Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/ki6WlM6GHMX-oT9ywWmOy-R-zTo.roa
File: ki6WlM6GHMX-oT9ywWmOy-R-zTo.roa (raw, json)
Hash identifier: ZcloDEJV25xbrmFeL/l3Wl4VjFMLl3jEHu/L9Tuy5Qk=
Subject key identifier: 92:2E:96:94:CE:86:1C:C5:FE:A1:3F:72:C1:69:8E:CB:E4:7E:CD:3A
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44FB
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ki6WlM6GHMX-oT9ywWmOy-R-zTo.roa
Signing time: Sun 20 Mar 2022 00:30:20 +0000
ROA not before: Sun 20 Mar 2022 00:30:20 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17659 (0x44fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 20 00:30:20 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=922E9694CE861CC5FEA13F72C1698ECBE47ECD3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:02:59:95:6f:13:ae:d4:66:a2:8f:a2:92:52:
66:3f:16:a0:29:23:04:f1:85:33:df:da:55:60:df:
f2:c8:39:91:5f:66:d0:e3:eb:ce:b3:2e:bb:10:80:
85:34:1a:82:eb:b9:a6:1e:c2:5c:69:a3:95:52:b8:
49:bf:8b:e0:60:dc:4e:c1:75:cb:be:de:d3:4a:d0:
c2:37:47:f8:62:1d:11:b2:51:d2:d7:02:64:e0:77:
55:28:43:90:48:f6:06:7f:ae:f5:2d:93:a0:c1:9c:
37:9d:5c:82:77:2c:5f:98:15:43:49:36:81:62:a0:
1b:42:9a:12:bd:e2:1d:83:ba:f4:dd:25:b5:94:02:
75:75:92:39:b8:da:df:24:e8:5f:ae:11:fe:01:4d:
ab:d7:4e:b4:0a:fb:24:99:fa:dc:a8:83:fb:f1:1c:
12:a0:bf:0b:35:5c:08:58:ca:34:4f:c8:dd:8e:d0:
21:77:ec:19:8b:c0:62:71:3c:d8:21:8c:26:8d:6a:
89:12:5c:7e:0c:60:19:6b:5f:d6:df:00:a7:31:9b:
61:4a:94:fe:71:59:c8:19:4b:89:b0:b7:a9:d5:4f:
5a:d1:73:f0:ba:6c:17:05:17:69:20:c2:bc:7b:18:
be:8a:fa:b9:08:da:49:80:24:25:a4:38:5c:bb:cb:
ba:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:2E:96:94:CE:86:1C:C5:FE:A1:3F:72:C1:69:8E:CB:E4:7E:CD:3A
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/ki6WlM6GHMX-oT9ywWmOy-R-zTo.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:ba:44:da:a1:15:1e:6b:00:1c:d5:56:9f:3d:5d:57:28:ba:
3e:16:ac:0d:57:c7:ba:22:54:33:95:9f:74:bc:54:83:bf:dd:
c9:ad:81:77:96:62:a9:af:01:e6:02:ce:22:9f:44:e7:4b:11:
af:36:a2:50:3f:91:1a:55:e5:28:44:d1:11:2a:43:33:7f:6a:
51:6b:21:aa:29:e8:97:0f:45:46:6b:fc:ea:68:08:d7:5e:01:
5a:b8:35:b6:b8:54:69:68:b2:7b:c7:44:39:cf:ef:06:6c:99:
5d:c2:77:dc:ec:fe:79:7a:95:dd:01:1f:8e:ee:70:82:8e:64:
e0:57:51:70:48:3e:ce:5a:1e:e5:e8:c9:7e:5b:b1:fa:59:99:
c8:df:5d:a9:6f:77:10:1a:4e:a0:52:d3:9b:65:c8:04:07:29:
44:0f:36:9e:af:f1:45:28:13:2b:64:6f:49:30:9d:e8:86:7f:
98:1e:b0:d7:31:b6:6d:82:55:63:52:09:32:a0:d7:62:8a:2c:
6b:d7:e1:74:e1:51:fc:73:20:4f:be:bd:0f:8c:9d:1d:7f:7a:
50:77:6f:d7:81:a2:61:99:b1:2c:5b:e1:e5:72:db:1a:d7:8d:
1b:ef:ed:72:05:08:f4:33:de:ba:fc:c1:92:95:96:13:7a:31:
e5:62:99:18
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRPswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjAw
MDMwMjBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDkyMkU5Njk0Q0U4NjFD
QzVGRUExM0Y3MkMxNjk4RUNCRTQ3RUNEM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkAlmVbxOu1Gaij6KSUmY/FqApIwTxhTPf2lVg3/LIOZFfZtDj
686zLrsQgIU0GoLruaYewlxpo5VSuEm/i+Bg3E7Bdcu+3tNK0MI3R/hiHRGyUdLX
AmTgd1UoQ5BI9gZ/rvUtk6DBnDedXIJ3LF+YFUNJNoFioBtCmhK94h2DuvTdJbWU
AnV1kjm42t8k6F+uEf4BTavXTrQK+ySZ+tyog/vxHBKgvws1XAhYyjRPyN2O0CF3
7BmLwGJxPNghjCaNaokSXH4MYBlrX9bfAKcxm2FKlP5xWcgZS4mwt6nVT1rRc/C6
bBcFF2kgwrx7GL6K+rkI2kmAJCWkOFy7y7rhAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUki6WlM6GHMX+oT9ywWmOy+R+zTowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9raTZXbE02R0hNWC1vVDl5d1dtT3ktUi16VG8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AD26RNqhFR5rABzVVp89XVcouj4WrA1Xx7oiVDOVn3S8VIO/3cmtgXeWYqmvAeYC
ziKfROdLEa82olA/kRpV5ShE0REqQzN/alFrIaop6JcPRUZr/OpoCNdeAVq4Nba4
VGlosnvHRDnP7wZsmV3Cd9zs/nl6ld0BH47ucIKOZOBXUXBIPs5aHuXoyX5bsfpZ
mcjfXalvdxAaTqBS05tlyAQHKUQPNp6v8UUoEytkb0kwneiGf5gesNcxtm2CVWNS
CTKg12KKLGvX4XThUfxzIE++vQ+MnR1/elB3b9eBomGZsSxb4eVy2xrXjRvv7XIF
CPQz3rr8wZKVlhN6MeVimRg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org