Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/hurLEdBPBSBmcWOhT7Pis7omb3U.roa
File: hurLEdBPBSBmcWOhT7Pis7omb3U.roa (raw, json)
Hash identifier: 0Ndtp5v0INtiYzfU6+X2oaVYUaNERtPhCQgMOP/dPZc=
Subject key identifier: 86:EA:CB:11:D0:4F:05:20:66:71:63:A1:4F:B3:E2:B3:BA:26:6F:75
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 45DB
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hurLEdBPBSBmcWOhT7Pis7omb3U.roa
Signing time: Tue 05 Apr 2022 00:30:06 +0000
ROA not before: Tue 05 Apr 2022 00:30:06 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17883 (0x45db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 5 00:30:06 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=86EACB11D04F0520667163A14FB3E2B3BA266F75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ba:e3:6b:8e:a5:4f:d8:a6:44:f8:22:69:3f:
bb:44:a8:83:4e:d6:29:98:9d:b8:25:f4:32:12:5d:
b4:a4:db:bb:ca:30:ff:aa:61:92:20:05:15:ea:ae:
cb:14:f8:bd:a0:a7:72:9c:f4:3f:bd:5e:02:e5:d9:
5a:11:2c:b7:a5:27:bf:11:40:42:77:0e:d1:73:56:
6f:c5:a4:fa:e7:f7:48:4e:d9:7a:db:69:85:ba:88:
47:d4:c7:67:02:29:ce:2a:73:c6:51:87:22:f4:23:
59:c9:3e:a2:f3:c5:66:3c:a4:b7:de:75:cc:93:92:
46:5b:6d:c0:eb:d9:b6:de:45:7b:01:a1:f3:9e:c3:
10:70:df:f3:f6:c3:91:74:d5:ef:4f:8c:a5:b2:e8:
b6:ef:ee:b2:e4:aa:7f:72:50:d6:6f:47:a4:ab:fa:
8a:7f:a1:f4:95:28:ff:06:7e:41:9d:f0:25:30:51:
bf:5a:d1:fd:91:14:8c:09:1e:6c:05:c9:a3:8b:4d:
91:f1:e8:6a:12:ed:14:02:fd:d6:ce:8b:53:64:ad:
d5:ca:34:13:e8:8e:e5:60:ed:b4:cc:1a:f8:54:3f:
1c:e6:c8:05:ae:b0:2f:64:6c:64:10:52:c4:22:e0:
1d:fb:97:55:c4:41:24:35:8f:f8:01:2a:2a:8b:55:
29:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:EA:CB:11:D0:4F:05:20:66:71:63:A1:4F:B3:E2:B3:BA:26:6F:75
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hurLEdBPBSBmcWOhT7Pis7omb3U.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
76:c7:7e:94:27:1c:cb:a2:12:47:1d:d5:f3:8b:64:03:4a:83:
51:9c:13:5e:03:e4:07:ab:fe:6c:46:f3:dc:fc:05:90:2b:7b:
ee:98:06:ea:01:1b:66:8c:3b:94:55:19:ab:79:0f:b4:28:d3:
00:de:a1:87:59:32:a5:cb:ef:dd:ec:e3:a1:46:83:36:bf:9f:
c1:71:53:e7:5a:67:99:96:ae:b4:1d:79:8b:c6:83:6a:c4:5b:
03:15:60:e6:15:f7:c4:94:3c:7a:3e:e6:84:26:df:4a:77:46:
3d:4c:77:8f:6f:d6:71:75:df:3c:34:ea:37:1f:1b:d7:2b:c7:
4b:6f:fc:ef:ee:73:36:79:86:e6:0b:8a:55:1e:53:db:af:d4:
1c:e7:97:4a:f7:f2:82:c7:04:ae:94:ac:0a:55:df:80:ce:2a:
e6:d9:39:6d:2c:16:71:f2:40:7b:69:a2:a3:44:05:e7:76:cf:
fc:f5:fa:8e:d6:f2:3e:6b:4b:0b:94:58:9c:92:24:4e:4d:46:
84:80:f8:ea:79:41:5d:07:09:24:03:84:9c:e1:15:2b:be:fd:
15:a0:66:76:8b:44:f4:02:e7:a0:90:88:68:88:d5:9c:fc:eb:
2e:cc:c5:16:84:de:71:6e:48:37:7e:87:72:08:8d:7d:02:11:
98:b6:e1:fd
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRdswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MDUw
MDMwMDZaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDg2RUFDQjExRDA0RjA1
MjA2NjcxNjNBMTRGQjNFMkIzQkEyNjZGNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmuuNrjqVP2KZE+CJpP7tEqINO1imYnbgl9DISXbSk27vKMP+q
YZIgBRXqrssU+L2gp3Kc9D+9XgLl2VoRLLelJ78RQEJ3DtFzVm/FpPrn90hO2Xrb
aYW6iEfUx2cCKc4qc8ZRhyL0I1nJPqLzxWY8pLfedcyTkkZbbcDr2bbeRXsBofOe
wxBw3/P2w5F01e9PjKWy6Lbv7rLkqn9yUNZvR6Sr+op/ofSVKP8GfkGd8CUwUb9a
0f2RFIwJHmwFyaOLTZHx6GoS7RQC/dbOi1NkrdXKNBPojuVg7bTMGvhUPxzmyAWu
sC9kbGQQUsQi4B37l1XEQSQ1j/gBKiqLVSk5AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUhurLEdBPBSBmcWOhT7Pis7omb3UwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9odXJMRWRCUEJTQm1jV09oVDdQaXM3b21iM1Uucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AHbHfpQnHMuiEkcd1fOLZANKg1GcE14D5Aer/mxG89z8BZAre+6YBuoBG2aMO5RV
Gat5D7Qo0wDeoYdZMqXL793s46FGgza/n8FxU+daZ5mWrrQdeYvGg2rEWwMVYOYV
98SUPHo+5oQm30p3Rj1Md49v1nF13zw06jcfG9crx0tv/O/uczZ5huYLilUeU9uv
1Bznl0r38oLHBK6UrApV34DOKubZOW0sFnHyQHtpoqNEBed2z/z1+o7W8j5rSwuU
WJySJE5NRoSA+Op5QV0HCSQDhJzhFSu+/RWgZnaLRPQC56CQiGiI1Zz86y7MxRaE
3nFuSDd+h3IIjX0CEZi24f0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org