Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/iTQ4Lfg1CabyxNd9_ohaSDbLkZ8.roa
File: iTQ4Lfg1CabyxNd9_ohaSDbLkZ8.roa (raw, json)
Hash identifier: ka8tyNww1qzgzOg6rPt3jNX8sDmG54TWTfTCOkDGa5M=
Subject key identifier: 89:34:38:2D:F8:35:09:A6:F2:C4:D7:7D:FE:88:5A:48:36:CB:91:9F
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43E5
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/iTQ4Lfg1CabyxNd9_ohaSDbLkZ8.roa
Signing time: Mon 28 Feb 2022 00:30:08 +0000
ROA not before: Mon 28 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17381 (0x43e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 28 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=8934382DF83509A6F2C4D77DFE885A4836CB919F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a6:fa:b8:f4:87:fd:cb:23:cf:c5:1d:96:99:
2c:d4:9f:48:ba:13:e3:fc:68:60:5c:64:cd:68:25:
71:42:1a:4c:9b:64:72:88:d8:f2:94:ba:f6:c8:08:
4e:5e:f0:37:d6:15:45:5d:17:b8:c0:1c:26:17:db:
26:99:f1:da:3e:7e:23:03:23:af:48:f4:d3:1d:f7:
a3:b7:f1:fc:d0:1a:3e:93:f6:93:a9:99:87:5b:45:
43:cd:1a:90:56:ed:e0:1d:fa:ab:14:c1:76:07:61:
41:67:32:65:71:d4:3d:74:a5:2b:e1:70:e4:5f:ce:
a2:80:e9:29:c3:ca:57:24:10:a7:b2:3b:25:4d:97:
8c:f2:69:95:73:2c:9a:fc:af:44:b3:5c:2b:6b:ba:
a8:a5:54:e5:b9:a2:4b:41:2d:ed:05:0e:f9:6e:26:
a1:ca:e5:40:f5:b6:86:81:36:b0:f8:d1:56:e5:eb:
74:e2:4e:54:ff:51:a5:1e:9f:88:39:fe:21:ef:dd:
54:92:9b:8a:99:5f:a4:77:74:84:9f:3d:32:24:3b:
8b:cb:9e:72:50:a6:f0:ef:75:c1:35:e0:93:20:71:
59:ed:48:ea:30:a1:33:53:7e:75:5d:38:0a:af:e2:
f8:d2:43:5d:b3:e4:ff:da:4a:4f:45:16:21:9e:84:
bd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:34:38:2D:F8:35:09:A6:F2:C4:D7:7D:FE:88:5A:48:36:CB:91:9F
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/iTQ4Lfg1CabyxNd9_ohaSDbLkZ8.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.9.0/24
Signature Algorithm: sha256WithRSAEncryption
97:c1:9c:c5:27:8a:39:ec:9a:73:62:cf:a1:ec:df:e4:13:1d:
c0:71:56:89:fd:06:35:d9:44:49:df:aa:80:3a:d2:b3:7a:b7:
2f:dd:e0:3b:96:fb:c5:7a:05:45:6d:2b:d7:6b:e4:f0:05:c2:
d1:b8:0c:35:39:46:35:a3:4d:4f:d1:e0:a1:6d:ac:8e:fc:a0:
85:29:27:d7:27:35:be:b1:5e:d2:bf:43:ac:d9:30:ef:0a:0e:
4d:d3:ec:c9:ac:7d:90:9a:57:1a:f3:6d:2c:0e:7d:8e:17:08:
70:44:64:d2:cb:c2:32:86:1e:ee:80:f2:e0:22:b1:80:3f:c1:
41:be:f2:d1:da:e2:3c:b2:14:d4:07:78:d9:60:ed:da:8a:86:
72:b1:5b:61:a3:ac:28:68:57:15:73:73:ca:fd:7b:2a:f8:d1:
8f:3d:0f:61:54:5c:28:a5:39:93:e2:72:6b:24:3f:7a:95:19:
7b:e4:40:9b:95:cc:4f:5c:6e:b1:f1:b9:52:75:d0:cc:8e:04:
ed:83:db:83:f9:6c:aa:20:c4:23:b1:8c:02:28:6d:7d:8f:d6:
fd:47:f2:2b:b5:c3:58:a1:e4:de:25:4a:80:bd:28:9b:21:4a:
62:a4:ae:e7:51:ed:d0:02:fa:b9:61:5d:3e:71:e4:0d:01:68:
3a:7d:7c:c0
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ+UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjgw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDg5MzQzODJERjgzNTA5
QTZGMkM0RDc3REZFODg1QTQ4MzZDQjkxOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnpvq49If9yyPPxR2WmSzUn0i6E+P8aGBcZM1oJXFCGkybZHKI
2PKUuvbICE5e8DfWFUVdF7jAHCYX2yaZ8do+fiMDI69I9NMd96O38fzQGj6T9pOp
mYdbRUPNGpBW7eAd+qsUwXYHYUFnMmVx1D10pSvhcORfzqKA6SnDylckEKeyOyVN
l4zyaZVzLJr8r0SzXCtruqilVOW5oktBLe0FDvluJqHK5UD1toaBNrD40Vbl63Ti
TlT/UaUen4g5/iHv3VSSm4qZX6R3dISfPTIkO4vLnnJQpvDvdcE14JMgcVntSOow
oTNTfnVdOAqv4vjSQ12z5P/aSk9FFiGehL2ZAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUiTQ4Lfg1CabyxNd9/ohaSDbLkZ8wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9pVFE0TGZnMUNhYnl4TmQ5X29oYVNEYkxrWjgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AJfBnMUnijnsmnNiz6Hs3+QTHcBxVon9BjXZREnfqoA60rN6ty/d4DuW+8V6BUVt
K9dr5PAFwtG4DDU5RjWjTU/R4KFtrI78oIUpJ9cnNb6xXtK/Q6zZMO8KDk3T7Mms
fZCaVxrzbSwOfY4XCHBEZNLLwjKGHu6A8uAisYA/wUG+8tHa4jyyFNQHeNlg7dqK
hnKxW2GjrChoVxVzc8r9eyr40Y89D2FUXCilOZPicmskP3qVGXvkQJuVzE9cbrHx
uVJ10MyOBO2D24P5bKogxCOxjAIobX2P1v1H8iu1w1ih5N4lSoC9KJshSmKkrudR
7dAC+rlhXT5x5A0BaDp9fMA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org