Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Zz-O1R852R6IlyhE-VTNqOH8i5s.roa
File: Zz-O1R852R6IlyhE-VTNqOH8i5s.roa (raw, json)
Hash identifier: sLeT7Y7ONHDrqEZVcVmYHc3RPZ9PewIkUqx1CBaEmlM=
Subject key identifier: 67:3F:8E:D5:1F:39:D9:1E:88:97:28:44:F9:54:CD:A8:E1:FC:8B:9B
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4783
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Zz-O1R852R6IlyhE-VTNqOH8i5s.roa
Signing time: Thu 05 May 2022 00:30:10 +0000
ROA not before: Thu 05 May 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18307 (0x4783)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 5 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=673F8ED51F39D91E88972844F954CDA8E1FC8B9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:7a:ca:d1:ae:a7:e8:57:e7:86:4c:27:00:a2:
0d:9e:05:0a:1f:8b:04:81:09:8d:5f:f0:b9:62:aa:
70:78:88:b3:26:da:15:b3:ab:39:73:16:f8:a7:8f:
a8:9c:35:00:a6:c5:1e:df:b0:a0:0a:76:4d:1d:bc:
ab:05:ae:70:fd:78:40:30:eb:33:56:2b:f1:a4:79:
06:56:a9:73:84:31:ae:fe:e7:a9:98:e9:5f:42:47:
8b:90:64:42:cd:7e:5f:19:bd:e1:85:51:a6:54:e7:
27:77:e1:5d:e0:c9:fc:52:db:71:60:9a:45:11:9b:
12:f9:8a:98:b2:9c:42:40:ad:e0:ad:3d:34:d2:44:
e9:85:fd:ae:52:8a:41:cb:22:52:29:07:99:a3:09:
42:22:11:1d:48:4f:f5:3d:5a:9a:1d:08:11:be:a5:
41:96:d7:9f:0a:f6:18:9e:bd:8f:a8:64:f6:16:9f:
91:f7:1a:73:82:b6:54:b0:36:9b:07:50:be:32:0e:
34:3e:ed:50:8e:60:ec:80:c3:da:fa:71:7e:7a:32:
4f:a8:99:e1:fe:02:2a:c9:2a:5b:b7:e2:9a:20:a7:
52:5a:c6:3b:18:39:2c:f8:1f:e9:98:24:3e:c0:75:
a4:ee:e5:13:d6:5a:9f:e9:38:ec:28:fe:f8:65:3c:
c4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:3F:8E:D5:1F:39:D9:1E:88:97:28:44:F9:54:CD:A8:E1:FC:8B:9B
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Zz-O1R852R6IlyhE-VTNqOH8i5s.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
12:21:39:51:b3:38:cd:1b:4e:96:28:fc:83:fd:47:86:11:f8:
11:b1:c6:c7:1f:f4:b6:9e:1b:ed:0a:ed:af:0c:5f:0e:52:50:
e4:84:9d:2c:cb:e9:7b:63:86:7e:0c:06:42:51:3d:74:4e:c0:
16:67:80:d6:0c:44:e2:ec:64:a0:3c:6e:f7:9d:91:47:65:11:
8c:23:08:11:d5:87:87:29:28:f0:16:07:ab:69:30:64:ba:f4:
55:05:e3:78:0b:bc:f4:59:33:82:b5:a8:ae:a6:50:a7:b0:14:
dd:99:89:22:8f:5e:02:a9:9d:de:d7:d3:4f:7e:c4:8f:3a:41:
0c:4b:ff:b2:2a:92:8f:68:d8:e7:af:aa:db:ea:b2:82:6f:7f:
1d:3d:4c:7d:03:ef:2f:c1:50:52:11:94:69:a0:fb:71:24:ff:
29:3b:3c:9b:e9:83:95:6c:8f:42:49:9b:b3:87:7c:6e:b8:e5:
cf:58:d8:08:5e:ad:3b:e7:9d:9c:c8:a2:bc:c1:75:99:77:c0:
a4:98:1a:c3:5a:81:d7:00:e8:a1:25:b1:2f:8f:ce:8b:b3:d1:
75:bb:a7:0a:02:8f:25:7b:19:14:41:8c:52:24:24:24:a4:de:
ff:fb:c6:06:36:b6:04:8d:cd:fc:26:16:e8:14:e2:ba:65:0b:
56:40:b9:fa
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR4MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MDUw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDY3M0Y4RUQ1MUYzOUQ5
MUU4ODk3Mjg0NEY5NTRDREE4RTFGQzhCOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkesrRrqfoV+eGTCcAog2eBQofiwSBCY1f8LliqnB4iLMm2hWz
qzlzFvinj6icNQCmxR7fsKAKdk0dvKsFrnD9eEAw6zNWK/GkeQZWqXOEMa7+56mY
6V9CR4uQZELNfl8ZveGFUaZU5yd34V3gyfxS23FgmkURmxL5ipiynEJAreCtPTTS
ROmF/a5SikHLIlIpB5mjCUIiER1IT/U9WpodCBG+pUGW158K9hievY+oZPYWn5H3
GnOCtlSwNpsHUL4yDjQ+7VCOYOyAw9r6cX56Mk+omeH+AirJKlu34pogp1JaxjsY
OSz4H+mYJD7AdaTu5RPWWp/pOOwo/vhlPMQFAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUZz+O1R852R6IlyhE+VTNqOH8i5swHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9aei1PMVI4NTJSNklseWhFLVZUTnFPSDhpNXMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
ABIhOVGzOM0bTpYo/IP9R4YR+BGxxscf9LaeG+0K7a8MXw5SUOSEnSzL6Xtjhn4M
BkJRPXROwBZngNYMROLsZKA8bvedkUdlEYwjCBHVh4cpKPAWB6tpMGS69FUF43gL
vPRZM4K1qK6mUKewFN2ZiSKPXgKpnd7X009+xI86QQxL/7Iqko9o2OevqtvqsoJv
fx09TH0D7y/BUFIRlGmg+3Ek/yk7PJvpg5Vsj0JJm7OHfG645c9Y2AherTvnnZzI
orzBdZl3wKSYGsNagdcA6KElsS+Pzouz0XW7pwoCjyV7GRRBjFIkJCSk3v/7xgY2
tgSNzfwmFugU4rplC1ZAufo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org