Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/XBzzSNObwD66MDDGXOaqwjDPpI0.roa
File: XBzzSNObwD66MDDGXOaqwjDPpI0.roa (raw, json)
Hash identifier: 4tQ5EdfSYHvfHSABrp4Y8AMbVR4Xen63o7Vtsac8rj0=
Subject key identifier: 5C:1C:F3:48:D3:9B:C0:3E:BA:30:30:C6:5C:E6:AA:C2:30:CF:A4:8D
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 439F
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/XBzzSNObwD66MDDGXOaqwjDPpI0.roa
Signing time: Wed 23 Feb 2022 00:30:07 +0000
ROA not before: Wed 23 Feb 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17311 (0x439f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 23 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=5C1CF348D39BC03EBA3030C65CE6AAC230CFA48D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1e:76:95:60:1e:c4:38:5c:fb:95:96:1b:c1:
05:4a:e4:a3:a3:92:ef:83:8d:50:60:da:ec:a6:1a:
dc:65:82:25:eb:5e:1f:f6:85:cf:a3:64:aa:15:4c:
25:98:30:6f:1c:07:d4:72:12:c0:54:9d:98:bf:f7:
e0:fe:5e:b8:57:9a:86:bc:13:ca:a9:64:47:86:58:
df:74:14:02:f9:6e:85:d3:bc:1c:73:2a:3d:2c:99:
ac:01:b1:3d:e0:a1:cc:77:76:9f:a6:a5:6c:fa:18:
b6:69:1f:75:db:b9:cc:53:ce:45:8a:9d:f7:72:93:
8a:8c:6f:a3:bb:25:3c:9d:5c:dc:78:d9:9b:fd:c7:
69:56:b4:c7:20:e5:94:9e:27:42:be:1a:30:83:f5:
65:f1:ac:57:28:3d:84:e8:f7:27:d2:f6:1b:80:b4:
82:6c:cc:68:b4:62:c1:5c:cd:64:59:b0:09:2e:c7:
f3:b9:85:8b:c0:15:e0:08:e1:e3:c2:de:a9:0c:e9:
3a:87:fd:72:23:7d:33:c8:62:c9:05:cf:7f:76:14:
2f:91:d7:99:86:f8:62:52:0b:ab:58:1f:21:c4:ef:
01:52:f7:83:6d:2b:9c:bd:5b:6b:a5:4b:e8:ad:ba:
42:c2:21:d2:4e:7d:e5:fc:25:b2:5b:31:ef:0f:46:
c8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1C:F3:48:D3:9B:C0:3E:BA:30:30:C6:5C:E6:AA:C2:30:CF:A4:8D
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/XBzzSNObwD66MDDGXOaqwjDPpI0.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:fa:1e:47:c7:cb:23:cb:aa:02:9c:6e:29:71:d4:4f:4e:05:
d3:a7:2b:af:02:04:54:5d:c4:9b:28:76:1b:61:18:82:fb:6e:
68:75:ce:cc:6e:5e:27:cf:12:89:87:03:51:eb:6d:7e:51:e1:
e5:93:e0:04:dc:96:6d:aa:84:c8:30:b5:de:9f:78:1b:2f:58:
26:1b:15:df:88:9b:ab:28:bd:14:15:d7:69:d6:d1:57:1d:56:
e8:93:b7:f2:88:ba:96:1c:c2:91:88:21:9f:55:53:8d:fa:04:
92:a2:e2:1c:a3:66:1a:9f:93:4f:42:58:9c:db:64:91:84:18:
58:57:a9:6c:78:b6:d4:74:c0:a7:c2:ef:1e:19:4b:c6:b8:99:
7e:c2:74:3a:58:02:cd:69:7c:40:38:73:4c:1e:57:17:87:ed:
f5:e3:81:60:8b:a6:62:32:1f:c8:aa:0d:48:8b:7e:f1:79:2f:
57:12:a4:ee:f4:69:5b:9d:9b:f7:88:89:46:7d:18:2f:37:c4:
af:7b:c5:f5:50:18:05:16:68:40:35:e6:a8:32:98:db:28:d9:
5a:7d:b3:c6:15:40:38:5d:5a:1a:15:4a:e4:d6:74:e9:05:6e:
87:26:99:1e:1f:cb:b3:ce:bc:e6:3c:dd:59:f0:1e:64:4a:a8:
89:03:0f:46
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ58wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjMw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDVDMUNGMzQ4RDM5QkMw
M0VCQTMwMzBDNjVDRTZBQUMyMzBDRkE0OEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxHnaVYB7EOFz7lZYbwQVK5KOjku+DjVBg2uymGtxlgiXrXh/2
hc+jZKoVTCWYMG8cB9RyEsBUnZi/9+D+XrhXmoa8E8qpZEeGWN90FAL5boXTvBxz
Kj0smawBsT3gocx3dp+mpWz6GLZpH3XbucxTzkWKnfdyk4qMb6O7JTydXNx42Zv9
x2lWtMcg5ZSeJ0K+GjCD9WXxrFcoPYTo9yfS9huAtIJszGi0YsFczWRZsAkux/O5
hYvAFeAI4ePC3qkM6TqH/XIjfTPIYskFz392FC+R15mG+GJSC6tYHyHE7wFS94Nt
K5y9W2ulS+itukLCIdJOfeX8JbJbMe8PRsjHAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUXBzzSNObwD66MDDGXOaqwjDPpI0wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9YQnp6U05PYndENjZNRERHWE9hcXdqRFBwSTAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
ABr6HkfHyyPLqgKcbilx1E9OBdOnK68CBFRdxJsodhthGIL7bmh1zsxuXifPEomH
A1HrbX5R4eWT4ATclm2qhMgwtd6feBsvWCYbFd+Im6sovRQV12nW0VcdVuiTt/KI
upYcwpGIIZ9VU436BJKi4hyjZhqfk09CWJzbZJGEGFhXqWx4ttR0wKfC7x4ZS8a4
mX7CdDpYAs1pfEA4c0weVxeH7fXjgWCLpmIyH8iqDUiLfvF5L1cSpO70aVudm/eI
iUZ9GC83xK97xfVQGAUWaEA15qgymNso2Vp9s8YVQDhdWhoVSuTWdOkFbocmmR4f
y7POvOY83VnwHmRKqIkDD0Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org