Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/SCPdTNMg842rPshTbwQScaY0nQE.roa
File: SCPdTNMg842rPshTbwQScaY0nQE.roa (raw, json)
Hash identifier: Nyvy94tvbC61d8mReOqwm0oFMJ0MEtTr9CUqvEzkLUM=
Subject key identifier: 48:23:DD:4C:D3:20:F3:8D:AB:3E:C8:53:6F:04:12:71:A6:34:9D:01
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 445E
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/SCPdTNMg842rPshTbwQScaY0nQE.roa
Signing time: Wed 09 Mar 2022 00:36:44 +0000
ROA not before: Wed 09 Mar 2022 00:36:44 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17502 (0x445e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 9 00:36:44 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=4823DD4CD320F38DAB3EC8536F041271A6349D01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:53:35:8c:75:35:a2:de:67:81:6d:5d:59:af:
d5:94:e3:fb:1d:e4:08:30:df:dd:e3:a7:3b:f8:9c:
90:bd:30:db:84:7b:73:d1:2a:3f:5d:c8:61:d6:a9:
12:5b:f1:09:cc:72:a3:21:ff:ab:b1:66:52:5f:df:
df:1e:c1:99:ae:2f:18:10:d6:63:4f:4d:78:d9:8f:
38:b3:3c:f3:72:c2:31:a1:17:5c:e0:69:77:27:c1:
7a:51:7e:ec:96:00:b7:47:e8:0c:0d:11:d7:b6:57:
b4:43:ba:0c:8e:86:4e:97:4c:86:39:91:ca:63:b5:
69:0f:5a:7b:35:0f:ab:63:22:5c:f7:b6:5c:da:08:
79:e8:0a:9d:b3:0c:fe:0b:e9:31:ad:19:17:92:68:
b5:a9:2c:ce:46:3b:03:e2:de:bd:8e:b1:76:27:f9:
93:fa:78:22:93:96:8b:68:15:7a:09:0f:a7:79:c8:
08:3e:9d:48:03:ce:d6:6b:af:d2:90:d2:f0:56:ca:
1a:c0:dc:53:6e:92:ea:8d:75:f0:69:e5:f4:4e:33:
b0:a5:0a:64:f2:d2:38:32:89:f1:f5:db:8b:06:b3:
c1:f1:62:45:59:f1:53:71:de:ba:7b:e6:59:6b:a6:
8c:a2:cb:d3:5a:c4:04:78:eb:3a:09:da:2e:6e:07:
de:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:23:DD:4C:D3:20:F3:8D:AB:3E:C8:53:6F:04:12:71:A6:34:9D:01
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/SCPdTNMg842rPshTbwQScaY0nQE.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:2b:f8:a6:60:c9:67:10:d1:c6:1d:5c:c8:3c:cc:3e:55:57:
e1:bd:72:f4:ea:30:af:f2:ff:c0:73:2a:69:24:39:ce:94:54:
95:f5:8e:2b:d0:d1:0c:18:bf:d6:8d:a4:52:a6:75:b1:79:74:
d1:07:96:49:c1:34:a0:02:2c:c4:41:8b:85:96:e8:25:cc:9d:
b3:5f:e4:79:12:8c:49:1d:89:29:56:5c:21:92:99:15:48:c3:
b7:45:e1:41:21:97:08:61:24:93:9d:ef:1f:80:d9:87:2f:e9:
b1:a6:85:de:6e:19:6c:4f:be:a7:23:29:c1:e4:1b:7b:b0:58:
a2:f2:11:04:eb:5e:3f:89:96:95:d5:3d:eb:f0:14:cb:95:15:
dd:69:e4:8b:82:51:97:6f:39:40:97:87:49:a1:83:7b:ca:4b:
79:3a:ec:ca:01:be:20:36:d1:52:83:e9:5c:7a:b6:fc:26:0f:
33:dd:a5:d3:a6:4a:45:80:a0:fe:04:1e:dd:de:07:9f:93:a7:
d1:0e:4f:98:77:5e:9f:e3:86:a2:26:85:7a:7e:8b:a8:5a:5d:
52:b4:06:c4:c0:ff:71:b8:e1:05:0b:c3:f7:55:ec:86:8c:22:
26:be:3d:f4:a1:87:13:ed:9b:ed:12:71:58:2c:5a:68:4c:3f:
d6:4c:cd:19
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDkw
MDM2NDRaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDQ4MjNERDRDRDMyMEYz
OERBQjNFQzg1MzZGMDQxMjcxQTYzNDlEMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1UzWMdTWi3meBbV1Zr9WU4/sd5Agw393jpzv4nJC9MNuEe3PR
Kj9dyGHWqRJb8QnMcqMh/6uxZlJf398ewZmuLxgQ1mNPTXjZjzizPPNywjGhF1zg
aXcnwXpRfuyWALdH6AwNEde2V7RDugyOhk6XTIY5kcpjtWkPWns1D6tjIlz3tlza
CHnoCp2zDP4L6TGtGReSaLWpLM5GOwPi3r2OsXYn+ZP6eCKTlotoFXoJD6d5yAg+
nUgDztZrr9KQ0vBWyhrA3FNukuqNdfBp5fROM7ClCmTy0jgyifH124sGs8HxYkVZ
8VNx3rp75llrpoyiy9NaxAR46zoJ2i5uB94/AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUSCPdTNMg842rPshTbwQScaY0nQEwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9TQ1BkVE5NZzg0MnJQc2hUYndRU2NhWTBuUUUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AE4r+KZgyWcQ0cYdXMg8zD5VV+G9cvTqMK/y/8BzKmkkOc6UVJX1jivQ0QwYv9aN
pFKmdbF5dNEHlknBNKACLMRBi4WW6CXMnbNf5HkSjEkdiSlWXCGSmRVIw7dF4UEh
lwhhJJOd7x+A2Ycv6bGmhd5uGWxPvqcjKcHkG3uwWKLyEQTrXj+JlpXVPevwFMuV
Fd1p5IuCUZdvOUCXh0mhg3vKS3k67MoBviA20VKD6Vx6tvwmDzPdpdOmSkWAoP4E
Ht3eB5+Tp9EOT5h3Xp/jhqImhXp+i6haXVK0BsTA/3G44QULw/dV7IaMIia+PfSh
hxPtm+0ScVgsWmhMP9ZMzRk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org