Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/do2GUepCZoN0pGvJXYQWgH8HxXk.roa
File: do2GUepCZoN0pGvJXYQWgH8HxXk.roa (raw, json)
Hash identifier: TUCZSgdRPMrSgrQ5PDplvYtuhCeaVwq20Lhouo7KSGQ=
Subject key identifier: 76:8D:86:51:EA:42:66:83:74:A4:6B:C9:5D:84:16:80:7F:07:C5:79
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 45A6
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/do2GUepCZoN0pGvJXYQWgH8HxXk.roa
Signing time: Fri 01 Apr 2022 00:30:08 +0000
ROA not before: Fri 01 Apr 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17830 (0x45a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 1 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=768D8651EA42668374A46BC95D8416807F07C579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:68:7d:94:73:87:9f:4c:f7:7f:15:8f:7b:1d:
e2:f9:ff:0f:01:14:28:01:74:78:81:b9:59:61:ed:
98:0b:c1:5b:c3:47:0d:e8:0c:98:c4:e4:53:e6:24:
ce:f7:fd:79:ab:d2:5a:9a:36:e9:45:a7:72:28:d2:
bc:8e:53:67:77:6f:db:07:ad:3c:89:9a:3d:6c:b3:
21:06:9d:37:5c:f9:e6:42:ba:16:18:86:fb:e1:16:
42:0e:bb:5e:00:f8:19:0a:b3:0a:2a:c6:fe:a4:dc:
d9:0f:ad:50:07:02:80:54:73:b0:1b:e8:af:4b:90:
de:9b:df:2d:5f:21:3c:67:29:22:5f:54:e1:1c:4b:
3e:40:d7:13:20:33:cd:41:30:dc:15:12:c3:d2:80:
16:c4:e1:89:52:72:6b:c9:a9:fd:dc:4f:24:cb:db:
ac:2c:23:97:60:bf:f8:f7:84:64:f6:7e:a0:ce:92:
eb:82:3c:d2:90:45:1a:96:d6:19:ad:4b:93:c8:2e:
3f:64:1f:9c:22:3e:84:6b:89:84:d9:b0:0d:47:1d:
ad:74:6d:28:79:76:e7:6b:95:14:8c:ab:fd:62:6f:
46:31:76:86:5a:39:91:a5:9e:47:c9:a2:22:15:c5:
6c:c0:84:39:c4:74:83:33:7c:3a:99:7d:33:fd:5d:
58:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8D:86:51:EA:42:66:83:74:A4:6B:C9:5D:84:16:80:7F:07:C5:79
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/do2GUepCZoN0pGvJXYQWgH8HxXk.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
73:bf:ff:47:15:50:b6:e4:49:44:fc:b1:d8:1c:dc:54:62:48:
7e:06:15:06:63:fd:12:57:2c:49:66:48:92:bc:04:6e:cb:dd:
33:cd:59:87:7d:5e:a5:4d:b9:fc:53:27:f8:df:7e:9d:08:23:
d6:9b:83:57:2d:e5:35:71:e4:04:00:44:ff:b6:da:2c:54:4d:
0d:2e:5a:b8:db:a2:3e:81:97:25:c0:2b:d2:a3:72:80:da:2c:
c3:3f:d3:a8:ef:8b:e3:d9:5c:eb:13:40:fe:bc:5c:34:c3:7b:
45:17:d1:26:76:95:03:e8:d9:89:ad:a8:b5:da:22:8e:4c:56:
cf:5b:d9:40:6d:5d:1c:77:8d:2c:08:a4:09:b4:13:01:d8:70:
37:6a:a8:de:13:e4:96:7c:c7:75:fe:27:7c:d4:fe:62:ee:4d:
79:95:88:52:27:6e:21:07:8c:2b:a3:b0:1f:55:fc:12:9c:ec:
c1:62:9b:6f:fa:53:b6:0a:ab:50:b0:ee:6a:a3:f1:53:d2:e0:
85:ac:05:6b:94:a7:dd:d6:27:6c:f9:d9:a0:bb:f4:22:d0:5c:
8a:c7:6f:c0:64:39:6f:02:44:f1:ca:4f:06:e8:76:db:92:34:
b1:52:59:b6:a1:6b:f6:ad:6e:2c:6d:b6:3f:3b:f7:3e:78:2f:
31:50:03:c1
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRaYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MDEw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDc2OEQ4NjUxRUE0MjY2
ODM3NEE0NkJDOTVEODQxNjgwN0YwN0M1NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwaH2Uc4efTPd/FY97HeL5/w8BFCgBdHiBuVlh7ZgLwVvDRw3o
DJjE5FPmJM73/Xmr0lqaNulFp3Io0ryOU2d3b9sHrTyJmj1ssyEGnTdc+eZCuhYY
hvvhFkIOu14A+BkKswoqxv6k3NkPrVAHAoBUc7Ab6K9LkN6b3y1fITxnKSJfVOEc
Sz5A1xMgM81BMNwVEsPSgBbE4YlScmvJqf3cTyTL26wsI5dgv/j3hGT2fqDOkuuC
PNKQRRqW1hmtS5PILj9kH5wiPoRriYTZsA1HHa10bSh5dudrlRSMq/1ib0YxdoZa
OZGlnkfJoiIVxWzAhDnEdIMzfDqZfTP9XVipAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUdo2GUepCZoN0pGvJXYQWgH8HxXkwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9kbzJHVWVwQ1pvTjBwR3ZKWFlRV2dIOEh4WGsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AHO//0cVULbkSUT8sdgc3FRiSH4GFQZj/RJXLElmSJK8BG7L3TPNWYd9XqVNufxT
J/jffp0II9abg1ct5TVx5AQARP+22ixUTQ0uWrjboj6BlyXAK9KjcoDaLMM/06jv
i+PZXOsTQP68XDTDe0UX0SZ2lQPo2YmtqLXaIo5MVs9b2UBtXRx3jSwIpAm0EwHY
cDdqqN4T5JZ8x3X+J3zU/mLuTXmViFInbiEHjCujsB9V/BKc7MFim2/6U7YKq1Cw
7mqj8VPS4IWsBWuUp93WJ2z52aC79CLQXIrHb8BkOW8CRPHKTwbodtuSNLFSWbah
a/atbixttj879z54LzFQA8E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org