Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/kAArBIvZ2InC2DSZ5vUZ0VTomjs.roa
File: kAArBIvZ2InC2DSZ5vUZ0VTomjs.roa (raw, json)
Hash identifier: 9LyOocKW9HMOu55CxCizFbM6AgxQ8yLLATAUHB9Bo9o=
Subject key identifier: 90:00:2B:04:8B:D9:D8:89:C2:D8:34:99:E6:F5:19:D1:54:E8:9A:3B
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44ED
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/kAArBIvZ2InC2DSZ5vUZ0VTomjs.roa
Signing time: Sat 19 Mar 2022 00:30:08 +0000
ROA not before: Sat 19 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17645 (0x44ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 19 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=90002B048BD9D889C2D83499E6F519D154E89A3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:17:87:25:be:d6:49:8d:d1:b3:88:06:e6:1b:
01:3c:3c:3f:a0:d2:69:46:5f:40:0b:c8:6e:ae:4f:
88:b5:c5:73:60:0b:8e:7f:12:72:c7:75:1b:fc:1b:
54:3e:fd:99:eb:66:ad:9f:81:bf:e4:1c:fc:c6:b2:
b2:86:af:59:c6:16:2f:b1:40:d0:68:e1:01:9a:a0:
a4:32:d0:e4:60:f2:a4:6a:66:30:9a:54:51:22:64:
42:f9:2f:17:99:01:e1:4d:3f:57:c7:05:51:c6:fe:
1c:e2:37:50:de:3b:29:b4:57:88:6a:b4:09:c3:a5:
c4:26:53:b9:fa:a1:c6:24:70:ac:18:72:bc:2a:44:
47:3e:af:57:20:e2:a5:c8:99:2e:0e:8b:4c:27:e7:
65:71:56:2b:6a:9c:61:8d:71:f9:50:db:af:c3:4f:
bd:72:9e:2d:9f:a5:ea:e9:03:5e:bd:55:d0:38:20:
c2:05:74:d1:39:2f:fb:f2:54:e3:3b:de:9a:e6:a3:
15:3c:a1:9c:26:00:32:13:f0:6a:a8:da:47:bd:12:
c8:e6:82:31:e5:da:6a:80:d2:e2:df:71:8f:6a:8d:
26:3a:04:ab:a2:f3:89:99:57:a9:fd:b4:ba:96:92:
4e:5c:e9:1b:b7:b0:9e:b3:78:e9:cc:95:ae:20:d3:
6e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:00:2B:04:8B:D9:D8:89:C2:D8:34:99:E6:F5:19:D1:54:E8:9A:3B
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/kAArBIvZ2InC2DSZ5vUZ0VTomjs.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:8d:ba:6c:9d:cc:94:7e:01:b0:9d:3f:4e:c0:20:7b:a4:4b:
76:1e:d1:8f:66:b1:d4:e5:8d:39:0b:56:b8:ca:6f:52:25:70:
0e:48:34:62:de:16:52:80:c7:38:7e:74:5e:e6:58:55:c4:22:
5d:36:95:35:d3:df:01:8c:a0:7c:57:41:17:d5:6d:0b:7f:48:
a3:97:c4:7f:9a:90:63:a5:08:be:74:3d:65:30:dd:b4:54:a9:
8f:12:a1:fa:6d:bd:22:bd:49:c7:e8:83:4e:8e:a7:87:8c:e0:
e1:3d:20:98:c7:0c:e3:de:03:39:08:b4:3c:db:1b:a5:85:b2:
9b:9c:21:fc:43:77:35:61:87:a3:2d:bc:09:c6:27:cb:b9:55:
32:6b:02:f4:ab:3c:d4:e9:12:0c:56:f3:47:b1:de:e7:c0:cc:
6b:c3:9e:d4:9b:7c:fd:67:2b:89:1b:24:e8:6e:60:ba:83:ec:
97:7b:2e:26:77:36:6d:3c:27:32:b2:dd:dc:63:ab:1c:22:c5:
9a:a0:a4:21:a0:b4:c7:64:71:49:ef:28:0a:ca:61:e3:c8:80:
79:ed:d0:89:72:49:61:ab:15:b1:a0:ab:93:d0:c7:75:42:63:
ae:02:27:c7:4c:28:70:8e:e8:64:2b:7c:ae:d0:05:f9:cc:e2:
15:df:43:72
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRO0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTkw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDkwMDAyQjA0OEJEOUQ4
ODlDMkQ4MzQ5OUU2RjUxOUQxNTRFODlBM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2F4clvtZJjdGziAbmGwE8PD+g0mlGX0ALyG6uT4i1xXNgC45/
EnLHdRv8G1Q+/ZnrZq2fgb/kHPzGsrKGr1nGFi+xQNBo4QGaoKQy0ORg8qRqZjCa
VFEiZEL5LxeZAeFNP1fHBVHG/hziN1DeOym0V4hqtAnDpcQmU7n6ocYkcKwYcrwq
REc+r1cg4qXImS4Oi0wn52VxVitqnGGNcflQ26/DT71yni2fperpA169VdA4IMIF
dNE5L/vyVOM73prmoxU8oZwmADIT8Gqo2ke9EsjmgjHl2mqA0uLfcY9qjSY6BKui
84mZV6n9tLqWkk5c6Ru3sJ6zeOnMla4g024RAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUkAArBIvZ2InC2DSZ5vUZ0VTomjswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9rQUFyQkl2WjJJbkMyRFNaNXZVWjBWVG9tanMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
ALCNumydzJR+AbCdP07AIHukS3Ye0Y9msdTljTkLVrjKb1IlcA5INGLeFlKAxzh+
dF7mWFXEIl02lTXT3wGMoHxXQRfVbQt/SKOXxH+akGOlCL50PWUw3bRUqY8Sofpt
vSK9Scfog06Op4eM4OE9IJjHDOPeAzkItDzbG6WFspucIfxDdzVhh6MtvAnGJ8u5
VTJrAvSrPNTpEgxW80ex3ufAzGvDntSbfP1nK4kbJOhuYLqD7Jd7LiZ3Nm08JzKy
3dxjqxwixZqgpCGgtMdkcUnvKArKYePIgHnt0IlySWGrFbGgq5PQx3VCY64CJ8dM
KHCO6GQrfK7QBfnM4hXfQ3I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org