Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/eVZk5XByWTjBivVUWFsBsqyqhBs.roa
File: eVZk5XByWTjBivVUWFsBsqyqhBs.roa (raw, json)
Hash identifier: rjRk/a97/gdNWc5ThxZyDTia2+kyqcO5yXp+Tkv11Ds=
Subject key identifier: 79:56:64:E5:70:72:59:38:C1:8A:F5:54:58:5B:01:B2:AC:AA:84:1B
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4317
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/eVZk5XByWTjBivVUWFsBsqyqhBs.roa
Signing time: Sun 13 Feb 2022 00:30:07 +0000
ROA not before: Sun 13 Feb 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17175 (0x4317)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 13 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=795664E570725938C18AF554585B01B2ACAA841B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5e:51:26:82:63:7e:96:b8:93:b0:eb:dd:0c:
c8:1c:71:6c:18:f5:54:d5:4a:58:f6:83:9c:9b:a2:
c4:0f:db:96:a9:f6:0d:b6:2b:ea:83:c5:cc:48:10:
f4:5f:55:de:bb:2e:8b:7a:ef:65:4a:91:07:cc:97:
58:e9:fc:85:02:02:61:a3:a8:52:ec:42:01:c9:35:
cd:f9:e4:94:6e:2c:05:a7:d5:46:b4:bf:f7:a0:ed:
73:c9:4d:7a:b8:35:76:ad:64:04:73:2d:e0:b2:2f:
46:e7:23:66:46:e1:b0:72:0f:3d:0e:00:2c:7a:37:
46:f5:5f:20:49:69:6a:80:ef:a4:f5:d0:5f:b1:1d:
61:d7:a4:f5:bf:78:3d:80:83:65:ea:4e:74:ef:88:
09:c5:13:67:b6:fe:73:05:ea:d3:69:58:57:b8:3a:
fa:27:ff:11:7b:c5:d5:5f:05:f5:3f:6c:fa:28:1a:
ac:24:1d:66:0d:24:fb:b1:0a:64:d8:ba:4b:b4:55:
b1:ac:ea:4a:d9:55:4e:58:2f:53:ef:e1:48:f8:a5:
dd:fe:3d:f0:61:f0:f2:47:d4:e2:4e:a2:38:75:db:
4e:1e:12:db:76:40:6b:c9:45:b0:b3:2a:16:38:1b:
15:a3:8a:64:06:91:91:fa:65:11:e1:86:82:ee:51:
44:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:56:64:E5:70:72:59:38:C1:8A:F5:54:58:5B:01:B2:AC:AA:84:1B
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/eVZk5XByWTjBivVUWFsBsqyqhBs.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
48:23:83:55:7d:f7:ba:5f:20:a4:6b:a6:f8:9a:34:ae:78:d8:
06:7e:31:f6:e8:5f:85:b3:9e:ac:9d:2f:ac:e1:1d:b0:a7:e0:
05:ac:e3:b1:c2:58:c8:52:da:3f:b9:e4:be:a7:8c:93:9c:65:
29:c1:20:88:f1:ed:4c:8e:c8:79:ae:4e:0a:e2:97:2e:22:66:
66:26:b9:e2:aa:86:7c:87:de:4a:86:26:f7:e6:31:eb:ee:e4:
78:89:a4:cc:56:c1:30:c9:d4:2e:07:38:35:a7:15:64:7b:42:
81:85:fa:5c:43:fb:a3:f7:1e:f2:62:e0:b7:53:5b:6f:30:57:
9f:5f:f1:50:5b:85:24:3e:ca:fc:56:c2:48:07:0f:0f:98:01:
c3:e2:90:f8:49:e8:7c:4c:85:12:3f:35:19:3d:cb:47:80:33:
13:94:05:f4:1a:81:d8:ef:32:fa:91:cd:94:a3:7d:d7:7f:d9:
3e:ed:08:72:ef:93:e2:60:c8:af:00:fe:ee:ac:e0:43:37:f9:
7f:dd:47:fa:c4:39:d3:ba:4c:26:9d:8d:7e:f5:f3:eb:88:be:
eb:d1:a6:ff:38:ff:36:b5:5b:10:78:a4:82:b3:05:c6:58:80:
7f:c4:0e:54:9d:fd:4d:78:86:5e:47:8f:b1:19:01:28:10:82:
4b:ed:8a:ee
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQxcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTMw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDc5NTY2NEU1NzA3MjU5
MzhDMThBRjU1NDU4NUIwMUIyQUNBQTg0MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAXlEmgmN+lriTsOvdDMgccWwY9VTVSlj2g5ybosQP25ap9g22
K+qDxcxIEPRfVd67Lot672VKkQfMl1jp/IUCAmGjqFLsQgHJNc355JRuLAWn1Ua0
v/eg7XPJTXq4NXatZARzLeCyL0bnI2ZG4bByDz0OACx6N0b1XyBJaWqA76T10F+x
HWHXpPW/eD2Ag2XqTnTviAnFE2e2/nMF6tNpWFe4Ovon/xF7xdVfBfU/bPooGqwk
HWYNJPuxCmTYuku0VbGs6krZVU5YL1Pv4Uj4pd3+PfBh8PJH1OJOojh1204eEtt2
QGvJRbCzKhY4GxWjimQGkZH6ZRHhhoLuUURxAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUeVZk5XByWTjBivVUWFsBsqyqhBswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9lVlprNVhCeVdUakJpdlZVV0ZzQnNxeXFoQnMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AEgjg1V997pfIKRrpviaNK542AZ+MfboX4WznqydL6zhHbCn4AWs47HCWMhS2j+5
5L6njJOcZSnBIIjx7UyOyHmuTgrily4iZmYmueKqhnyH3kqGJvfmMevu5HiJpMxW
wTDJ1C4HODWnFWR7QoGF+lxD+6P3HvJi4LdTW28wV59f8VBbhSQ+yvxWwkgHDw+Y
AcPikPhJ6HxMhRI/NRk9y0eAMxOUBfQagdjvMvqRzZSjfdd/2T7tCHLvk+JgyK8A
/u6s4EM3+X/dR/rEOdO6TCadjX718+uIvuvRpv84/za1WxB4pIKzBcZYgH/EDlSd
/U14hl5Hj7EZASgQgkvtiu4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org