Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/XYiQR2oaULayzjL8w2lWMEGzgVk.roa
File: XYiQR2oaULayzjL8w2lWMEGzgVk.roa (raw, json)
Hash identifier: jVsF8TLUZ/Mcaoa0+3eF8jRgMqPildlXhH84pKp0CbA=
Subject key identifier: 5D:88:90:47:6A:1A:50:B6:B2:CE:32:FC:C3:69:56:30:41:B3:81:59
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 488A
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/XYiQR2oaULayzjL8w2lWMEGzgVk.roa
Signing time: Tue 24 May 2022 00:30:07 +0000
ROA not before: Tue 24 May 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18570 (0x488a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 24 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=5D8890476A1A50B6B2CE32FCC369563041B38159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:91:fa:0e:49:2f:34:50:51:ca:c0:39:ef:df:
41:77:f3:ce:30:77:38:8d:bd:53:39:f6:3a:29:19:
0c:bb:43:70:5d:35:f6:94:bb:7e:a2:5f:c2:9c:86:
d3:6c:a0:8f:90:9f:6b:33:a5:d6:c9:1e:60:6c:ef:
5d:02:64:08:d9:03:3c:5f:5a:f8:e7:13:e3:31:a1:
fe:0f:32:5e:9e:f4:cd:fe:cb:ce:95:9d:4d:f1:8a:
af:d3:c0:80:d0:83:1d:95:98:f3:ca:ab:99:0a:07:
d9:e8:1c:f8:21:61:ee:22:f9:ff:16:9d:8f:cd:ab:
3e:85:73:2f:c2:ff:c1:68:f2:91:e6:b9:16:f1:c6:
bf:2d:fc:d5:5f:d1:02:8f:35:43:05:17:f0:33:34:
d9:32:3a:bf:6f:7e:0f:51:9c:fc:4d:11:ea:bb:83:
6b:26:cc:5d:55:01:c7:d9:31:46:ad:2a:17:ec:fd:
cb:50:d2:2c:24:72:2b:cd:a7:07:f7:37:1d:7b:84:
76:10:37:70:6c:cb:71:5a:f4:a1:1b:09:42:57:a2:
7c:17:b5:1d:a9:fc:72:6a:a9:ed:75:f9:1b:f7:bd:
b9:e2:08:90:59:85:86:d2:3b:32:e2:70:97:17:fa:
6b:49:7d:69:73:31:67:28:03:68:25:69:37:7b:3d:
d1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:88:90:47:6A:1A:50:B6:B2:CE:32:FC:C3:69:56:30:41:B3:81:59
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/XYiQR2oaULayzjL8w2lWMEGzgVk.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:b2:44:c2:68:0c:4b:73:9f:b3:85:32:a3:1d:52:fe:e9:7f:
73:2f:7c:7c:ff:44:b8:6e:bb:47:ab:9b:51:c7:92:52:54:9d:
80:30:a8:0f:77:04:d3:69:7c:a7:e6:be:1b:59:dd:63:17:57:
9a:16:ef:5e:8f:a5:93:e3:41:72:e2:33:eb:88:88:c3:6f:c7:
66:c1:11:60:b9:e5:80:d9:8d:e8:75:b5:5d:f8:cc:da:57:17:
f7:bd:ec:b4:ea:81:df:bb:fd:1f:09:48:74:8a:23:d4:06:ab:
4e:9b:6d:ae:49:b4:b9:6d:6e:f5:83:8e:ef:67:aa:6c:61:27:
d1:c5:2a:92:e1:60:df:44:49:49:86:06:57:a5:7f:20:90:43:
0a:01:22:86:36:4c:e7:ce:3d:fe:ca:1a:5e:8a:64:43:93:d3:
3f:a4:dd:ce:eb:46:e3:37:0a:e6:48:63:81:02:22:8b:d2:69:
01:67:35:38:5a:6e:af:f3:0a:e9:ce:9a:cd:0f:f2:d0:cf:2d:
b1:51:dc:0e:b4:0e:bd:18:0f:7f:01:4a:2f:cc:4e:c2:50:91:
5e:7f:48:f4:7c:da:32:fa:a7:f6:23:87:22:84:08:da:4f:20:
7b:a1:6a:17:ca:c3:7e:ff:ed:3c:2f:cd:f3:60:5a:a1:80:5d:
ce:3c:ec:a5
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSIowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MjQw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDVEODg5MDQ3NkExQTUw
QjZCMkNFMzJGQ0MzNjk1NjMwNDFCMzgxNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDukfoOSS80UFHKwDnv30F3884wdziNvVM59jopGQy7Q3BdNfaU
u36iX8KchtNsoI+Qn2szpdbJHmBs710CZAjZAzxfWvjnE+Mxof4PMl6e9M3+y86V
nU3xiq/TwIDQgx2VmPPKq5kKB9noHPghYe4i+f8WnY/Nqz6Fcy/C/8Fo8pHmuRbx
xr8t/NVf0QKPNUMFF/AzNNkyOr9vfg9RnPxNEeq7g2smzF1VAcfZMUatKhfs/ctQ
0iwkcivNpwf3Nx17hHYQN3Bsy3Fa9KEbCUJXonwXtR2p/HJqqe11+Rv3vbniCJBZ
hYbSOzLicJcX+mtJfWlzMWcoA2glaTd7PdHhAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUXYiQR2oaULayzjL8w2lWMEGzgVkwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9YWWlRUjJvYVVMYXl6akw4dzJsV01FR3pnVmsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
ALSyRMJoDEtzn7OFMqMdUv7pf3MvfHz/RLhuu0erm1HHklJUnYAwqA93BNNpfKfm
vhtZ3WMXV5oW716PpZPjQXLiM+uIiMNvx2bBEWC55YDZjeh1tV34zNpXF/e97LTq
gd+7/R8JSHSKI9QGq06bba5JtLltbvWDju9nqmxhJ9HFKpLhYN9ESUmGBlelfyCQ
QwoBIoY2TOfOPf7KGl6KZEOT0z+k3c7rRuM3CuZIY4ECIovSaQFnNThabq/zCunO
ms0P8tDPLbFR3A60Dr0YD38BSi/MTsJQkV5/SPR82jL6p/YjhyKECNpPIHuhahfK
w37/7TwvzfNgWqGAXc487KU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org