Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/lm5XP5zJfu_YWhoGheIQE00U-yU.roa
File: lm5XP5zJfu_YWhoGheIQE00U-yU.roa (raw, json)
Hash identifier: 4mcdosnfs4r7nzXNGFs9xmPC4Ipd5EPZNcx/qOlTyYM=
Subject key identifier: 96:6E:57:3F:9C:C9:7E:EF:D8:5A:1A:06:85:E2:10:13:4D:14:FB:25
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 447B
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/lm5XP5zJfu_YWhoGheIQE00U-yU.roa
Signing time: Fri 11 Mar 2022 00:36:54 +0000
ROA not before: Fri 11 Mar 2022 00:36:54 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17531 (0x447b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 11 00:36:54 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=966E573F9CC97EEFD85A1A0685E210134D14FB25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a0:d7:57:6b:4d:81:69:4c:d5:05:cb:30:48:
d6:ad:4c:85:9e:89:eb:2d:bd:b5:da:fa:0d:14:1b:
00:e3:28:87:18:3c:9e:95:49:26:bc:4a:7d:39:0c:
0f:40:c2:74:47:e3:94:ab:be:20:d5:11:76:ec:92:
d7:60:d6:83:f8:f0:ef:da:ac:23:ac:ba:03:cb:b8:
7c:14:79:af:ef:f1:14:bc:26:bf:6e:5a:fb:cb:33:
71:14:c3:5f:99:71:07:d5:39:f5:68:ce:fb:9d:b4:
e9:d5:7a:84:02:28:0b:b8:27:af:f0:d3:d4:d5:6d:
d3:6d:0a:6d:5d:e5:8c:bf:ee:bb:3e:6a:d3:a5:09:
b6:fd:0f:1c:53:b9:45:5a:0a:41:de:ae:9a:a5:b7:
2c:5f:b4:75:5b:3d:6a:8a:a1:7c:e3:0c:1c:4f:5d:
12:13:bf:1a:62:49:04:63:de:4a:ee:e5:bf:20:f6:
01:0d:00:8e:16:89:a6:72:b1:0f:07:c4:ad:9e:b0:
a7:ef:ba:1a:29:f3:ff:4f:91:aa:d2:b5:dd:3e:24:
1e:04:a4:f5:c5:ef:36:14:07:fe:be:6e:9d:e3:2d:
43:d0:98:29:c2:fc:be:83:62:a6:9f:3d:37:7e:c6:
62:79:e6:6b:68:74:e8:f2:79:9c:33:d9:e4:27:c0:
6c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:6E:57:3F:9C:C9:7E:EF:D8:5A:1A:06:85:E2:10:13:4D:14:FB:25
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/lm5XP5zJfu_YWhoGheIQE00U-yU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.15.0/24
Signature Algorithm: sha256WithRSAEncryption
29:e6:9f:d2:7d:0a:4c:f5:d0:4e:e3:cd:b8:2b:aa:a5:9d:c9:
a6:1b:8a:b0:cb:c2:00:94:cc:13:92:c1:2a:51:8c:e6:2d:fd:
eb:ca:de:2a:42:3c:82:bc:2f:2f:86:6a:80:75:10:5e:9b:ab:
cd:a1:e3:c1:ea:19:5b:11:e9:f9:56:8d:97:97:3b:ca:a2:e4:
f7:70:c5:f1:31:0f:0a:10:b7:28:4a:04:4b:4d:6e:dd:5a:62:
06:03:45:47:46:fe:57:57:71:18:f7:06:3e:a5:78:b4:37:fb:
fe:fd:e4:6e:d2:4f:aa:5f:ce:b3:98:55:a3:0d:c7:a3:6c:4c:
63:b2:fc:d6:0b:1f:f9:1b:04:24:f7:8d:39:00:89:a3:7d:0c:
e4:d4:f3:4b:0d:a5:e0:e2:3b:16:d3:38:20:04:ad:04:e3:cb:
88:d3:fb:07:06:37:de:cc:04:0d:bf:5c:a2:2f:18:08:bc:72:
6b:ad:b9:f1:bc:15:77:b9:a7:d3:c6:03:75:4f:fd:79:a9:fd:
a6:d4:56:c1:e2:3e:7a:53:03:cd:81:8e:ac:2d:8e:a9:03:84:
3a:da:7d:a4:36:2b:46:70:2b:95:0a:b1:b7:bc:af:da:f4:2b:
ae:39:3a:ac:11:fe:e5:f5:8c:80:1e:bd:49:96:ea:a9:c4:8e:
75:59:79:df
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRHswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTEw
MDM2NTRaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDk2NkU1NzNGOUNDOTdF
RUZEODVBMUEwNjg1RTIxMDEzNEQxNEZCMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEoNdXa02BaUzVBcswSNatTIWeiestvbXa+g0UGwDjKIcYPJ6V
SSa8Sn05DA9AwnRH45SrviDVEXbsktdg1oP48O/arCOsugPLuHwUea/v8RS8Jr9u
WvvLM3EUw1+ZcQfVOfVozvudtOnVeoQCKAu4J6/w09TVbdNtCm1d5Yy/7rs+atOl
Cbb9DxxTuUVaCkHerpqltyxftHVbPWqKoXzjDBxPXRITvxpiSQRj3kru5b8g9gEN
AI4WiaZysQ8HxK2esKfvuhop8/9PkarStd0+JB4EpPXF7zYUB/6+bp3jLUPQmCnC
/L6DYqafPTd+xmJ55mtodOjyeZwz2eQnwGxlAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUlm5XP5zJfu/YWhoGheIQE00U+yUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9sbTVYUDV6SmZ1X1lXaG9HaGVJUUUwMFUteVUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA8wDQYJKoZIhvcNAQELBQADggEB
ACnmn9J9Ckz10E7jzbgrqqWdyaYbirDLwgCUzBOSwSpRjOYt/evK3ipCPIK8Ly+G
aoB1EF6bq82h48HqGVsR6flWjZeXO8qi5PdwxfExDwoQtyhKBEtNbt1aYgYDRUdG
/ldXcRj3Bj6leLQ3+/795G7ST6pfzrOYVaMNx6NsTGOy/NYLH/kbBCT3jTkAiaN9
DOTU80sNpeDiOxbTOCAErQTjy4jT+wcGN97MBA2/XKIvGAi8cmutufG8FXe5p9PG
A3VP/Xmp/abUVsHiPnpTA82BjqwtjqkDhDrafaQ2K0ZwK5UKsbe8r9r0K645OqwR
/uX1jIAevUmW6qnEjnVZed8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org