYqK1P/4vK6IonxgotJ4bpWg5/utY=
Subject key identifier: 44:AA:B1:29:E6:CE:4C:A7:C9:A3:6D:DC:10:87:16:BE:0B:BC:A5:CA
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4760
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/RKqxKebOTKfJo23cEIcWvgu8pco.roa
Signing time: Tue 03 May 2022 00:30:06 +0000
ROA not before: Tue 03 May 2022 00:30:06 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18272 (0x4760)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 3 00:30:06 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=44AAB129E6CE4CA7C9A36DDC108716BE0BBCA5CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:31:f5:23:72:de:e1:1e:64:5b:f7:f7:b5:01:
2f:f3:ad:7b:a9:1a:f8:fb:d0:70:55:ba:35:ea:2e:
e9:82:a1:7d:95:93:42:c1:05:9d:d1:0a:75:a9:dd:
17:f1:ea:a1:42:cb:8c:3a:fb:f2:a6:ab:d2:5c:cd:
43:60:17:63:9e:54:d2:d0:20:74:9f:a4:7b:e8:5d:
bd:ac:09:16:b4:a3:ae:a6:cf:47:98:8a:64:35:4e:
21:b3:98:c1:47:54:49:bf:c6:79:fc:11:5f:79:bb:
e3:20:94:42:3f:3f:ef:70:a7:20:e6:8a:0f:42:0a:
c8:1c:5e:23:f3:06:d0:fd:70:b5:a6:5b:28:ab:cd:
31:1b:07:4b:49:d8:91:3a:d5:02:8c:b9:2f:aa:37:
47:c9:87:ca:cf:8c:15:8d:3a:d9:65:80:e8:58:df:
48:e1:cd:24:f9:c3:fd:df:bd:21:c0:8e:6e:ca:dd:
4a:c7:d2:e0:7d:67:41:6e:c5:c9:06:9a:56:7b:9c:
e7:7c:db:d9:85:59:d2:c8:5f:6c:e7:4f:bb:46:3b:
eb:13:3c:b9:d5:b9:81:b5:46:ba:03:06:4a:0d:96:
73:e0:a0:0f:5c:c5:20:84:68:0f:4a:d3:df:ed:f6:
13:c8:33:ff:29:65:39:47:e5:03:cd:12:ac:c2:01:
5d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AA:B1:29:E6:CE:4C:A7:C9:A3:6D:DC:10:87:16:BE:0B:BC:A5:CA
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/RKqxKebOTKfJo23cEIcWvgu8pco.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:dd:a3:b2:56:a9:18:c8:ad:cf:a7:e5:9e:17:1a:a9:df:cd:
b1:cd:b2:c3:3b:76:8e:9b:78:c3:22:a0:9a:0b:35:dd:5f:35:
0d:3c:6f:5a:7f:7b:86:2b:28:4c:44:24:31:14:bd:f6:62:44:
48:36:6e:3a:8d:af:f9:13:a2:c2:fb:e4:e0:4b:c8:7b:85:3f:
08:0d:a6:70:13:df:6e:ac:cb:21:be:46:73:84:3b:bc:0d:44:
f8:13:a6:01:c8:f6:3a:56:c7:f0:4c:ef:77:30:a7:fe:dc:9f:
8d:b3:6a:4f:9d:cb:e9:49:18:00:7e:1e:85:f1:b8:af:14:c1:
e2:69:7a:ef:36:0f:52:e0:e6:85:4b:af:dd:42:57:74:9f:4b:
0f:67:76:d3:38:2e:64:d6:75:34:c1:c6:9a:f7:ec:e0:8a:a7:
d5:8a:a2:cd:55:61:69:aa:96:1a:bd:d7:f9:c9:c3:28:64:46:
34:e9:b3:64:3a:23:eb:69:14:06:55:e5:7d:72:16:a6:29:1d:
61:e4:0b:62:9a:dc:61:33:50:75:23:e9:d8:e9:5c:ad:0d:96:
62:17:22:05:f4:43:52:ed:4b:a5:64:c0:8e:d6:d5:f3:89:a4:
f7:5b:f2:17:56:bb:97:6a:f5:a4:7c:b5:b0:5e:f9:4f:ac:f3:
d3:83:03:cb
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR2AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MDMw
MDMwMDZaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDQ0QUFCMTI5RTZDRTRD
QTdDOUEzNkREQzEwODcxNkJFMEJCQ0E1Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4MfUjct7hHmRb9/e1AS/zrXupGvj70HBVujXqLumCoX2Vk0LB
BZ3RCnWp3Rfx6qFCy4w6+/Kmq9JczUNgF2OeVNLQIHSfpHvoXb2sCRa0o66mz0eY
imQ1TiGzmMFHVEm/xnn8EV95u+MglEI/P+9wpyDmig9CCsgcXiPzBtD9cLWmWyir
zTEbB0tJ2JE61QKMuS+qN0fJh8rPjBWNOtllgOhY30jhzST5w/3fvSHAjm7K3UrH
0uB9Z0FuxckGmlZ7nOd829mFWdLIX2znT7tGO+sTPLnVuYG1RroDBkoNlnPgoA9c
xSCEaA9K09/t9hPIM/8pZTlH5QPNEqzCAV3pAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQURKqxKebOTKfJo23cEIcWvgu8pcowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9SS3F4S2ViT1RLZkpvMjNjRUljV3ZndThwY28ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
ACvdo7JWqRjIrc+n5Z4XGqnfzbHNssM7do6beMMioJoLNd1fNQ08b1p/e4YrKExE
JDEUvfZiREg2bjqNr/kTosL75OBLyHuFPwgNpnAT326syyG+RnOEO7wNRPgTpgHI
9jpWx/BM73cwp/7cn42zak+dy+lJGAB+HoXxuK8UweJpeu82D1Lg5oVLr91CV3Sf
Sw9ndtM4LmTWdTTBxpr37OCKp9WKos1VYWmqlhq91/nJwyhkRjTps2Q6I+tpFAZV
5X1yFqYpHWHkC2Ka3GEzUHUj6djpXK0NlmIXIgX0Q1LtS6VkwI7W1fOJpPdb8hdW
u5dq9aR8tbBe+U+s89ODA8s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org