Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Sl34I9d9idUTC4GHMoCQx9bQ864.roa
File: Sl34I9d9idUTC4GHMoCQx9bQ864.roa (raw, json)
Hash identifier: 3wuUISFEFVBV8UokZbsjoeXW5wefuV7YBvNCh9M/xpo=
Subject key identifier: 4A:5D:F8:23:D7:7D:89:D5:13:0B:81:87:32:80:90:C7:D6:D0:F3:AE
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4391
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Sl34I9d9idUTC4GHMoCQx9bQ864.roa
Signing time: Tue 22 Feb 2022 00:30:08 +0000
ROA not before: Tue 22 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17297 (0x4391)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 22 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=4A5DF823D77D89D5130B8187328090C7D6D0F3AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:74:78:33:12:31:1c:28:8b:18:26:86:85:b7:
d0:aa:74:e9:29:9d:a3:dd:37:f5:e5:df:74:20:8a:
03:09:6e:d9:eb:0d:96:da:99:1b:28:75:39:57:64:
50:a1:82:c8:5e:45:c1:66:b4:d9:6f:60:d1:b7:60:
93:86:ad:d5:98:cd:ad:49:4e:b0:d9:d7:58:90:4b:
82:7e:17:ed:6f:47:08:9c:b0:fe:e4:51:6c:d9:5d:
5e:a0:68:3f:d0:40:6f:53:3e:06:41:f9:47:5e:45:
11:8d:f0:64:28:b9:db:33:03:02:0c:ba:8e:f8:38:
09:c5:e5:89:b2:0a:50:c9:5c:3a:96:c1:cd:0e:9c:
0f:a5:7c:bd:b1:e1:0b:e1:87:9f:de:ae:09:55:6f:
56:4b:47:cd:36:e7:14:67:7b:ef:cd:b3:11:fe:a4:
45:34:2c:95:0f:49:4e:69:25:e4:cf:f5:01:29:4e:
4f:18:51:46:5c:c4:d3:77:e5:53:fb:c2:4d:1a:bb:
d2:46:38:1c:5f:3c:c3:51:dc:58:f8:2a:b7:31:b0:
82:55:ca:a9:df:a1:14:83:7a:a0:a8:c6:b8:ce:b2:
75:12:54:56:da:b3:2d:bb:72:ff:98:08:81:d7:f1:
b1:ac:b1:8b:b2:83:ba:81:51:d5:05:27:00:08:67:
64:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:5D:F8:23:D7:7D:89:D5:13:0B:81:87:32:80:90:C7:D6:D0:F3:AE
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Sl34I9d9idUTC4GHMoCQx9bQ864.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:1e:9d:88:a2:76:4e:fd:5e:c5:26:d7:6e:b2:09:55:d3:9f:
c7:ae:c4:e8:95:12:bb:a7:54:9a:5d:dc:c6:fe:c7:9c:31:84:
44:91:a4:8d:9b:6b:81:0f:a0:af:55:8c:dc:84:0b:8d:00:8e:
22:32:9a:06:80:9a:96:6f:d1:a1:20:cf:f6:0e:4f:ce:20:81:
fa:e5:21:84:3e:cf:2a:17:f9:f2:d6:8f:e3:73:01:51:11:67:
ac:f0:eb:29:f8:cf:98:c9:c9:10:06:2f:d8:ec:8d:8d:a2:91:
65:a3:15:e4:49:42:f6:c5:4c:00:df:2a:b3:52:7d:df:71:d2:
fe:1e:f6:72:83:49:56:bb:d8:09:5e:22:fe:09:60:3b:e0:5f:
b8:a4:0a:2c:d7:3f:4e:b4:5a:ed:11:de:25:06:dd:34:44:56:
86:a4:9e:1c:46:95:e9:ea:95:7e:fb:a5:8b:dd:88:fc:11:05:
4b:a9:e3:ec:bb:d8:c4:12:be:4b:86:e6:92:9b:0b:80:00:f2:
d9:2d:c3:7a:27:d8:35:a8:1d:30:69:b6:8b:65:2e:ad:83:bc:
58:98:af:1c:6c:03:60:77:83:44:64:f1:2d:d0:31:4c:15:ff:
e1:4d:a8:5c:4a:f1:e9:5b:f4:42:90:bd:01:c8:78:e2:d5:17:
48:b1:b5:5e
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ5EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjIw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDRBNURGODIzRDc3RDg5
RDUxMzBCODE4NzMyODA5MEM3RDZEMEYzQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHdHgzEjEcKIsYJoaFt9CqdOkpnaPdN/Xl33QgigMJbtnrDZba
mRsodTlXZFChgsheRcFmtNlvYNG3YJOGrdWYza1JTrDZ11iQS4J+F+1vRwicsP7k
UWzZXV6gaD/QQG9TPgZB+UdeRRGN8GQoudszAwIMuo74OAnF5YmyClDJXDqWwc0O
nA+lfL2x4Qvhh5/erglVb1ZLR8025xRne+/NsxH+pEU0LJUPSU5pJeTP9QEpTk8Y
UUZcxNN35VP7wk0au9JGOBxfPMNR3Fj4KrcxsIJVyqnfoRSDeqCoxrjOsnUSVFba
sy27cv+YCIHX8bGssYuyg7qBUdUFJwAIZ2STAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUSl34I9d9idUTC4GHMoCQx9bQ864wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9TbDM0STlkOWlkVVRDNEdITW9DUXg5YlE4NjQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AEwenYiidk79XsUm126yCVXTn8euxOiVErunVJpd3Mb+x5wxhESRpI2ba4EPoK9V
jNyEC40AjiIymgaAmpZv0aEgz/YOT84ggfrlIYQ+zyoX+fLWj+NzAVERZ6zw6yn4
z5jJyRAGL9jsjY2ikWWjFeRJQvbFTADfKrNSfd9x0v4e9nKDSVa72AleIv4JYDvg
X7ikCizXP060Wu0R3iUG3TREVoaknhxGlenqlX77pYvdiPwRBUup4+y72MQSvkuG
5pKbC4AA8tktw3on2DWoHTBptotlLq2DvFiYrxxsA2B3g0Rk8S3QMUwV/+FNqFxK
8elb9EKQvQHIeOLVF0ixtV4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org