Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/hAZ65us6r3LukDVc3tdMqk0_Dz0.roa
File: hAZ65us6r3LukDVc3tdMqk0_Dz0.roa (raw, json)
Hash identifier: mgj8rifqwz3MEohswro0lHRw47E4B12KBDJEsD/Taew=
Subject key identifier: 84:06:7A:E6:EB:3A:AF:72:EE:90:35:5C:DE:D7:4C:AA:4D:3F:0F:3D
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43B3
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hAZ65us6r3LukDVc3tdMqk0_Dz0.roa
Signing time: Thu 24 Feb 2022 00:30:10 +0000
ROA not before: Thu 24 Feb 2022 00:30:10 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17331 (0x43b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 24 00:30:10 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=84067AE6EB3AAF72EE90355CDED74CAA4D3F0F3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d7:4e:9b:ce:d8:f6:fc:f8:5d:b2:46:2d:d5:
39:56:2b:89:11:df:3a:42:0d:c4:16:be:fc:ed:13:
42:14:d1:2c:9f:1f:06:6d:85:63:52:48:b3:50:08:
23:25:08:c2:26:9a:1d:79:d0:13:9c:04:4e:9d:92:
3d:30:4a:ae:b5:d8:c8:ac:25:d5:6e:18:ac:32:29:
e4:84:a7:06:e9:1e:e1:92:3f:a9:8a:a4:4d:9e:59:
3a:57:d7:48:c7:3c:c3:f9:49:d4:97:22:19:08:93:
8a:45:29:03:c2:ef:73:6e:4a:0f:29:49:8d:f0:fc:
60:c6:c1:7c:eb:28:26:4d:12:31:7f:c6:39:98:45:
de:bf:50:9a:cb:15:30:f0:f9:f8:8e:b6:34:ca:fc:
d9:e6:9d:a3:23:ce:2b:79:57:cb:b7:b7:d5:8f:54:
26:25:23:e2:94:9f:94:69:21:ea:ce:f4:be:b8:c4:
c1:01:d2:c0:81:68:5d:26:d9:90:16:cd:71:5d:da:
24:38:43:c0:da:5e:97:5e:5d:f0:3e:72:c0:9f:3a:
e0:ab:ad:e3:77:ec:97:39:d9:d0:68:6d:85:4d:2b:
e9:a3:1f:d7:5a:7a:8d:18:98:43:15:f6:96:b5:a4:
a1:75:d1:a2:00:84:9b:41:2b:ab:2b:aa:0f:51:fa:
98:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:06:7A:E6:EB:3A:AF:72:EE:90:35:5C:DE:D7:4C:AA:4D:3F:0F:3D
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hAZ65us6r3LukDVc3tdMqk0_Dz0.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
71:71:0f:1e:01:40:af:30:7a:ee:d3:32:74:aa:b0:3e:92:67:
6a:d3:2d:e7:77:0e:ac:fc:ed:39:68:fa:a5:b7:56:c0:01:75:
0f:6d:a9:c5:5a:1c:09:85:ac:e8:96:04:e9:e9:f1:7d:8a:58:
3e:00:0c:ba:58:60:b2:d1:8f:d9:85:f7:2c:b7:5c:02:90:d9:
fd:65:39:31:9f:fe:9c:19:f6:56:d5:26:20:7e:7b:7d:3d:f5:
8c:56:66:5c:16:2a:37:31:17:52:23:1d:cc:38:4f:d6:81:d7:
d8:29:6f:a0:90:be:0e:80:5a:ab:4e:52:fe:3c:cb:29:4e:09:
1f:f4:d3:00:10:93:c1:9e:2b:17:e2:14:00:dc:44:0b:b9:16:
da:e4:b9:9e:d2:19:c7:fd:ea:92:62:d0:66:a2:97:6c:92:ff:
b4:e8:c4:3a:4d:73:b0:96:39:09:2b:43:12:92:e9:b1:a4:a9:
ce:65:5b:25:99:7e:6c:f5:dd:71:9f:97:c8:7e:26:27:46:e9:
70:8a:43:9e:f4:61:45:8a:f2:d5:d3:e4:75:39:62:44:7b:f4:
01:84:98:c5:72:02:9b:78:12:c5:8d:5d:b8:59:22:f1:04:66:
b6:48:03:d7:d7:f6:ba:8b:61:1d:31:89:fe:28:6c:f9:26:41:
b5:a3:e9:e4
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ7MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjQw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDg0MDY3QUU2RUIzQUFG
NzJFRTkwMzU1Q0RFRDc0Q0FBNEQzRjBGM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu106bztj2/PhdskYt1TlWK4kR3zpCDcQWvvztE0IU0SyfHwZt
hWNSSLNQCCMlCMImmh150BOcBE6dkj0wSq612MisJdVuGKwyKeSEpwbpHuGSP6mK
pE2eWTpX10jHPMP5SdSXIhkIk4pFKQPC73NuSg8pSY3w/GDGwXzrKCZNEjF/xjmY
Rd6/UJrLFTDw+fiOtjTK/NnmnaMjzit5V8u3t9WPVCYlI+KUn5RpIerO9L64xMEB
0sCBaF0m2ZAWzXFd2iQ4Q8DaXpdeXfA+csCfOuCrreN37Jc52dBobYVNK+mjH9da
eo0YmEMV9pa1pKF10aIAhJtBK6srqg9R+pjxAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUhAZ65us6r3LukDVc3tdMqk0/Dz0wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9oQVo2NXVzNnIzTHVrRFZjM3RkTXFrMF9EejAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AHFxDx4BQK8weu7TMnSqsD6SZ2rTLed3Dqz87Tlo+qW3VsABdQ9tqcVaHAmFrOiW
BOnp8X2KWD4ADLpYYLLRj9mF9yy3XAKQ2f1lOTGf/pwZ9lbVJiB+e3099YxWZlwW
KjcxF1IjHcw4T9aB19gpb6CQvg6AWqtOUv48yylOCR/00wAQk8GeKxfiFADcRAu5
FtrkuZ7SGcf96pJi0Gail2yS/7ToxDpNc7CWOQkrQxKS6bGkqc5lWyWZfmz13XGf
l8h+JidG6XCKQ570YUWK8tXT5HU5YkR79AGEmMVyApt4EsWNXbhZIvEEZrZIA9fX
9rqLYR0xif4obPkmQbWj6eQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org