Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Zv9N0I8ULtHAi9cA2I8r2LLRli8.roa
File: Zv9N0I8ULtHAi9cA2I8r2LLRli8.roa (raw, json)
Hash identifier: d2/qcqaz8gGdb1P1vXN65PSmir1o1RpYhC+SSWJO2HI=
Subject key identifier: 66:FF:4D:D0:8F:14:2E:D1:C0:8B:D7:00:D8:8F:2B:D8:B2:D1:96:2F
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4667
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Zv9N0I8ULtHAi9cA2I8r2LLRli8.roa
Signing time: Fri 15 Apr 2022 00:30:08 +0000
ROA not before: Fri 15 Apr 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18023 (0x4667)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 15 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=66FF4DD08F142ED1C08BD700D88F2BD8B2D1962F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:39:cc:5d:ef:bd:2c:09:9b:1b:34:20:25:95:
d8:13:43:d7:21:c8:69:08:0e:d2:ed:ae:a2:c1:2e:
ef:66:0f:cf:42:d2:c2:ff:9c:ac:a0:05:ea:e4:f1:
3f:f8:6e:e8:90:94:0a:c4:8b:50:dd:90:5f:1f:08:
b2:8f:37:2a:d4:f6:82:3f:fa:9c:dd:0b:ec:7a:db:
a4:05:50:ef:5c:3f:bc:e0:bc:34:81:0c:87:2c:b9:
1c:db:fb:8f:53:d2:c5:ff:d1:ee:28:36:1b:07:b1:
ea:2b:8f:eb:45:a4:a3:72:ee:e6:b0:81:04:47:be:
71:a1:2d:c8:31:6c:96:eb:6d:5a:d5:24:d4:fd:0e:
6b:f1:e4:4b:88:b7:f2:d3:43:f5:00:90:a2:e5:3c:
25:33:c3:96:82:77:b3:61:77:e1:ba:b4:f8:a4:b6:
e1:32:22:e0:37:48:80:05:93:b3:a2:6e:3e:de:6c:
d8:39:46:11:17:10:21:b8:76:d6:0f:3f:5b:70:69:
04:df:9b:12:c8:ab:f4:a1:73:69:af:b3:5f:00:89:
e1:8f:90:e0:58:9f:b3:ce:de:e9:28:f6:8f:1e:3b:
2f:83:02:3f:07:d4:8d:07:c4:48:e6:52:0d:cc:92:
11:dd:39:77:53:a5:46:d3:b5:a9:ed:f2:c4:56:c2:
93:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:FF:4D:D0:8F:14:2E:D1:C0:8B:D7:00:D8:8F:2B:D8:B2:D1:96:2F
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Zv9N0I8ULtHAi9cA2I8r2LLRli8.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:52:8d:f8:bc:15:98:42:ba:0a:97:e7:57:aa:a3:02:53:0f:
0e:a3:a5:57:f9:cd:a0:85:fe:6c:9c:af:e0:65:76:b3:15:ff:
14:c9:ba:46:17:fc:86:30:06:ed:0c:57:4b:26:19:5b:59:39:
b5:3e:f5:f4:15:18:c5:77:fa:60:77:a8:8b:34:d2:f3:54:2b:
94:a4:6b:1f:f1:7c:08:2b:17:22:b3:9f:3d:b7:3b:d9:89:90:
24:5e:b7:a0:e4:96:51:77:35:9a:67:65:40:b3:7f:f0:a3:88:
04:0f:4f:97:16:1d:78:34:83:a1:09:89:dc:21:49:5a:28:a5:
3c:fd:2b:b5:f7:2e:56:bb:aa:41:6a:df:e7:5d:32:fc:62:57:
5a:41:4f:a3:21:65:6e:e3:23:e3:ca:4d:50:50:8a:08:37:33:
25:c5:20:fa:d9:31:a3:79:e3:4f:97:1a:7f:a4:f5:c4:6d:b4:
8d:66:22:5d:0e:8e:35:f4:c7:c3:e2:93:d3:6b:30:4f:df:cb:
58:5a:70:e7:48:44:d8:5c:8d:0f:17:af:b1:71:19:40:5f:c4:
d9:24:b3:6f:49:97:e9:d2:06:9e:eb:ac:d2:01:66:7a:a7:da:
b7:27:24:ee:9f:e3:a5:45:bf:6d:fd:40:ea:a1:ac:ac:ba:8f:
4f:5b:42:aa
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRmcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MTUw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDY2RkY0REQwOEYxNDJF
RDFDMDhCRDcwMEQ4OEYyQkQ4QjJEMTk2MkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSOcxd770sCZsbNCAlldgTQ9chyGkIDtLtrqLBLu9mD89C0sL/
nKygBerk8T/4buiQlArEi1DdkF8fCLKPNyrU9oI/+pzdC+x626QFUO9cP7zgvDSB
DIcsuRzb+49T0sX/0e4oNhsHseorj+tFpKNy7uawgQRHvnGhLcgxbJbrbVrVJNT9
Dmvx5EuIt/LTQ/UAkKLlPCUzw5aCd7Nhd+G6tPiktuEyIuA3SIAFk7Oibj7ebNg5
RhEXECG4dtYPP1twaQTfmxLIq/Shc2mvs18AieGPkOBYn7PO3uko9o8eOy+DAj8H
1I0HxEjmUg3MkhHdOXdTpUbTtant8sRWwpO/AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUZv9N0I8ULtHAi9cA2I8r2LLRli8wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9adjlOMEk4VUx0SEFpOWNBMkk4cjJMTFJsaTgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AE1Sjfi8FZhCugqX51eqowJTDw6jpVf5zaCF/mycr+BldrMV/xTJukYX/IYwBu0M
V0smGVtZObU+9fQVGMV3+mB3qIs00vNUK5Skax/xfAgrFyKznz23O9mJkCRet6Dk
llF3NZpnZUCzf/CjiAQPT5cWHXg0g6EJidwhSVoopTz9K7X3Lla7qkFq3+ddMvxi
V1pBT6MhZW7jI+PKTVBQigg3MyXFIPrZMaN540+XGn+k9cRttI1mIl0OjjX0x8Pi
k9NrME/fy1hacOdIRNhcjQ8Xr7FxGUBfxNkks29Jl+nSBp7rrNIBZnqn2rcnJO6f
46VFv239QOqhrKy6j09bQqo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org