Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/ZAa6aQlmN2Zug7isTWRwk210d-c.roa
File: ZAa6aQlmN2Zug7isTWRwk210d-c.roa (raw, json)
Hash identifier: XDw5rJDXT9ezDkpKMk4Mr4KSp6r6tx+15cc1GTVbxOE=
Subject key identifier: 64:06:BA:69:09:66:37:66:6E:83:B8:AC:4D:64:70:93:6D:74:77:E7
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4533
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ZAa6aQlmN2Zug7isTWRwk210d-c.roa
Signing time: Thu 24 Mar 2022 00:30:06 +0000
ROA not before: Thu 24 Mar 2022 00:30:06 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17715 (0x4533)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 24 00:30:06 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=6406BA69096637666E83B8AC4D6470936D7477E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a0:5c:d8:4a:03:e5:ba:66:1b:84:55:0b:71:
88:ad:bb:70:ec:ed:e9:d4:ce:9c:6a:5f:25:e0:22:
1f:64:6c:9a:80:37:a2:db:18:74:6d:08:ff:5b:64:
0e:cd:c2:e2:e8:92:8e:2e:93:76:73:6e:86:3d:8f:
0c:8d:c9:f9:0a:a1:73:0a:09:e1:dc:c4:39:c7:f3:
cb:21:3c:82:d4:cf:e0:f2:44:88:4d:ec:fa:33:ba:
05:c6:d6:89:95:4c:1d:66:78:60:58:57:88:10:64:
d9:19:e9:cb:75:6f:81:b1:b2:27:42:6c:59:1b:1b:
55:09:be:cf:4a:70:5d:75:89:29:c5:66:d3:d4:84:
83:1b:fb:05:d3:7a:5a:87:7c:72:d3:ed:d3:d7:14:
5b:5f:f8:f6:3c:c5:4c:d0:17:20:79:54:de:fd:d7:
93:94:ee:8e:a6:c8:e3:3b:02:23:ca:b3:63:83:20:
a6:01:1d:be:44:88:c8:74:5d:06:78:0b:87:56:3c:
70:36:4b:5c:cd:bf:db:18:7d:5e:67:ff:9a:40:f5:
1f:ae:6a:b8:b1:7d:c8:76:65:53:3c:a7:4b:b2:ef:
29:c4:cb:a7:f8:15:9b:da:31:30:e6:3b:f8:0a:fc:
61:67:62:1a:c9:d7:f0:89:6f:f6:0d:e0:25:47:2f:
04:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:06:BA:69:09:66:37:66:6E:83:B8:AC:4D:64:70:93:6D:74:77:E7
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ZAa6aQlmN2Zug7isTWRwk210d-c.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
32:b9:eb:71:a7:78:de:6b:87:1f:a5:57:08:0c:1d:5f:22:a4:
b2:e8:09:3e:4c:2e:ae:78:72:a2:1e:25:8f:33:bc:f7:78:2a:
d5:57:2c:45:0f:2e:29:d7:32:a0:6f:29:47:03:09:b0:1e:8c:
e1:b5:45:c3:ed:42:d7:ef:27:3f:6b:e5:70:c9:04:eb:d6:b9:
92:6a:68:26:d2:68:f8:60:ca:0b:a6:e4:f4:b4:a6:3b:24:38:
d1:37:a6:10:e7:03:51:e1:3f:a8:5d:aa:e5:b9:75:7d:1a:77:
f4:d7:d9:be:8e:e0:bf:a4:00:4d:20:39:5e:be:6e:b3:42:8b:
50:62:24:c1:67:9e:42:07:4d:5d:f5:5b:d8:f5:d7:f3:41:50:
7e:28:17:4a:a5:8e:5a:4d:92:d4:f3:0d:2a:34:99:5d:6c:03:
de:b5:ca:49:6f:e8:5a:8a:f5:45:41:a9:c1:14:cc:9a:85:ed:
1e:0b:df:7b:fb:23:6b:31:d7:ab:95:66:91:01:67:c9:29:ac:
6d:8f:1d:27:7e:de:21:6f:62:aa:ff:6f:ae:07:45:27:62:e6:
87:fb:ba:e0:53:eb:76:42:34:5c:17:e2:10:79:ca:d2:83:96:
f3:75:69:16:2a:a0:4d:36:e9:b4:a8:0d:33:00:43:ef:a6:dd:
79:d6:f5:8f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRTMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjQw
MDMwMDZaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDY0MDZCQTY5MDk2NjM3
NjY2RTgzQjhBQzRENjQ3MDkzNkQ3NDc3RTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJoFzYSgPlumYbhFULcYitu3Ds7enUzpxqXyXgIh9kbJqAN6Lb
GHRtCP9bZA7NwuLoko4uk3ZzboY9jwyNyfkKoXMKCeHcxDnH88shPILUz+DyRIhN
7PozugXG1omVTB1meGBYV4gQZNkZ6ct1b4GxsidCbFkbG1UJvs9KcF11iSnFZtPU
hIMb+wXTelqHfHLT7dPXFFtf+PY8xUzQFyB5VN7915OU7o6myOM7AiPKs2ODIKYB
Hb5EiMh0XQZ4C4dWPHA2S1zNv9sYfV5n/5pA9R+uarixfch2ZVM8p0uy7ynEy6f4
FZvaMTDmO/gK/GFnYhrJ1/CJb/YN4CVHLwSvAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUZAa6aQlmN2Zug7isTWRwk210d+cwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9aQWE2YVFsbU4yWnVnN2lzVFdSd2syMTBkLWMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
ADK563GneN5rhx+lVwgMHV8ipLLoCT5MLq54cqIeJY8zvPd4KtVXLEUPLinXMqBv
KUcDCbAejOG1RcPtQtfvJz9r5XDJBOvWuZJqaCbSaPhgygum5PS0pjskONE3phDn
A1HhP6hdquW5dX0ad/TX2b6O4L+kAE0gOV6+brNCi1BiJMFnnkIHTV31W9j11/NB
UH4oF0qljlpNktTzDSo0mV1sA961yklv6FqK9UVBqcEUzJqF7R4L33v7I2sx16uV
ZpEBZ8kprG2PHSd+3iFvYqr/b64HRSdi5of7uuBT63ZCNFwX4hB5ytKDlvN1aRYq
oE026bSoDTMAQ++m3XnW9Y8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org