Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/RWll57mduO-UVY4ODif6_FHoQrw.roa
File: RWll57mduO-UVY4ODif6_FHoQrw.roa (raw, json)
Hash identifier: VlgemLB4REbTiht8AkvPyOJTKfpzeJqQY3Zk73cFnwk=
Subject key identifier: 45:69:65:E7:B9:9D:B8:EF:94:55:8E:0E:0E:27:FA:FC:51:E8:42:BC
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4255
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/RWll57mduO-UVY4ODif6_FHoQrw.roa
Signing time: Sun 30 Jan 2022 00:30:07 +0000
ROA not before: Sun 30 Jan 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16981 (0x4255)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jan 30 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=456965E7B99DB8EF94558E0E0E27FAFC51E842BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d1:f3:c3:39:fb:63:51:40:d9:58:dc:fe:b3:
b0:29:ce:1f:c8:f7:73:0d:6b:70:8a:7c:5f:96:b2:
9c:cc:91:35:3f:3a:00:aa:d8:e0:56:33:79:ff:db:
ed:ff:67:39:60:93:05:d9:1a:0a:91:d3:98:70:ca:
87:a6:6b:f2:d0:d1:ed:e2:a2:bc:dc:3c:cb:9d:a3:
37:73:44:f9:d8:f1:02:e9:cc:25:10:91:f2:c5:d5:
4a:90:7f:cf:5d:a5:db:dd:ae:e9:d4:75:46:a1:a6:
81:aa:a8:df:90:eb:1a:ae:b1:f8:ff:42:cc:e8:c1:
64:82:6a:23:33:1a:3c:cf:4f:9c:7d:d6:9b:13:da:
ca:d9:54:ed:e7:f4:79:78:3f:68:ae:cc:68:df:7f:
e2:9a:2e:2a:66:8e:ce:06:c3:dc:8f:1a:d9:87:13:
35:73:a2:16:63:63:2b:81:2c:83:c1:71:1f:42:72:
46:b4:94:cb:5a:8c:59:77:fb:b3:1f:51:b2:00:99:
0a:7f:49:2c:f9:ba:2b:80:d8:82:52:b3:17:c5:81:
d2:2b:eb:ff:77:7b:76:67:40:be:67:c3:86:03:00:
19:de:6c:b4:e6:04:3b:c4:13:dc:4d:b9:41:96:fb:
a3:41:00:46:f5:ab:97:fd:04:89:51:62:46:db:8c:
d3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:69:65:E7:B9:9D:B8:EF:94:55:8E:0E:0E:27:FA:FC:51:E8:42:BC
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/RWll57mduO-UVY4ODif6_FHoQrw.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
87:d4:d7:38:39:01:45:60:e4:92:81:b5:14:9e:14:90:99:51:
96:8e:86:55:56:97:87:58:69:11:75:b8:ca:5d:a1:7c:2d:4e:
31:a9:9e:a9:19:5f:bd:a5:85:d8:2e:37:64:46:5a:37:da:9d:
b0:18:7c:80:69:c4:b4:53:57:8f:e2:6c:59:db:ee:f1:81:36:
4a:29:79:b7:78:65:00:da:9a:27:30:7a:c4:d6:b8:e4:60:2b:
aa:f2:30:6a:ec:10:98:d7:1c:c1:da:17:4a:f5:e6:fa:76:77:
c9:4f:c1:83:f6:13:da:7b:f9:8c:ac:78:73:a2:5d:57:01:14:
b8:16:2c:ed:a0:2d:3f:00:22:c3:99:bd:4d:d9:fc:06:4c:96:
bb:32:81:a8:21:5f:81:2f:39:15:be:b8:e4:41:28:85:cf:98:
fa:e0:6d:a0:2c:84:fc:ac:f5:d6:93:09:1d:dd:0d:5c:b8:61:
45:77:22:de:a6:2e:af:bf:7c:92:b4:51:1b:02:5a:20:c9:fb:
73:c1:ec:8d:b2:7e:af:23:a2:e1:a2:eb:c0:8a:6c:b6:b6:0e:
76:1f:c4:41:24:2e:e2:80:1f:e2:f9:b0:13:c4:f9:ed:00:47:
f1:e4:40:b2:f0:9b:76:c9:0e:82:67:e0:dd:19:d1:40:aa:43:
56:6d:77:d0
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQlUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAxMzAw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDQ1Njk2NUU3Qjk5REI4
RUY5NDU1OEUwRTBFMjdGQUZDNTFFODQyQkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz0fPDOftjUUDZWNz+s7Apzh/I93MNa3CKfF+WspzMkTU/OgCq
2OBWM3n/2+3/ZzlgkwXZGgqR05hwyoema/LQ0e3iorzcPMudozdzRPnY8QLpzCUQ
kfLF1UqQf89dpdvdrunUdUahpoGqqN+Q6xqusfj/QszowWSCaiMzGjzPT5x91psT
2srZVO3n9Hl4P2iuzGjff+KaLipmjs4Gw9yPGtmHEzVzohZjYyuBLIPBcR9Ccka0
lMtajFl3+7MfUbIAmQp/SSz5uiuA2IJSsxfFgdIr6/93e3ZnQL5nw4YDABnebLTm
BDvEE9xNuUGW+6NBAEb1q5f9BIlRYkbbjNPPAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQURWll57mduO+UVY4ODif6/FHoQrwwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9SV2xsNTdtZHVPLVVWWTRPRGlmNl9GSG9Rcncucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AIfU1zg5AUVg5JKBtRSeFJCZUZaOhlVWl4dYaRF1uMpdoXwtTjGpnqkZX72lhdgu
N2RGWjfanbAYfIBpxLRTV4/ibFnb7vGBNkopebd4ZQDamicwesTWuORgK6ryMGrs
EJjXHMHaF0r15vp2d8lPwYP2E9p7+YyseHOiXVcBFLgWLO2gLT8AIsOZvU3Z/AZM
lrsygaghX4EvORW+uORBKIXPmPrgbaAshPys9daTCR3dDVy4YUV3It6mLq+/fJK0
URsCWiDJ+3PB7I2yfq8jouGi68CKbLa2DnYfxEEkLuKAH+L5sBPE+e0AR/HkQLLw
m3bJDoJn4N0Z0UCqQ1Ztd9A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org