Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/cQPsqZRNH5z1LRfHLwjD07nKyOs.roa
File: cQPsqZRNH5z1LRfHLwjD07nKyOs.roa (raw, json)
Hash identifier: hfHzeiqJ7FAuvr3Vz3DYX3oe5vkcIwVwF0LqFwhzkVc=
Subject key identifier: 71:03:EC:A9:94:4D:1F:9C:F5:2D:17:C7:2F:08:C3:D3:B9:CA:C8:EB
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 47F1
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/cQPsqZRNH5z1LRfHLwjD07nKyOs.roa
Signing time: Fri 13 May 2022 00:30:08 +0000
ROA not before: Fri 13 May 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18417 (0x47f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 13 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=7103ECA9944D1F9CF52D17C72F08C3D3B9CAC8EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:86:71:25:f3:6c:8b:58:a1:0d:3a:40:08:29:
51:26:5e:b9:94:bd:33:2d:7e:bd:1b:b9:22:f5:87:
69:cf:70:6b:c4:fb:89:b5:0b:28:ec:ac:7b:4e:9d:
e4:c3:ef:e9:ae:99:3f:27:36:10:89:42:b9:b5:1d:
f4:fb:fa:59:31:19:42:6f:49:6f:97:d4:57:dd:23:
83:69:ad:05:72:c9:e9:3b:22:3d:14:a5:39:00:5b:
71:bb:c6:78:f6:3e:c8:fc:3c:55:0f:38:27:94:23:
43:02:d8:47:00:03:0b:23:63:7e:ac:ae:b7:71:eb:
0f:b0:77:59:65:66:75:78:ea:5a:31:14:54:ab:51:
af:cc:e7:35:89:85:d0:b8:8d:ae:6d:d7:3b:6f:22:
03:0d:61:8f:5a:1d:fc:6c:9f:ad:25:c9:99:9b:97:
b5:85:56:ad:3b:38:fb:dd:5e:10:50:f8:13:2f:55:
e2:8b:8c:07:5a:e9:06:b7:8a:f1:b6:cc:06:da:cf:
d3:e6:4c:46:30:da:f0:a4:bb:dc:11:0d:68:33:c9:
21:aa:e7:11:73:24:36:1c:75:59:04:3f:0c:cf:22:
7e:75:6a:0d:03:dc:69:b9:50:86:80:8f:0f:23:6f:
94:f2:c9:e7:20:60:b5:7c:96:9a:6f:f1:0f:54:ed:
eb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:03:EC:A9:94:4D:1F:9C:F5:2D:17:C7:2F:08:C3:D3:B9:CA:C8:EB
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/cQPsqZRNH5z1LRfHLwjD07nKyOs.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:b4:8d:6e:8f:02:45:88:fe:f9:c8:3c:6f:3f:25:59:d9:61:
65:ef:9f:9c:02:72:4d:85:1c:12:e0:37:71:dc:00:52:b8:32:
55:38:59:64:1a:1c:d3:51:5c:35:bf:59:67:17:29:52:1e:f5:
45:5c:24:73:91:fb:72:44:01:ce:ba:a7:d2:66:9f:6e:ac:14:
3b:1b:01:09:e5:5b:b4:47:1e:ad:f2:7d:75:e4:5f:1d:40:5f:
c8:d6:53:6b:f2:8d:d9:b0:d5:28:6c:de:02:cc:e4:fd:13:38:
2b:68:c4:d5:c4:ee:f4:4d:a3:ea:f9:fb:db:48:e9:60:d3:1e:
d7:b3:a3:31:10:c5:a4:ad:ea:c2:6e:9e:d0:11:45:28:b3:68:
14:75:b4:01:d0:a1:62:62:dd:c5:cf:19:c2:72:7d:d4:f7:b7:
3b:9a:92:81:87:93:28:f4:3e:21:ea:55:7c:7d:76:10:54:fe:
b0:51:04:4d:f1:f1:6d:ee:a8:f1:58:46:84:12:0d:41:96:a8:
6f:da:ee:15:c7:95:fa:0d:80:8c:79:02:06:b6:ab:ab:67:c8:
05:45:c5:36:f6:29:d0:ea:a6:e2:90:12:f6:13:88:c2:74:00:
d0:82:51:88:12:a5:51:93:f3:2f:e6:32:ef:67:f8:ed:cf:fb:
e8:75:61:2a
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR/EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MTMw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDcxMDNFQ0E5OTQ0RDFG
OUNGNTJEMTdDNzJGMDhDM0QzQjlDQUM4RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDthnEl82yLWKENOkAIKVEmXrmUvTMtfr0buSL1h2nPcGvE+4m1
CyjsrHtOneTD7+mumT8nNhCJQrm1HfT7+lkxGUJvSW+X1FfdI4NprQVyyek7Ij0U
pTkAW3G7xnj2Psj8PFUPOCeUI0MC2EcAAwsjY36srrdx6w+wd1llZnV46loxFFSr
Ua/M5zWJhdC4ja5t1ztvIgMNYY9aHfxsn60lyZmbl7WFVq07OPvdXhBQ+BMvVeKL
jAda6Qa3ivG2zAbaz9PmTEYw2vCku9wRDWgzySGq5xFzJDYcdVkEPwzPIn51ag0D
3Gm5UIaAjw8jb5TyyecgYLV8lppv8Q9U7evjAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUcQPsqZRNH5z1LRfHLwjD07nKyOswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9jUVBzcVpSTkg1ejFMUmZITHdqRDA3bkt5T3Mucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AF+0jW6PAkWI/vnIPG8/JVnZYWXvn5wCck2FHBLgN3HcAFK4MlU4WWQaHNNRXDW/
WWcXKVIe9UVcJHOR+3JEAc66p9Jmn26sFDsbAQnlW7RHHq3yfXXkXx1AX8jWU2vy
jdmw1Shs3gLM5P0TOCtoxNXE7vRNo+r5+9tI6WDTHtezozEQxaSt6sJuntARRSiz
aBR1tAHQoWJi3cXPGcJyfdT3tzuakoGHkyj0PiHqVXx9dhBU/rBRBE3x8W3uqPFY
RoQSDUGWqG/a7hXHlfoNgIx5Aga2q6tnyAVFxTb2KdDqpuKQEvYTiMJ0ANCCUYgS
pVGT8y/mMu9n+O3P++h1YSo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org