Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/h6FZhhLPMMCcPuVExFc5Obq1lBs.roa
File: h6FZhhLPMMCcPuVExFc5Obq1lBs.roa (raw, json)
Hash identifier: MHK//Tvk89TmoXxHO9k6R2w9FVDrdZK0c7Blzo73tIc=
Subject key identifier: 87:A1:59:86:12:CF:30:C0:9C:3E:E5:44:C4:57:39:39:BA:B5:94:1B
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43E2
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/h6FZhhLPMMCcPuVExFc5Obq1lBs.roa
Signing time: Mon 28 Feb 2022 00:30:06 +0000
ROA not before: Mon 28 Feb 2022 00:30:06 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17378 (0x43e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 28 00:30:06 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=87A1598612CF30C09C3EE544C4573939BAB5941B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6a:ce:47:07:25:11:96:b9:67:ac:ad:18:b4:
fa:db:56:93:ea:3a:a8:1f:83:de:a0:c9:9d:ff:da:
87:b8:58:e1:64:1b:e6:da:92:df:69:ad:ce:15:6d:
83:af:bc:d1:80:9c:30:10:20:57:97:07:8b:d0:cf:
ef:80:67:b1:04:10:f1:aa:b9:29:7d:e1:14:6f:9a:
56:79:65:86:85:55:fe:1c:f9:cc:7c:07:fc:cf:1e:
1d:66:08:82:78:06:40:6f:fd:a5:d0:64:03:6c:e2:
d4:74:54:8e:7e:01:4c:a9:b4:55:da:0c:07:e8:52:
02:0f:a2:f4:47:3e:05:93:1c:f3:af:ea:52:0e:91:
c7:da:23:7f:a8:be:00:b1:71:49:46:9b:23:9c:d8:
50:97:b7:0a:c1:84:c6:ed:05:dc:ed:51:54:75:db:
e5:5c:10:47:5b:0e:8e:a1:bd:10:bb:36:18:c5:e0:
e7:a7:cb:d4:67:c3:58:d7:4a:05:a4:be:18:25:c5:
7a:bd:1f:aa:07:8e:be:4d:d7:35:1e:5b:f5:d4:45:
b8:21:76:49:6c:27:fa:1d:ee:60:9b:6a:a0:aa:2f:
7e:26:52:2f:91:7c:f6:06:7e:0c:3f:23:f6:6b:b2:
4a:b3:3d:ef:73:49:8b:fc:14:d4:b3:cf:99:9a:49:
83:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A1:59:86:12:CF:30:C0:9C:3E:E5:44:C4:57:39:39:BA:B5:94:1B
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/h6FZhhLPMMCcPuVExFc5Obq1lBs.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:74:6d:1b:e2:dc:20:6b:65:f4:d9:49:60:82:ad:82:6f:20:
91:bc:04:da:43:ce:9e:42:dc:82:56:c9:52:d4:3b:99:c2:ba:
cb:96:72:51:9e:6f:b9:d9:d2:a4:76:6b:ae:0a:7f:3d:5e:b1:
73:cf:f0:3d:71:3a:ac:1d:90:ad:ff:93:42:e8:d9:2f:ed:be:
49:ee:c5:b3:09:a2:35:7c:fd:47:07:b8:b3:58:e7:b1:97:fc:
10:98:0a:be:7e:b6:ec:79:55:08:2e:2c:27:77:7f:f6:b2:6e:
70:14:22:5e:c1:a3:59:2a:26:de:aa:f8:ce:da:55:b9:eb:8b:
b8:d0:59:3e:9a:da:7d:f9:38:08:ce:bb:17:92:a3:89:b8:34:
fb:11:51:87:73:ad:63:26:5c:48:47:3e:94:b5:da:5c:58:1f:
5b:c2:7d:66:f5:6c:95:fc:55:f2:8b:86:68:ad:c1:04:03:89:
2d:32:fe:33:d5:f4:8a:25:d8:c1:0b:05:9a:3a:e1:54:81:cd:
8c:16:eb:4d:6d:65:e6:d9:eb:63:78:d4:cd:e4:32:87:e4:8d:
1a:8f:5d:22:ed:f4:4b:02:7e:49:1d:20:00:4e:90:01:2b:4e:
2e:de:58:11:fc:5e:d1:df:61:c8:52:8c:bf:05:cc:7d:1e:fd:
a5:cf:29:be
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ+IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjgw
MDMwMDZaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDg3QTE1OTg2MTJDRjMw
QzA5QzNFRTU0NEM0NTczOTM5QkFCNTk0MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCas5HByURlrlnrK0YtPrbVpPqOqgfg96gyZ3/2oe4WOFkG+ba
kt9prc4VbYOvvNGAnDAQIFeXB4vQz++AZ7EEEPGquSl94RRvmlZ5ZYaFVf4c+cx8
B/zPHh1mCIJ4BkBv/aXQZANs4tR0VI5+AUyptFXaDAfoUgIPovRHPgWTHPOv6lIO
kcfaI3+ovgCxcUlGmyOc2FCXtwrBhMbtBdztUVR12+VcEEdbDo6hvRC7NhjF4Oen
y9Rnw1jXSgWkvhglxXq9H6oHjr5N1zUeW/XURbghdklsJ/od7mCbaqCqL34mUi+R
fPYGfgw/I/ZrskqzPe9zSYv8FNSzz5maSYPfAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUh6FZhhLPMMCcPuVExFc5Obq1lBswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9oNkZaaGhMUE1NQ2NQdVZFeEZjNU9icTFsQnMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AEt0bRvi3CBrZfTZSWCCrYJvIJG8BNpDzp5C3IJWyVLUO5nCusuWclGeb7nZ0qR2
a64Kfz1esXPP8D1xOqwdkK3/k0Lo2S/tvknuxbMJojV8/UcHuLNY57GX/BCYCr5+
tux5VQguLCd3f/aybnAUIl7Bo1kqJt6q+M7aVbnri7jQWT6a2n35OAjOuxeSo4m4
NPsRUYdzrWMmXEhHPpS12lxYH1vCfWb1bJX8VfKLhmitwQQDiS0y/jPV9Iol2MEL
BZo64VSBzYwW601tZebZ62N41M3kMofkjRqPXSLt9EsCfkkdIABOkAErTi7eWBH8
XtHfYchSjL8FzH0e/aXPKb4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org