Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/YGgDvdyDcUJ7Jk_I9RJUMPSP0co.roa
File: YGgDvdyDcUJ7Jk_I9RJUMPSP0co.roa (raw, json)
Hash identifier: faw+b7pXqvmryhCCgQ/26PGKbQuzrEoOqsZ6F0JweJk=
Subject key identifier: 60:68:03:BD:DC:83:71:42:7B:26:4F:C8:F5:12:54:30:F4:8F:D1:CA
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4270
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/YGgDvdyDcUJ7Jk_I9RJUMPSP0co.roa
Signing time: Tue 01 Feb 2022 00:30:06 +0000
ROA not before: Tue 01 Feb 2022 00:30:06 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17008 (0x4270)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 1 00:30:06 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=606803BDDC8371427B264FC8F5125430F48FD1CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3d:e3:da:44:31:3d:12:b4:2b:18:5e:30:64:
dd:9b:8c:46:9a:a5:97:0e:0f:03:01:bc:89:2a:c4:
62:00:b5:8f:9f:bc:50:3a:e8:09:80:a7:a7:b5:00:
a8:d9:92:c1:fc:37:06:59:91:a2:fa:93:ba:70:cc:
4a:67:26:51:a4:a8:2a:33:7b:7a:d3:00:cf:cb:f9:
de:c0:af:2c:04:06:74:80:b3:db:c6:44:09:4e:59:
64:c9:ad:69:d9:4d:2d:11:76:b7:4e:7e:83:e2:94:
c9:23:d5:90:69:96:e8:f6:36:cd:33:13:4d:12:1b:
a8:3e:5e:0a:b3:f6:a0:2f:d7:0c:14:09:d1:b5:7a:
f9:89:a6:21:fd:4d:6e:5f:02:95:1f:24:e7:c2:03:
f0:cc:55:ad:9a:50:b3:20:3a:3f:8a:ea:c0:21:39:
03:6e:29:c2:02:4e:d7:71:06:e0:b4:52:92:37:9d:
34:16:73:59:cf:b2:d7:a6:32:06:8b:54:43:b8:bb:
77:0d:47:48:a6:83:03:a8:27:e1:a9:2a:72:68:26:
be:6b:94:a0:ca:f6:7d:1c:9f:6b:0b:0f:82:52:67:
34:6f:8c:e0:76:3e:7f:35:8a:07:91:85:bc:e0:44:
96:5c:5d:d2:91:7e:8f:b9:e7:ef:df:fc:80:d9:3a:
60:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:68:03:BD:DC:83:71:42:7B:26:4F:C8:F5:12:54:30:F4:8F:D1:CA
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/YGgDvdyDcUJ7Jk_I9RJUMPSP0co.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:9c:22:76:37:43:74:0a:c3:d6:fa:5b:71:ba:6c:1f:94:1f:
02:74:ea:e8:19:d0:8c:b1:99:78:0c:2a:52:99:2c:3c:3d:a1:
57:aa:2b:72:36:e7:ac:7a:9a:90:df:3b:3b:e9:49:4a:04:8a:
36:7c:45:04:6a:ed:cc:0f:c7:7f:2e:a6:c1:c0:a6:5d:7d:34:
b8:c6:78:71:ea:7d:c9:3a:59:7f:4b:9b:34:cf:a8:e6:78:2e:
ed:d8:c2:37:40:67:1b:2e:6a:b7:54:84:75:3f:13:09:83:4d:
a2:60:21:78:6b:59:a3:bd:0e:f7:ac:82:4e:fc:3b:5c:cd:53:
bf:56:51:c3:94:54:ea:53:0d:80:fc:d1:6f:64:3f:d6:27:34:
68:c8:f6:5c:d1:eb:6b:27:ce:f4:3a:94:16:45:71:2c:00:8a:
6e:4a:4a:34:62:1a:3a:7a:96:20:df:3c:69:13:23:e6:e1:e2:
21:c7:66:30:06:65:cf:9f:cf:a1:eb:b0:c5:34:2c:e2:d1:44:
ec:20:bb:aa:32:09:4d:27:8b:06:d5:cd:66:c4:06:f6:1b:c0:
2b:f8:91:a1:41:d5:12:07:a8:16:66:4d:39:73:d0:e9:f6:d5:
1e:53:26:ea:e3:19:02:1c:86:96:f5:78:29:b1:c6:5a:11:c7:
54:f9:93:6f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQnAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDEw
MDMwMDZaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDYwNjgwM0JEREM4Mzcx
NDI3QjI2NEZDOEY1MTI1NDMwRjQ4RkQxQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgPePaRDE9ErQrGF4wZN2bjEaapZcODwMBvIkqxGIAtY+fvFA6
6AmAp6e1AKjZksH8NwZZkaL6k7pwzEpnJlGkqCoze3rTAM/L+d7ArywEBnSAs9vG
RAlOWWTJrWnZTS0RdrdOfoPilMkj1ZBpluj2Ns0zE00SG6g+Xgqz9qAv1wwUCdG1
evmJpiH9TW5fApUfJOfCA/DMVa2aULMgOj+K6sAhOQNuKcICTtdxBuC0UpI3nTQW
c1nPstemMgaLVEO4u3cNR0imgwOoJ+GpKnJoJr5rlKDK9n0cn2sLD4JSZzRvjOB2
Pn81igeRhbzgRJZcXdKRfo+55+/f/IDZOmDzAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUYGgDvdyDcUJ7Jk/I9RJUMPSP0cowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ZR2dEdmR5RGNVSjdKa19JOVJKVU1QU1AwY28ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AG2cInY3Q3QKw9b6W3G6bB+UHwJ06ugZ0IyxmXgMKlKZLDw9oVeqK3I256x6mpDf
OzvpSUoEijZ8RQRq7cwPx38upsHApl19NLjGeHHqfck6WX9LmzTPqOZ4Lu3YwjdA
ZxsuardUhHU/EwmDTaJgIXhrWaO9Dvesgk78O1zNU79WUcOUVOpTDYD80W9kP9Yn
NGjI9lzR62snzvQ6lBZFcSwAim5KSjRiGjp6liDfPGkTI+bh4iHHZjAGZc+fz6Hr
sMU0LOLRROwgu6oyCU0niwbVzWbEBvYbwCv4kaFB1RIHqBZmTTlz0On21R5TJurj
GQIchpb1eCmxxloRx1T5k28=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org