Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/h0cnEo1PQk6vWZWapSRiEaoW0CA.roa
File: h0cnEo1PQk6vWZWapSRiEaoW0CA.roa (raw, json)
Hash identifier: 6uOPf6HhnHYKTF7Dud2pWiWvPbCRAUtZUCfDsG7Ao+4=
Subject key identifier: 87:47:27:12:8D:4F:42:4E:AF:59:95:9A:A5:24:62:11:AA:16:D0:20
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 488B
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/h0cnEo1PQk6vWZWapSRiEaoW0CA.roa
Signing time: Tue 24 May 2022 00:30:07 +0000
ROA not before: Tue 24 May 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18571 (0x488b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 24 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=874727128D4F424EAF59959AA5246211AA16D020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:c2:ca:9d:ef:4b:6f:85:2b:8c:f8:27:73:54:
dc:56:0a:e4:2d:d0:3a:33:10:dd:db:36:27:73:bb:
69:7b:6f:b9:0d:ca:a7:2f:d5:06:ed:47:65:1f:fa:
ad:c8:4b:78:d0:1f:f8:e9:cc:0f:07:0e:3b:7c:f6:
ef:97:8a:b4:cb:4a:d4:fa:40:1e:a0:bf:79:95:ad:
08:5d:76:f5:a6:0c:a3:28:93:45:0a:7a:5d:79:73:
68:a9:d0:11:1a:a2:ad:91:55:48:0e:14:46:ec:21:
94:7e:e8:34:27:c9:46:3c:f3:51:86:fd:f9:9e:63:
e9:ba:ba:e0:21:68:8e:59:18:99:50:74:37:9a:0f:
f7:f6:c4:d8:9f:39:d2:60:6d:bd:ca:1c:79:bd:f7:
63:8f:ed:21:85:ea:ed:0b:dc:f0:a3:cc:34:f8:6d:
13:a0:32:20:2d:f6:f8:0c:c6:3e:bd:c1:09:c0:0a:
f9:f7:25:c6:fa:94:b0:a5:ab:00:4c:11:4f:ac:69:
31:0d:42:b9:91:ac:7a:2a:35:cf:1f:17:fd:ed:d0:
4d:1d:a8:93:b5:ee:ad:28:b7:ff:aa:33:14:3c:9c:
b6:04:f4:bf:90:ee:25:a3:d0:3c:46:f4:c7:a0:01:
e3:fa:9c:8c:b3:87:69:b5:18:6f:c1:c1:8b:c2:54:
e6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:47:27:12:8D:4F:42:4E:AF:59:95:9A:A5:24:62:11:AA:16:D0:20
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/h0cnEo1PQk6vWZWapSRiEaoW0CA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
36:37:a1:0b:4b:9c:23:37:e8:81:b9:d9:0c:1b:5f:77:81:9a:
68:cb:32:72:bf:c6:af:84:8f:25:3b:14:4b:a7:7b:d5:28:8d:
5e:a0:52:df:2a:0e:23:c7:4d:29:b8:13:8e:6e:fd:2b:05:8a:
b1:3c:9b:4b:f2:0e:ea:69:5c:8f:de:26:4a:bb:9b:20:7e:3d:
a0:73:22:dc:42:60:de:b8:12:53:82:0c:76:f8:a8:85:81:cc:
a2:8d:a4:b1:d9:79:ab:cb:87:57:72:42:a4:ae:89:69:5b:e3:
86:26:b9:6f:75:3e:53:fd:82:b5:ca:17:3a:dd:c6:97:b5:e7:
e3:27:ae:17:d3:cc:22:48:0c:23:8f:c2:de:90:56:84:6a:fa:
6d:d1:06:b5:16:09:fb:d0:b3:78:3d:da:47:a9:a5:f8:16:5a:
9c:0c:ce:5f:6b:de:6e:02:42:fd:76:5d:7e:b2:68:24:3d:aa:
04:a3:78:7b:8e:7c:a3:07:3f:7c:d9:d2:fe:49:6a:f9:45:a1:
ed:35:9a:a6:01:9a:95:e7:39:9e:3d:68:ab:f4:3a:e4:87:83:
5e:fe:26:67:3e:f3:c1:d6:42:a7:6d:33:ce:c4:40:11:45:99:
44:ac:55:f1:f8:14:50:9c:4c:66:4e:59:de:28:39:a2:de:ff:
38:35:4c:a2
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSIswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MjQw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDg3NDcyNzEyOEQ0RjQy
NEVBRjU5OTU5QUE1MjQ2MjExQUExNkQwMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzwsqd70tvhSuM+CdzVNxWCuQt0DozEN3bNidzu2l7b7kNyqcv
1QbtR2Uf+q3IS3jQH/jpzA8HDjt89u+XirTLStT6QB6gv3mVrQhddvWmDKMok0UK
el15c2ip0BEaoq2RVUgOFEbsIZR+6DQnyUY881GG/fmeY+m6uuAhaI5ZGJlQdDea
D/f2xNifOdJgbb3KHHm992OP7SGF6u0L3PCjzDT4bROgMiAt9vgMxj69wQnACvn3
Jcb6lLClqwBMEU+saTENQrmRrHoqNc8fF/3t0E0dqJO17q0ot/+qMxQ8nLYE9L+Q
7iWj0DxG9MegAeP6nIyzh2m1GG/BwYvCVObrAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUh0cnEo1PQk6vWZWapSRiEaoW0CAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9oMGNuRW8xUFFrNnZXWldhcFNSaUVhb1cwQ0Eucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ADY3oQtLnCM36IG52QwbX3eBmmjLMnK/xq+EjyU7FEune9UojV6gUt8qDiPHTSm4
E45u/SsFirE8m0vyDuppXI/eJkq7myB+PaBzItxCYN64ElOCDHb4qIWBzKKNpLHZ
eavLh1dyQqSuiWlb44YmuW91PlP9grXKFzrdxpe15+MnrhfTzCJIDCOPwt6QVoRq
+m3RBrUWCfvQs3g92keppfgWWpwMzl9r3m4CQv12XX6yaCQ9qgSjeHuOfKMHP3zZ
0v5JavlFoe01mqYBmpXnOZ49aKv0OuSHg17+Jmc+88HWQqdtM87EQBFFmUSsVfH4
FFCcTGZOWd4oOaLe/zg1TKI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org