Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/i0ABzKYsCzimyVzCu3F69BfirZA.roa
File: i0ABzKYsCzimyVzCu3F69BfirZA.roa (raw, json)
Hash identifier: s3LXnxbnDNjbw9m0/3ygcNtlmZ42BZhH3bZYnYJytuQ=
Subject key identifier: 8B:40:01:CC:A6:2C:0B:38:A6:C9:5C:C2:BB:71:7A:F4:17:E2:AD:90
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 33DD
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/i0ABzKYsCzimyVzCu3F69BfirZA.roa
Signing time: Wed 14 Apr 2021 10:34:44 +0000
ROA not before: Wed 14 Apr 2021 10:34:44 +0000
ROA not after: Fri 01 Apr 2022 01:01:03 +0000
asID: 47065
IP address blocks: 147.28.6.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13277 (0x33dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 14 10:34:44 2021 GMT
Not After : Apr 1 01:01:03 2022 GMT
Subject: CN=8B4001CCA62C0B38A6C95CC2BB717AF417E2AD90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c4:ce:c8:7d:74:b6:ab:48:1c:5b:c6:66:24:
b9:05:12:a3:0b:63:9f:aa:f7:d0:ee:d6:b3:a1:ac:
c3:81:01:4d:67:93:34:87:11:6a:a8:6a:b8:18:42:
3a:4c:2d:f2:08:87:13:23:13:24:05:eb:a6:15:a2:
0e:dd:3f:47:46:79:20:26:b4:34:45:a3:06:7b:93:
71:19:ab:82:d1:94:f3:08:8b:41:28:c7:4b:cf:22:
d2:b7:63:c5:22:56:ff:c4:8e:62:b4:24:a5:ae:8c:
6f:dd:e2:5a:62:95:22:fc:aa:04:a0:86:96:6a:8c:
5c:49:1d:91:91:6d:60:d0:e4:fe:94:35:a5:d0:95:
bb:39:fb:40:42:7c:bb:3f:f8:ab:75:99:4b:e4:e1:
29:33:b1:1b:84:22:fc:3a:aa:81:ea:6b:52:f5:bb:
f3:de:fe:3b:c2:49:a8:04:eb:1d:2e:09:a0:07:d8:
6f:ed:e7:2c:3e:52:53:0a:b0:96:d0:d1:ce:27:b4:
b7:96:48:14:de:d1:cd:4a:ce:e9:2f:8a:5e:fa:32:
03:84:96:16:85:17:cc:3f:d0:26:d1:e6:2d:75:2f:
1d:f0:b3:f4:0e:c3:1c:24:b4:6e:1c:0b:5b:82:97:
b3:79:94:c3:88:a4:90:ec:c0:7e:b5:3a:93:6d:d9:
6f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:40:01:CC:A6:2C:0B:38:A6:C9:5C:C2:BB:71:7A:F4:17:E2:AD:90
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/i0ABzKYsCzimyVzCu3F69BfirZA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.6.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:0c:4d:3f:81:23:f6:b0:48:7c:41:64:ef:de:df:8b:24:95:
eb:09:97:fb:86:50:e0:f5:a8:c3:21:e0:d0:30:08:c9:36:f8:
77:60:74:49:2a:e1:d3:3a:2b:eb:0a:e4:4a:46:4f:fb:d1:a7:
22:7b:88:64:ca:21:c0:73:b6:5c:59:c3:f8:1a:30:c6:4f:1d:
be:4f:d6:7f:47:db:5b:11:8e:57:1a:ef:47:ad:ef:77:df:3b:
b4:b5:2a:9c:43:47:17:64:ae:e4:94:91:72:96:b6:a5:28:37:
cb:f2:58:ce:31:9c:fb:49:dc:2e:87:a2:2a:f6:37:a4:e3:85:
cc:54:d1:69:1a:6e:37:4a:a1:ae:b3:d6:b2:67:c1:15:26:67:
ab:d1:57:0f:d6:e6:00:e2:c8:7d:18:56:fa:84:1a:bd:f1:b1:
07:d8:f2:f5:10:67:01:e8:de:7f:16:63:73:63:70:d8:0b:14:
40:4e:65:e0:7f:14:c9:ee:f1:e1:96:20:c4:da:4e:43:da:3f:
5b:14:c9:42:40:a9:ca:c1:37:17:f8:35:55:e2:ba:61:03:98:
5d:da:ec:18:8e:dd:82:dd:90:4c:d9:04:ac:7d:44:25:db:52:
43:d3:36:44:fd:c0:48:9c:74:79:5a:9f:71:bf:14:f5:a8:dc:
cb:18:28:30
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICM90wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMTA0MTQx
MDM0NDRaFw0yMjA0MDEwMTAxMDNaMDMxMTAvBgNVBAMTKDhCNDAwMUNDQTYyQzBC
MzhBNkM5NUNDMkJCNzE3QUY0MTdFMkFEOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDexM7IfXS2q0gcW8ZmJLkFEqMLY5+q99Du1rOhrMOBAU1nkzSH
EWqoargYQjpMLfIIhxMjEyQF66YVog7dP0dGeSAmtDRFowZ7k3EZq4LRlPMIi0Eo
x0vPItK3Y8UiVv/EjmK0JKWujG/d4lpilSL8qgSghpZqjFxJHZGRbWDQ5P6UNaXQ
lbs5+0BCfLs/+Kt1mUvk4SkzsRuEIvw6qoHqa1L1u/Pe/jvCSagE6x0uCaAH2G/t
5yw+UlMKsJbQ0c4ntLeWSBTe0c1Kzukvil76MgOElhaFF8w/0CbR5i11Lx3ws/QO
wxwktG4cC1uCl7N5lMOIpJDswH61OpNt2W9PAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUi0ABzKYsCzimyVzCu3F69BfirZAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9pMEFCektZc0N6aW15VnpDdTNGNjlCZmlyWkEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAYwDQYJKoZIhvcNAQELBQADggEB
AI0MTT+BI/awSHxBZO/e34sklesJl/uGUOD1qMMh4NAwCMk2+HdgdEkq4dM6K+sK
5EpGT/vRpyJ7iGTKIcBztlxZw/gaMMZPHb5P1n9H21sRjlca70et73ffO7S1KpxD
RxdkruSUkXKWtqUoN8vyWM4xnPtJ3C6Hoir2N6TjhcxU0WkabjdKoa6z1rJnwRUm
Z6vRVw/W5gDiyH0YVvqEGr3xsQfY8vUQZwHo3n8WY3NjcNgLFEBOZeB/FMnu8eGW
IMTaTkPaP1sUyUJAqcrBNxf4NVXiumEDmF3a7BiO3YLdkEzZBKx9RCXbUkPTNkT9
wEicdHlan3G/FPWo3MsYKDA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org