Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Y3IYiGEE5IUcTs0ETmvb3OUtJNI.roa
File: Y3IYiGEE5IUcTs0ETmvb3OUtJNI.roa (raw, json)
Hash identifier: s+4zhRU8ZplAUbIXzusAph3cQE4/dwPczF/ia8SEfwU=
Subject key identifier: 63:72:18:88:61:04:E4:85:1C:4E:CD:04:4E:6B:DB:DC:E5:2D:24:D2
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4420
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Y3IYiGEE5IUcTs0ETmvb3OUtJNI.roa
Signing time: Fri 04 Mar 2022 00:30:10 +0000
ROA not before: Fri 04 Mar 2022 00:30:10 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17440 (0x4420)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 4 00:30:10 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=637218886104E4851C4ECD044E6BDBDCE52D24D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:da:23:15:59:09:c1:6d:22:3f:e2:50:66:2c:
ef:80:ca:55:c6:31:4b:7c:4e:b5:c3:a5:6e:00:21:
ed:09:7a:01:95:e0:de:09:fa:a9:b1:92:32:00:29:
b2:d4:e4:90:38:ed:df:f9:9a:40:32:68:de:ba:71:
cd:a2:46:27:f6:60:4b:39:59:0d:83:a8:e5:6b:4f:
a7:d7:72:14:40:c5:97:5f:84:d1:10:d3:47:67:f7:
cd:dc:2f:a5:6f:21:23:9d:fb:28:b5:7f:4d:e3:eb:
7e:41:32:aa:23:b5:fa:b5:e8:65:a9:2f:46:2d:fa:
72:36:d9:eb:8a:02:17:ad:9e:d3:c8:ee:82:33:a9:
9f:0a:cc:20:cd:06:a7:06:e2:20:6a:a9:93:d4:b1:
9b:b5:33:e9:a4:ef:3e:a5:39:7f:c4:63:2f:c4:86:
e0:09:df:c8:fb:7a:5e:03:ed:2c:f7:f9:e4:95:17:
16:2f:fa:d7:de:3a:ae:4f:90:14:70:c5:fe:c8:d4:
5f:ba:02:b5:79:44:26:30:f7:14:db:a7:42:2c:92:
85:db:b8:f1:38:44:8d:73:dd:2a:c6:05:67:ee:5c:
3d:b4:39:a2:e2:2b:68:fa:bb:b3:9a:b7:78:91:e7:
fa:88:5a:b6:52:8e:f4:52:24:17:86:3b:8b:f2:85:
23:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:72:18:88:61:04:E4:85:1C:4E:CD:04:4E:6B:DB:DC:E5:2D:24:D2
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Y3IYiGEE5IUcTs0ETmvb3OUtJNI.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
39:16:09:e6:f6:98:02:a1:ee:75:f2:82:52:5e:af:0c:1f:27:
6d:ef:40:41:0d:5b:87:af:a2:f3:d4:58:69:aa:a3:60:01:c9:
73:7d:21:dd:a8:99:df:1c:2e:94:09:69:05:ff:6e:b1:6d:2b:
11:71:54:35:85:9c:68:aa:78:52:57:6c:df:de:09:2d:3d:fd:
9b:3f:8d:aa:99:ca:51:bf:1c:04:ea:5e:88:58:e0:e4:03:7e:
65:33:69:a3:a1:45:32:29:f2:1f:81:3d:c2:a3:b6:7f:e8:f3:
5a:1d:ce:d5:75:43:fa:84:5d:77:31:55:4c:3d:26:f0:d5:b6:
6f:d1:a1:c0:9a:0e:01:b2:40:c6:e8:cb:aa:4e:34:a3:34:7d:
f8:cd:8d:e9:77:fe:c6:af:dc:06:6c:bf:60:85:82:d7:1f:93:
a4:ac:c6:b8:71:5a:e7:cc:69:4c:86:bd:65:fa:ee:03:1a:cb:
79:3f:2a:e8:ce:2e:05:91:44:b9:89:5b:60:93:6e:11:8c:f9:
e9:e7:2f:44:a6:e4:e6:0f:24:92:2c:c4:27:03:08:d0:5d:01:
03:25:88:6f:85:29:ec:5e:8a:5f:56:58:40:b8:a1:80:f2:31:
df:a4:8a:4c:e8:52:be:09:54:4e:73:81:2d:90:a0:ef:f1:62:
43:43:a6:38
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRCAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDQw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDYzNzIxODg4NjEwNEU0
ODUxQzRFQ0QwNDRFNkJEQkRDRTUyRDI0RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCk2iMVWQnBbSI/4lBmLO+AylXGMUt8TrXDpW4AIe0JegGV4N4J
+qmxkjIAKbLU5JA47d/5mkAyaN66cc2iRif2YEs5WQ2DqOVrT6fXchRAxZdfhNEQ
00dn983cL6VvISOd+yi1f03j635BMqojtfq16GWpL0Yt+nI22euKAhetntPI7oIz
qZ8KzCDNBqcG4iBqqZPUsZu1M+mk7z6lOX/EYy/EhuAJ38j7el4D7Sz3+eSVFxYv
+tfeOq5PkBRwxf7I1F+6ArV5RCYw9xTbp0IskoXbuPE4RI1z3SrGBWfuXD20OaLi
K2j6u7Oat3iR5/qIWrZSjvRSJBeGO4vyhSOVAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUY3IYiGEE5IUcTs0ETmvb3OUtJNIwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ZM0lZaUdFRTVJVWNUczBFVG12YjNPVXRKTkkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
ADkWCeb2mAKh7nXyglJerwwfJ23vQEENW4evovPUWGmqo2AByXN9Id2omd8cLpQJ
aQX/brFtKxFxVDWFnGiqeFJXbN/eCS09/Zs/jaqZylG/HATqXohY4OQDfmUzaaOh
RTIp8h+BPcKjtn/o81odztV1Q/qEXXcxVUw9JvDVtm/RocCaDgGyQMboy6pONKM0
ffjNjel3/sav3AZsv2CFgtcfk6SsxrhxWufMaUyGvWX67gMay3k/KujOLgWRRLmJ
W2CTbhGM+ennL0Sm5OYPJJIsxCcDCNBdAQMliG+FKexeil9WWEC4oYDyMd+kikzo
Ur4JVE5zgS2QoO/xYkNDpjg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org