Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/f_FtLZ87-D4Om_5R-Xm1ILHFEX4.roa
File: f_FtLZ87-D4Om_5R-Xm1ILHFEX4.roa (raw, json)
Hash identifier: 09DY5ZJ87+ZUljdr1mUMqh1Jlw/B4QvfmW3ANj2Ak2Y=
Subject key identifier: 7F:F1:6D:2D:9F:3B:F8:3E:0E:9B:FE:51:F9:79:B5:20:B1:C5:11:7E
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 45C3
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/f_FtLZ87-D4Om_5R-Xm1ILHFEX4.roa
Signing time: Sun 03 Apr 2022 00:30:11 +0000
ROA not before: Sun 03 Apr 2022 00:30:11 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17859 (0x45c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 3 00:30:11 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=7FF16D2D9F3BF83E0E9BFE51F979B520B1C5117E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:61:0f:1e:f6:dd:99:48:b3:17:e7:04:32:73:
ac:e3:ac:1f:2b:1f:70:a4:57:91:46:9f:11:59:d4:
30:a5:c6:c4:69:f3:73:93:4b:4c:21:0c:4f:be:12:
12:e2:ec:d7:8d:81:d5:77:02:19:b2:85:1d:d3:8b:
53:b2:6f:5e:b9:b9:95:f3:4b:94:42:8c:d3:1b:74:
83:be:ae:fa:f0:94:84:f5:f3:6b:24:fc:65:82:8d:
b9:c2:32:4a:b4:a9:8d:61:22:c0:e7:a9:68:bd:5f:
81:1f:fa:f8:ce:c8:b4:10:dd:68:0c:2b:2b:97:67:
ba:72:5d:c3:62:9f:ce:d4:c5:13:ec:44:22:dd:fa:
d7:0d:94:73:d3:25:bf:fe:61:a9:2d:ae:d6:31:15:
90:97:45:2e:ec:f6:dc:39:27:d7:8a:12:c2:41:43:
7d:2a:62:3b:42:d7:d4:49:96:5c:04:14:0e:2e:dd:
53:62:00:d1:bd:6f:98:84:95:f7:f7:70:e5:18:28:
c8:4f:84:3f:8c:19:c9:b3:8f:d6:69:b9:25:19:de:
68:09:d6:3b:35:f8:07:05:fa:a3:58:4c:8c:96:de:
4c:35:2c:b4:3c:1f:60:75:b4:fa:9b:18:d4:41:78:
aa:97:6d:4e:fe:21:a2:d6:21:ef:99:66:3a:c0:96:
97:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F1:6D:2D:9F:3B:F8:3E:0E:9B:FE:51:F9:79:B5:20:B1:C5:11:7E
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/f_FtLZ87-D4Om_5R-Xm1ILHFEX4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
70:9b:34:90:e4:11:f6:34:55:7e:b0:11:77:cb:97:9f:2b:62:
59:b2:e3:aa:1e:04:9d:5e:0a:50:73:19:d7:c4:53:fe:cf:bd:
3f:fe:61:a2:63:23:ed:25:0d:df:33:e0:f3:b4:25:d7:fe:c3:
99:30:8b:86:ff:3a:6c:fa:dc:2f:8b:90:6a:0f:5a:23:90:e5:
cf:75:14:bb:6f:12:4f:de:3e:24:4b:c9:a1:f5:cf:b1:d2:7d:
dd:12:57:3d:77:fe:88:c5:2d:ad:a3:33:e3:67:33:e7:73:20:
8a:05:e6:af:72:46:93:37:9d:39:df:31:78:f2:a9:cb:28:9b:
55:b1:de:6f:ad:15:3f:54:26:f9:b9:15:78:29:b1:97:dc:0e:
59:25:7b:3d:7b:10:93:91:07:70:03:3b:48:5f:c1:d7:15:a4:
66:9e:e9:16:96:6f:28:72:b1:2b:6c:fd:97:30:9c:a7:a5:6b:
1e:22:d2:e2:f6:9c:c2:53:ba:73:ed:98:dd:6b:49:0c:73:ae:
fd:36:bc:94:04:7e:68:61:68:61:19:3e:a5:20:fb:d0:62:b4:
3a:57:72:17:c9:ba:89:5c:dd:12:d7:34:e0:03:08:c2:99:26:
ee:9e:7a:3f:6b:8f:fc:cb:25:17:1a:67:e2:18:d8:87:b8:e5:
4b:d7:0f:45
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRcMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MDMw
MDMwMTFaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDdGRjE2RDJEOUYzQkY4
M0UwRTlCRkU1MUY5NzlCNTIwQjFDNTExN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUYQ8e9t2ZSLMX5wQyc6zjrB8rH3CkV5FGnxFZ1DClxsRp83OT
S0whDE++EhLi7NeNgdV3AhmyhR3Ti1Oyb165uZXzS5RCjNMbdIO+rvrwlIT182sk
/GWCjbnCMkq0qY1hIsDnqWi9X4Ef+vjOyLQQ3WgMKyuXZ7pyXcNin87UxRPsRCLd
+tcNlHPTJb/+YaktrtYxFZCXRS7s9tw5J9eKEsJBQ30qYjtC19RJllwEFA4u3VNi
ANG9b5iElff3cOUYKMhPhD+MGcmzj9ZpuSUZ3mgJ1js1+AcF+qNYTIyW3kw1LLQ8
H2B1tPqbGNRBeKqXbU7+IaLWIe+ZZjrAlpexAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUf/FtLZ87+D4Om/5R+Xm1ILHFEX4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9mX0Z0TFo4Ny1ENE9tXzVSLVhtMUlMSEZFWDQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AHCbNJDkEfY0VX6wEXfLl58rYlmy46oeBJ1eClBzGdfEU/7PvT/+YaJjI+0lDd8z
4PO0Jdf+w5kwi4b/Omz63C+LkGoPWiOQ5c91FLtvEk/ePiRLyaH1z7HSfd0SVz13
/ojFLa2jM+NnM+dzIIoF5q9yRpM3nTnfMXjyqcsom1Wx3m+tFT9UJvm5FXgpsZfc
Dlklez17EJORB3ADO0hfwdcVpGae6RaWbyhysSts/ZcwnKelax4i0uL2nMJTunPt
mN1rSQxzrv02vJQEfmhhaGEZPqUg+9BitDpXchfJuolc3RLXNOADCMKZJu6eej9r
j/zLJRcaZ+IY2Ie45UvXD0U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org