Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/T86KUw0bxyzFkDQBx6q7mHfskpM.roa
File: T86KUw0bxyzFkDQBx6q7mHfskpM.roa (raw, json)
Hash identifier: QU+eAGm1mdPg6x51Xhzy69sfuIjAe2KyUPbr4EX00oM=
Subject key identifier: 4F:CE:8A:53:0D:1B:C7:2C:C5:90:34:01:C7:AA:BB:98:77:EC:92:93
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4383
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/T86KUw0bxyzFkDQBx6q7mHfskpM.roa
Signing time: Mon 21 Feb 2022 00:30:04 +0000
ROA not before: Mon 21 Feb 2022 00:30:04 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17283 (0x4383)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 21 00:30:04 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=4FCE8A530D1BC72CC5903401C7AABB9877EC9293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:74:4d:59:d4:c9:d4:dd:0c:c2:91:ab:ce:f3:
a6:0b:f8:c4:1e:a1:3e:e1:d4:20:12:73:71:18:d1:
ce:0a:5f:ca:28:1b:8c:da:56:27:fc:63:2d:1b:82:
d0:e2:b4:d8:07:8c:11:08:6c:95:29:f3:96:77:11:
31:28:25:9e:d3:9d:a7:1b:9b:d7:e5:c3:42:6f:91:
24:db:53:a3:a1:83:d6:a9:3c:6f:af:50:c3:8a:6c:
6e:7b:14:a8:a6:69:c4:5f:43:68:60:c0:f1:69:d0:
73:4d:59:e3:88:23:18:ad:c3:8b:a4:78:90:27:84:
22:9b:92:fb:86:49:72:6c:26:96:94:10:1c:00:82:
b5:ef:52:84:3f:c6:05:c1:47:81:8b:2e:60:35:77:
8f:d7:7e:e3:2c:5d:46:d1:60:f2:1f:51:41:b2:c1:
17:0b:39:e8:f5:2d:fa:8c:78:d0:a8:b3:eb:46:00:
e9:d3:65:1c:38:f4:a5:77:44:be:d9:79:f5:46:5c:
e0:a8:c0:83:a1:14:1e:f0:8f:25:c9:fe:1a:8a:f3:
3c:53:f2:88:50:6e:88:9f:45:2c:4d:c5:63:46:32:
82:aa:06:58:03:7b:4c:8e:f4:5d:29:32:ab:c9:5c:
7a:ea:35:6b:c6:6b:77:74:9d:4b:a6:85:ca:5f:d9:
ba:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:CE:8A:53:0D:1B:C7:2C:C5:90:34:01:C7:AA:BB:98:77:EC:92:93
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/T86KUw0bxyzFkDQBx6q7mHfskpM.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:1b:04:f6:d2:45:fe:e3:d3:2a:db:3b:99:56:fb:be:ae:da:
3f:63:f5:cd:3f:61:ff:7c:b9:e2:8a:4b:60:5b:e5:2d:43:25:
45:8b:14:9b:e1:d1:ca:c2:1a:29:d9:28:49:8c:4c:2f:ab:4c:
59:55:ea:f1:1e:c1:b8:f1:fa:fb:bd:59:37:9e:bb:4a:fe:2a:
70:70:d0:b7:18:a8:84:e7:a8:36:61:5b:5c:68:8c:a5:a1:ee:
ad:02:26:b2:13:c6:c5:be:58:12:01:0a:52:95:a5:b4:83:b3:
ad:3a:13:4d:9c:ff:41:26:bb:c3:61:6b:31:2f:a7:7d:b9:73:
29:ff:bb:4a:fc:7b:a5:ed:b2:c4:07:a6:7b:2a:d1:9c:dd:53:
cc:f5:a6:61:bb:36:7d:a7:b1:05:c2:e8:13:70:6c:81:3a:de:
e1:d6:c5:fc:bf:73:38:ef:90:29:22:17:44:fe:e5:57:4a:6a:
f9:21:be:81:15:21:87:e7:05:ba:e3:51:ed:38:d0:fe:e4:bb:
94:6d:4f:af:30:a0:a9:8f:68:0a:69:b7:2b:c9:70:ce:74:4a:
ca:ad:27:14:c7:b3:cb:da:a6:11:11:c5:a4:05:7f:c5:3b:ad:
8a:b3:8c:ed:11:24:b0:ee:f4:b5:49:83:69:fd:54:23:73:fe:
0b:4e:d5:31
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ4MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjEw
MDMwMDRaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDRGQ0U4QTUzMEQxQkM3
MkNDNTkwMzQwMUM3QUFCQjk4NzdFQzkyOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGdE1Z1MnU3QzCkavO86YL+MQeoT7h1CASc3EY0c4KX8ooG4za
Vif8Yy0bgtDitNgHjBEIbJUp85Z3ETEoJZ7Tnacbm9flw0JvkSTbU6Ohg9apPG+v
UMOKbG57FKimacRfQ2hgwPFp0HNNWeOIIxitw4ukeJAnhCKbkvuGSXJsJpaUEBwA
grXvUoQ/xgXBR4GLLmA1d4/XfuMsXUbRYPIfUUGywRcLOej1LfqMeNCos+tGAOnT
ZRw49KV3RL7ZefVGXOCowIOhFB7wjyXJ/hqK8zxT8ohQboifRSxNxWNGMoKqBlgD
e0yO9F0pMqvJXHrqNWvGa3d0nUumhcpf2bofAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUT86KUw0bxyzFkDQBx6q7mHfskpMwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9UODZLVXcwYnh5ekZrRFFCeDZxN21IZnNrcE0ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AKkbBPbSRf7j0yrbO5lW+76u2j9j9c0/Yf98ueKKS2Bb5S1DJUWLFJvh0crCGinZ
KEmMTC+rTFlV6vEewbjx+vu9WTeeu0r+KnBw0LcYqITnqDZhW1xojKWh7q0CJrIT
xsW+WBIBClKVpbSDs606E02c/0Emu8NhazEvp325cyn/u0r8e6XtssQHpnsq0Zzd
U8z1pmG7Nn2nsQXC6BNwbIE63uHWxfy/czjvkCkiF0T+5VdKavkhvoEVIYfnBbrj
Ue040P7ku5RtT68woKmPaApptyvJcM50SsqtJxTHs8vaphERxaQFf8U7rYqzjO0R
JLDu9LVJg2n9VCNz/gtO1TE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org