Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/_KcIJofmK68UQ2EavKuT0y-0c6E.roa
File: _KcIJofmK68UQ2EavKuT0y-0c6E.roa (raw, json)
Hash identifier: s1ZlsbGjXCjvbBeeog2XA26KH0q1YmBXx0XQdZai90I=
Subject key identifier: FC:A7:08:26:87:E6:2B:AF:14:43:61:1A:BC:AB:93:D3:2F:B4:73:A1
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4518
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/_KcIJofmK68UQ2EavKuT0y-0c6E.roa
Signing time: Tue 22 Mar 2022 00:30:08 +0000
ROA not before: Tue 22 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17688 (0x4518)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 22 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=FCA7082687E62BAF1443611ABCAB93D32FB473A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f4:b8:48:97:90:87:3a:71:55:f4:59:87:2b:
5b:88:a3:8e:d6:d8:d6:d6:61:48:90:33:07:93:d7:
47:17:53:1e:95:6a:4d:b4:06:75:b0:73:d8:75:fd:
21:ee:e8:6f:4a:b3:42:ea:a8:03:65:a8:aa:f9:ad:
1a:0e:77:67:db:ab:f5:7e:f8:ab:59:42:e5:b6:21:
be:22:df:14:65:fc:8a:6b:bc:83:3b:a8:41:a5:fa:
50:40:f4:b4:ac:a6:58:3d:e3:e2:43:38:f0:03:31:
5e:b6:e3:00:14:ad:74:f5:29:e6:03:d5:1d:3e:91:
89:d3:9e:49:84:79:a1:45:93:70:65:85:4b:7d:1b:
09:69:4d:99:78:0e:54:a6:e3:e5:50:2e:eb:93:63:
82:42:97:04:cd:35:99:9d:4b:52:90:2b:42:99:66:
56:18:12:80:5e:cb:18:a0:b6:fe:c3:df:43:2b:5f:
8b:13:66:eb:62:48:95:48:6d:b9:9d:79:74:a4:d4:
f9:5a:4b:ed:db:2b:e7:37:9e:85:4a:9c:15:4a:6e:
a7:85:b1:e3:4b:ef:f3:4c:e2:d8:b7:1c:1d:cf:f0:
ec:fb:3c:3a:59:68:b6:3c:b6:1a:c6:6f:a6:2c:d5:
35:6d:a0:45:0c:29:1a:a5:23:65:8b:83:55:fe:53:
bf:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:A7:08:26:87:E6:2B:AF:14:43:61:1A:BC:AB:93:D3:2F:B4:73:A1
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/_KcIJofmK68UQ2EavKuT0y-0c6E.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
70:0a:fc:1e:05:97:14:ca:03:7c:63:fe:0b:81:27:4a:02:9c:
a3:e0:56:4e:1d:5a:7a:bb:37:4e:0c:fe:27:96:61:0a:75:2b:
d7:2d:65:01:ea:89:6e:6c:38:8a:6b:a7:79:0a:3e:3b:f9:67:
23:8f:14:b2:48:aa:71:0a:60:48:90:67:97:8b:f3:6b:77:90:
d9:ef:86:5b:67:f5:b2:54:70:48:a1:9d:2c:0f:d4:47:7a:a6:
bb:99:86:e3:b5:33:4f:67:3e:c7:60:c0:93:80:35:be:68:8f:
65:a4:e7:3b:c0:83:a5:10:cb:30:c7:85:91:4d:3e:29:d8:2d:
23:d4:68:8c:43:7b:b4:f8:78:8d:79:a8:7f:90:cd:73:34:f7:
91:44:43:db:d7:61:c9:c9:1b:29:b2:bc:8a:d4:4d:cc:43:0d:
10:2c:c7:5a:6f:62:3f:d5:7a:d5:50:cb:62:6b:fb:db:71:55:
eb:82:de:4a:c0:91:3f:0d:a3:0e:59:9e:53:d7:62:73:8e:96:
62:76:89:50:de:31:5e:de:15:41:80:64:39:84:f4:27:98:64:
9b:e3:ad:9b:f8:ce:f3:c2:f8:51:87:7f:91:64:2e:c0:3a:13:
0a:ba:79:3e:62:c7:40:8b:91:92:97:c1:3b:1f:7d:7e:12:80:
75:10:bb:d2
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRRgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjIw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEZDQTcwODI2ODdFNjJC
QUYxNDQzNjExQUJDQUI5M0QzMkZCNDczQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCb9LhIl5CHOnFV9FmHK1uIo47W2NbWYUiQMweT10cXUx6Vak20
BnWwc9h1/SHu6G9Ks0LqqANlqKr5rRoOd2fbq/V++KtZQuW2Ib4i3xRl/IprvIM7
qEGl+lBA9LSsplg94+JDOPADMV624wAUrXT1KeYD1R0+kYnTnkmEeaFFk3BlhUt9
GwlpTZl4DlSm4+VQLuuTY4JClwTNNZmdS1KQK0KZZlYYEoBeyxigtv7D30MrX4sT
ZutiSJVIbbmdeXSk1PlaS+3bK+c3noVKnBVKbqeFseNL7/NM4ti3HB3P8Oz7PDpZ
aLY8thrGb6Ys1TVtoEUMKRqlI2WLg1X+U7+3AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU/KcIJofmK68UQ2EavKuT0y+0c6EwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9fS2NJSm9mbUs2OFVRMkVhdkt1VDB5LTBjNkUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AHAK/B4FlxTKA3xj/guBJ0oCnKPgVk4dWnq7N04M/ieWYQp1K9ctZQHqiW5sOIpr
p3kKPjv5ZyOPFLJIqnEKYEiQZ5eL82t3kNnvhltn9bJUcEihnSwP1Ed6pruZhuO1
M09nPsdgwJOANb5oj2Wk5zvAg6UQyzDHhZFNPinYLSPUaIxDe7T4eI15qH+QzXM0
95FEQ9vXYcnJGymyvIrUTcxDDRAsx1pvYj/VetVQy2Jr+9txVeuC3krAkT8Now5Z
nlPXYnOOlmJ2iVDeMV7eFUGAZDmE9CeYZJvjrZv4zvPC+FGHf5FkLsA6Ewq6eT5i
x0CLkZKXwTsffX4SgHUQu9I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org