Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/YY1cNvApW07PeXBV77NDxxv0XEg.roa
File: YY1cNvApW07PeXBV77NDxxv0XEg.roa (raw, json)
Hash identifier: 8WQ6j9grD2gckfgpQniocT2qdaNAM9phjutzD+ZR0SQ=
Subject key identifier: 61:8D:5C:36:F0:29:5B:4E:CF:79:70:55:EF:B3:43:C7:1B:F4:5C:48
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 450A
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/YY1cNvApW07PeXBV77NDxxv0XEg.roa
Signing time: Mon 21 Mar 2022 00:30:07 +0000
ROA not before: Mon 21 Mar 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17674 (0x450a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 21 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=618D5C36F0295B4ECF797055EFB343C71BF45C48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e4:ce:73:d2:9d:d6:b5:ed:84:31:10:b8:f8:
d3:88:d9:5b:80:c2:ed:62:d5:8a:70:54:de:98:20:
06:62:8e:3b:d8:f2:47:e6:d2:03:04:60:50:73:ce:
ec:82:fa:0f:79:07:0a:e0:14:ba:d0:3b:3f:cf:7b:
1b:ce:0e:40:fb:08:05:1e:09:77:5b:d9:9f:07:5d:
62:fe:8e:fd:d3:8f:9b:db:59:76:5a:42:af:97:5b:
a3:d6:44:f4:79:34:0a:b8:5e:c2:f4:bc:c9:76:9f:
39:26:49:0c:78:f8:16:9c:28:33:79:b3:a2:93:dc:
f7:a4:9c:4b:d1:b2:e3:36:0e:f3:ee:d6:03:d1:be:
08:3d:75:43:6c:5a:40:57:85:1c:28:2a:a3:77:5d:
f4:57:14:59:34:a8:31:ed:1b:76:cf:63:bb:3c:0d:
03:bf:78:b3:86:ab:fa:fe:ac:2d:45:e4:2d:25:48:
4e:f5:9a:33:0e:8f:5f:61:cc:e8:78:23:fe:72:11:
a9:b5:ec:a4:65:30:ba:01:2d:e9:bc:85:23:2f:c6:
97:1b:e8:81:23:0d:73:c5:bd:1a:bd:8a:50:bf:ed:
29:88:f2:29:ea:2c:bc:13:9b:64:b0:41:d1:9c:20:
a3:53:cb:d1:35:32:cd:35:1c:29:52:6b:89:37:b7:
ac:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:8D:5C:36:F0:29:5B:4E:CF:79:70:55:EF:B3:43:C7:1B:F4:5C:48
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/YY1cNvApW07PeXBV77NDxxv0XEg.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:b6:5a:b9:ff:c9:e7:c6:51:30:7f:a0:50:6e:3e:bc:b5:23:
56:fa:2d:65:17:0c:cc:94:9f:60:63:52:6c:18:55:df:7d:f8:
5b:09:90:72:83:8f:c3:03:e6:d8:75:3f:4b:da:d9:68:b9:92:
3b:51:aa:51:ed:07:23:39:0d:32:fa:62:5a:8f:20:38:41:2e:
5e:f5:d0:8e:25:87:60:c0:de:2c:74:9a:92:5c:cd:c2:11:97:
a0:f6:fb:37:8c:a4:d3:95:dc:43:2a:9d:59:32:a0:40:03:ce:
ba:5e:db:2f:2d:59:a0:45:a9:7b:bd:07:c1:65:56:2e:1e:a7:
73:68:53:41:e1:f0:23:c0:4c:0b:6b:fe:e2:f4:9a:90:71:df:
74:92:15:6a:5a:50:5a:8b:b1:56:b8:4c:a9:b9:70:4d:be:59:
85:ff:65:48:a1:14:13:12:bb:7b:7c:95:86:58:39:fb:d9:1d:
e4:ed:4e:a9:53:0e:20:7e:61:72:14:fd:6e:ff:a1:8a:93:e5:
0c:91:29:aa:e4:b4:cb:fb:5e:36:3d:d0:31:9b:45:34:c3:0b:
b1:88:7a:c1:7d:91:a5:5e:bc:26:f1:12:67:9f:f3:f9:0c:c3:
bc:cf:4f:0a:51:ba:93:87:86:91:71:96:58:59:78:52:c4:0d:
c6:d1:22:6d
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRQowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjEw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDYxOEQ1QzM2RjAyOTVC
NEVDRjc5NzA1NUVGQjM0M0M3MUJGNDVDNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDo5M5z0p3Wte2EMRC4+NOI2VuAwu1i1YpwVN6YIAZijjvY8kfm
0gMEYFBzzuyC+g95BwrgFLrQOz/PexvODkD7CAUeCXdb2Z8HXWL+jv3Tj5vbWXZa
Qq+XW6PWRPR5NAq4XsL0vMl2nzkmSQx4+BacKDN5s6KT3PeknEvRsuM2DvPu1gPR
vgg9dUNsWkBXhRwoKqN3XfRXFFk0qDHtG3bPY7s8DQO/eLOGq/r+rC1F5C0lSE71
mjMOj19hzOh4I/5yEam17KRlMLoBLem8hSMvxpcb6IEjDXPFvRq9ilC/7SmI8inq
LLwTm2SwQdGcIKNTy9E1Ms01HClSa4k3t6wNAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUYY1cNvApW07PeXBV77NDxxv0XEgwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ZWTFjTnZBcFcwN1BlWEJWNzdORHh4djBYRWcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ALS2Wrn/yefGUTB/oFBuPry1I1b6LWUXDMyUn2BjUmwYVd99+FsJkHKDj8MD5th1
P0va2Wi5kjtRqlHtByM5DTL6YlqPIDhBLl710I4lh2DA3ix0mpJczcIRl6D2+zeM
pNOV3EMqnVkyoEADzrpe2y8tWaBFqXu9B8FlVi4ep3NoU0Hh8CPATAtr/uL0mpBx
33SSFWpaUFqLsVa4TKm5cE2+WYX/ZUihFBMSu3t8lYZYOfvZHeTtTqlTDiB+YXIU
/W7/oYqT5QyRKarktMv7XjY90DGbRTTDC7GIesF9kaVevCbxEmef8/kMw7zPTwpR
upOHhpFxllhZeFLEDcbRIm0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org