Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Xnl3l2ylOYSQMh7_wRHmJm4o4aM.roa
File: Xnl3l2ylOYSQMh7_wRHmJm4o4aM.roa (raw, json)
Hash identifier: 4PfeCFQ0EMnXzKsOHqXqTwPf2XQaAQ4p4QQ3MSyiJTo=
Subject key identifier: 5E:79:77:97:6C:A5:39:84:90:32:1E:FF:C1:11:E6:26:6E:28:E1:A3
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 429B
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Xnl3l2ylOYSQMh7_wRHmJm4o4aM.roa
Signing time: Fri 04 Feb 2022 00:30:08 +0000
ROA not before: Fri 04 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17051 (0x429b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 4 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=5E7977976CA5398490321EFFC111E6266E28E1A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c4:a0:23:02:b6:1a:fb:c8:e7:10:0e:8d:94:
44:b8:bf:f6:b6:50:02:42:a0:39:35:09:1d:ae:c7:
19:f0:0e:c6:e4:a2:d5:26:74:33:65:9a:40:02:90:
9e:32:f4:37:22:a5:49:63:da:03:7d:08:7c:37:3b:
e8:a9:8a:d0:ce:e6:11:71:23:75:1d:2f:c1:ad:0a:
6c:b8:93:5d:12:4d:d0:c5:7a:c8:fb:d1:9b:ce:f4:
35:cc:a8:ba:db:62:62:8c:d8:eb:85:91:1e:cb:5a:
e6:9b:f1:cc:a7:94:61:f4:41:4f:cc:29:91:4d:eb:
6c:f6:62:37:30:1c:b7:59:0c:18:44:41:d3:03:25:
8a:8e:d9:09:5e:5f:72:0d:2a:c0:9b:10:98:52:3f:
fd:93:ee:bc:e1:3a:3c:dd:15:cd:04:4b:c4:50:ca:
ed:5b:bc:3a:88:a7:24:26:f8:d9:85:74:94:6e:f5:
c0:7a:77:cf:96:b9:2b:7a:bb:68:40:ad:87:ed:74:
54:6f:83:81:66:37:7e:f4:f2:d8:95:36:1f:9f:45:
47:7c:cc:07:77:c6:df:1f:9b:79:a0:77:d9:87:d0:
d6:c2:5c:10:35:f0:90:8b:46:4b:19:c0:b5:44:b1:
e8:92:a3:bc:eb:ae:57:f4:a7:5a:b9:3c:a5:a4:c9:
bd:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:79:77:97:6C:A5:39:84:90:32:1E:FF:C1:11:E6:26:6E:28:E1:A3
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Xnl3l2ylOYSQMh7_wRHmJm4o4aM.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:58:f0:1f:0d:5b:cb:b3:11:fc:11:f2:ff:11:81:5e:10:d6:
8b:26:28:f3:7c:94:d6:f4:35:9b:9b:f8:8a:86:1e:29:03:97:
81:82:33:b8:85:08:4c:81:fe:a6:57:9f:59:d9:af:b0:75:f8:
8c:7b:b3:b5:df:5b:41:ba:78:c4:da:bb:4b:c0:96:87:d7:e4:
5c:80:0d:71:e3:05:50:76:e7:c3:92:50:ea:bb:54:84:36:ca:
14:20:9e:f0:a5:d5:86:75:41:88:e0:0d:42:ab:56:ca:c0:a3:
f9:f9:e4:7d:69:26:d3:74:d7:ae:ce:fe:3d:37:fc:5d:0d:ae:
d1:a0:59:43:45:05:c8:31:22:ba:22:96:2e:ab:5c:06:b4:ce:
13:93:16:d5:21:25:c9:0e:5d:bb:e0:9d:4f:5c:8d:97:5d:92:
e8:3b:80:90:f4:6f:57:24:16:bb:75:8c:22:dc:ba:3d:41:91:
bb:30:df:1a:17:0b:f1:89:39:30:e4:8d:ee:fa:35:77:75:f1:
a3:84:20:43:23:a5:a9:27:63:a7:a3:c6:2a:3f:13:0c:ab:82:
9c:67:34:f6:07:07:0e:0d:ae:9f:ee:bb:b0:77:10:2a:9f:bc:
ce:e4:96:01:78:00:f9:07:c3:4a:b2:a2:f3:1d:9f:ee:ab:eb:
d1:fc:b2:97
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQpswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDQw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDVFNzk3Nzk3NkNBNTM5
ODQ5MDMyMUVGRkMxMTFFNjI2NkUyOEUxQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcxKAjArYa+8jnEA6NlES4v/a2UAJCoDk1CR2uxxnwDsbkotUm
dDNlmkACkJ4y9DcipUlj2gN9CHw3O+ipitDO5hFxI3UdL8GtCmy4k10STdDFesj7
0ZvO9DXMqLrbYmKM2OuFkR7LWuab8cynlGH0QU/MKZFN62z2YjcwHLdZDBhEQdMD
JYqO2QleX3INKsCbEJhSP/2T7rzhOjzdFc0ES8RQyu1bvDqIpyQm+NmFdJRu9cB6
d8+WuSt6u2hArYftdFRvg4FmN3708tiVNh+fRUd8zAd3xt8fm3mgd9mH0NbCXBA1
8JCLRksZwLVEseiSo7zrrlf0p1q5PKWkyb1TAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUXnl3l2ylOYSQMh7/wRHmJm4o4aMwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9YbmwzbDJ5bE9ZU1FNaDdfd1JIbUptNG80YU0ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AF1Y8B8NW8uzEfwR8v8RgV4Q1osmKPN8lNb0NZub+IqGHikDl4GCM7iFCEyB/qZX
n1nZr7B1+Ix7s7XfW0G6eMTau0vAlofX5FyADXHjBVB258OSUOq7VIQ2yhQgnvCl
1YZ1QYjgDUKrVsrAo/n55H1pJtN0167O/j03/F0NrtGgWUNFBcgxIroili6rXAa0
zhOTFtUhJckOXbvgnU9cjZddkug7gJD0b1ckFrt1jCLcuj1Bkbsw3xoXC/GJOTDk
je76NXd18aOEIEMjpaknY6ejxio/EwyrgpxnNPYHBw4Nrp/uu7B3ECqfvM7klgF4
APkHw0qyovMdn+6r69H8spc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org