Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Wq4FYHmr2PfHEd6NINvY38QpyW4.roa
File: Wq4FYHmr2PfHEd6NINvY38QpyW4.roa (raw, json)
Hash identifier: gAxF27RIsGj6EfY5G1UgTPVRZpgyHFouTviI+ega4eo=
Subject key identifier: 5A:AE:05:60:79:AB:D8:F7:C7:11:DE:8D:20:DB:D8:DF:C4:29:C9:6E
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4798
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Wq4FYHmr2PfHEd6NINvY38QpyW4.roa
Signing time: Sat 07 May 2022 00:30:07 +0000
ROA not before: Sat 07 May 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18328 (0x4798)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 7 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=5AAE056079ABD8F7C711DE8D20DBD8DFC429C96E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:01:f3:3e:67:3c:99:ec:40:25:f1:47:3b:8d:
e9:ba:e5:84:53:01:9e:f0:59:42:9a:d7:bf:99:9b:
af:4e:67:7a:3a:22:73:94:b0:ec:c0:a6:15:1b:36:
26:ae:4d:b7:2b:23:ec:ac:ab:87:ec:8b:ba:79:e3:
00:f7:f1:20:72:89:4b:38:ac:ef:c7:a0:7c:6e:88:
0d:11:16:ec:94:6b:01:28:c4:ec:1c:dc:4c:82:b5:
9d:9e:48:3e:36:a3:e7:02:b7:a9:05:89:c5:d1:30:
ee:91:ee:df:9d:d6:fc:77:42:0a:9f:a8:4e:9f:58:
c5:84:ed:23:c3:1d:1b:48:0b:b7:5d:d7:fc:5f:4f:
a2:37:7c:92:9c:06:b6:ad:a0:14:7b:f9:a0:8f:6a:
c6:77:08:3c:8d:0b:32:82:3b:ad:13:c7:ee:db:9f:
8c:1c:33:31:6b:85:b8:f7:8b:38:5d:c5:04:e3:9d:
a9:4d:7d:21:4b:fc:cd:81:3b:1d:a4:3d:b8:c2:04:
58:c8:f8:6d:69:e8:f2:77:6f:b1:50:2e:61:fb:64:
3d:d7:06:42:99:f8:ed:ab:79:90:0e:5e:27:22:01:
eb:39:bf:3a:1c:a0:0b:64:3f:31:48:eb:e8:e9:42:
89:f9:5a:e4:ef:ea:55:f5:79:22:eb:99:97:96:65:
bb:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:AE:05:60:79:AB:D8:F7:C7:11:DE:8D:20:DB:D8:DF:C4:29:C9:6E
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Wq4FYHmr2PfHEd6NINvY38QpyW4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
70:df:03:53:87:c7:b0:8d:14:42:9e:cb:12:05:18:1b:4f:7a:
25:84:5f:af:db:44:7c:af:64:61:be:b5:8b:0b:28:d9:6b:66:
cc:bf:12:aa:bf:0a:cc:2d:c2:25:f9:ed:6e:4c:2a:5a:66:29:
70:2b:e0:44:78:1d:76:3d:4d:9d:86:1b:90:6f:5a:2b:e0:6e:
6f:29:33:20:41:e0:b4:d0:12:93:b9:4c:f8:d7:86:bc:b7:2d:
21:cb:f3:d5:8e:fe:14:ac:85:7b:27:60:36:af:a0:b3:1f:8c:
ba:91:26:56:9d:d2:76:a1:8b:81:f5:f3:ee:5a:b6:85:a5:70:
67:16:1e:0b:91:48:66:98:ef:df:99:bd:1f:27:99:3f:0a:a0:
9c:68:28:d3:6e:0d:85:1a:b9:77:3e:d6:bf:a4:93:fe:be:0d:
df:d2:e6:33:3a:31:c1:36:1b:e5:79:30:d2:9e:23:9a:94:aa:
a9:db:4e:bc:c9:a8:dd:05:d2:05:f6:7d:56:98:3f:13:3d:5e:
1a:19:d3:e7:f7:25:0e:1d:6f:6e:48:95:36:55:22:38:d1:bb:
f2:67:17:68:6f:fc:e2:a3:50:f4:1a:17:83:f0:55:df:9a:ba:
04:c4:ef:60:2e:a1:a2:fc:07:fc:83:de:28:32:6b:27:80:48:
5d:51:04:0c
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR5gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MDcw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDVBQUUwNTYwNzlBQkQ4
RjdDNzExREU4RDIwREJEOERGQzQyOUM5NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6AfM+ZzyZ7EAl8Uc7jem65YRTAZ7wWUKa17+Zm69OZ3o6InOU
sOzAphUbNiauTbcrI+ysq4fsi7p54wD38SByiUs4rO/HoHxuiA0RFuyUawEoxOwc
3EyCtZ2eSD42o+cCt6kFicXRMO6R7t+d1vx3QgqfqE6fWMWE7SPDHRtIC7dd1/xf
T6I3fJKcBratoBR7+aCPasZ3CDyNCzKCO60Tx+7bn4wcMzFrhbj3izhdxQTjnalN
fSFL/M2BOx2kPbjCBFjI+G1p6PJ3b7FQLmH7ZD3XBkKZ+O2reZAOXiciAes5vzoc
oAtkPzFI6+jpQon5WuTv6lX1eSLrmZeWZbudAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUWq4FYHmr2PfHEd6NINvY38QpyW4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9XcTRGWUhtcjJQZkhFZDZOSU52WTM4UXB5VzQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AHDfA1OHx7CNFEKeyxIFGBtPeiWEX6/bRHyvZGG+tYsLKNlrZsy/Eqq/CswtwiX5
7W5MKlpmKXAr4ER4HXY9TZ2GG5BvWivgbm8pMyBB4LTQEpO5TPjXhry3LSHL89WO
/hSshXsnYDavoLMfjLqRJlad0nahi4H18+5atoWlcGcWHguRSGaY79+ZvR8nmT8K
oJxoKNNuDYUauXc+1r+kk/6+Dd/S5jM6McE2G+V5MNKeI5qUqqnbTrzJqN0F0gX2
fVaYPxM9XhoZ0+f3JQ4db25IlTZVIjjRu/JnF2hv/OKjUPQaF4PwVd+augTE72Au
oaL8B/yD3igyayeASF1RBAw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org