Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/aix5yMbKfV0Myyu5puDW8dCv9ns.roa
File: aix5yMbKfV0Myyu5puDW8dCv9ns.roa (raw, json)
Hash identifier: glPVaIFtiJOuM2jOJgE7w4MH1DAEZWRF0FJRuPKh714=
Subject key identifier: 6A:2C:79:C8:C6:CA:7D:5D:0C:CB:2B:B9:A6:E0:D6:F1:D0:AF:F6:7B
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4668
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/aix5yMbKfV0Myyu5puDW8dCv9ns.roa
Signing time: Fri 15 Apr 2022 00:30:09 +0000
ROA not before: Fri 15 Apr 2022 00:30:09 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18024 (0x4668)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 15 00:30:09 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=6A2C79C8C6CA7D5D0CCB2BB9A6E0D6F1D0AFF67B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:0b:37:01:98:43:03:9d:60:4e:b6:c9:c7:41:
87:e1:43:99:9d:83:85:5e:11:10:e8:d2:50:c2:54:
de:d6:49:94:c0:8e:11:bd:30:5b:50:83:d8:a4:51:
7f:1a:a9:43:f5:18:53:fd:8c:a4:b0:8a:6d:ce:ed:
bc:77:42:a2:d7:1b:03:7f:eb:ac:84:77:03:b6:e4:
9e:d1:28:0c:7c:b6:f9:e3:46:b9:fe:03:41:2c:78:
8a:b1:2d:48:d6:1f:ee:09:15:d3:e4:b1:8a:03:4f:
3b:f4:d7:e2:16:cf:de:4a:42:16:fa:28:ee:6b:f1:
a0:a9:7a:62:69:a9:48:f6:0f:0e:5f:f7:30:75:9e:
68:97:e6:19:d7:6d:be:76:30:ea:db:6c:f8:35:bd:
b3:f6:73:7e:33:b1:54:3c:cf:3e:bb:55:a5:ec:9b:
f5:81:82:c9:5b:81:ca:bb:69:50:35:57:76:6d:73:
70:79:0f:37:f8:0d:b4:d7:fe:a1:b0:40:36:79:5d:
30:83:7c:20:2e:4a:e8:ae:fc:cf:1c:51:2c:e6:12:
f4:8d:21:79:15:8f:40:f1:5f:16:d6:34:57:4a:37:
bc:1a:9d:a1:e9:10:d6:d6:73:c9:bf:fe:5c:da:85:
20:c3:da:e3:15:87:20:12:c6:e7:6f:83:73:5f:a9:
86:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:2C:79:C8:C6:CA:7D:5D:0C:CB:2B:B9:A6:E0:D6:F1:D0:AF:F6:7B
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/aix5yMbKfV0Myyu5puDW8dCv9ns.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:53:57:88:ee:08:3b:f3:8b:d8:4a:a1:50:eb:96:00:29:18:
7d:2b:1f:78:35:cd:fa:3b:8e:09:aa:cb:f5:92:e6:16:4b:4f:
62:65:03:9a:2e:3a:04:3f:68:31:df:f6:71:65:ab:4c:34:c5:
a4:60:d8:ee:75:45:4d:42:cb:eb:73:f8:ec:d2:dc:8d:c0:b9:
24:98:97:46:50:e8:54:c6:56:76:61:23:5f:1f:a9:f2:69:7a:
44:7e:19:79:be:db:05:d3:1a:ef:36:79:8a:91:ef:d6:2b:2f:
3b:a5:4e:c0:62:5b:7d:ba:17:97:fd:2e:fa:84:b3:c6:a1:96:
06:cb:c9:3d:a7:39:4b:72:e0:f5:fc:16:b2:c9:1b:55:a8:88:
e3:a1:fe:1e:c6:54:db:e9:ea:27:1b:cd:31:42:9b:3a:30:2f:
4a:fa:b4:e9:21:16:8d:2e:1e:b8:a0:dd:85:a6:57:62:4a:b3:
e0:6b:d8:76:c1:9e:bd:e6:42:91:e3:49:b1:c8:76:c2:f6:33:
08:fe:ea:30:c3:de:3f:3f:3d:ef:9c:c7:e8:76:52:8b:3b:4e:
2c:94:0d:8e:2d:cf:21:cf:aa:f8:2a:7d:4a:ef:31:74:ef:d0:
21:c2:b1:b6:38:a5:64:75:e4:06:5e:59:34:26:14:0e:b8:78:
1b:42:3c:df
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRmgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MTUw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDZBMkM3OUM4QzZDQTdE
NUQwQ0NCMkJCOUE2RTBENkYxRDBBRkY2N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0CzcBmEMDnWBOtsnHQYfhQ5mdg4VeERDo0lDCVN7WSZTAjhG9
MFtQg9ikUX8aqUP1GFP9jKSwim3O7bx3QqLXGwN/66yEdwO25J7RKAx8tvnjRrn+
A0EseIqxLUjWH+4JFdPksYoDTzv01+IWz95KQhb6KO5r8aCpemJpqUj2Dw5f9zB1
nmiX5hnXbb52MOrbbPg1vbP2c34zsVQ8zz67VaXsm/WBgslbgcq7aVA1V3Ztc3B5
Dzf4DbTX/qGwQDZ5XTCDfCAuSuiu/M8cUSzmEvSNIXkVj0DxXxbWNFdKN7wanaHp
ENbWc8m//lzahSDD2uMVhyASxudvg3NfqYaVAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUaix5yMbKfV0Myyu5puDW8dCv9nswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9haXg1eU1iS2ZWME15eXU1cHVEVzhkQ3Y5bnMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AFtTV4juCDvzi9hKoVDrlgApGH0rH3g1zfo7jgmqy/WS5hZLT2JlA5ouOgQ/aDHf
9nFlq0w0xaRg2O51RU1Cy+tz+OzS3I3AuSSYl0ZQ6FTGVnZhI18fqfJpekR+GXm+
2wXTGu82eYqR79YrLzulTsBiW326F5f9LvqEs8ahlgbLyT2nOUty4PX8FrLJG1Wo
iOOh/h7GVNvp6icbzTFCmzowL0r6tOkhFo0uHrig3YWmV2JKs+Br2HbBnr3mQpHj
SbHIdsL2Mwj+6jDD3j8/Pe+cx+h2Uos7TiyUDY4tzyHPqvgqfUrvMXTv0CHCsbY4
pWR15AZeWTQmFA64eBtCPN8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org