Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/lzmdopgHGdXvBAj3jORPQb_Mod0.roa
File: lzmdopgHGdXvBAj3jORPQb_Mod0.roa (raw, json)
Hash identifier: 7qkaX+tJnVsk64mYmKsKjNdfnlPQlO/qQx5NBXdZOKo=
Subject key identifier: 97:39:9D:A2:98:07:19:D5:EF:04:08:F7:8C:E4:4F:41:BF:CC:A1:DD
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4567
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/lzmdopgHGdXvBAj3jORPQb_Mod0.roa
Signing time: Mon 28 Mar 2022 00:30:08 +0000
ROA not before: Mon 28 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17767 (0x4567)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 28 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=97399DA2980719D5EF0408F78CE44F41BFCCA1DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f6:60:72:18:f0:ae:33:da:65:60:3f:d6:90:
b0:cf:23:06:15:6d:2f:3e:1d:85:01:22:b9:51:29:
62:e6:20:2b:3f:15:32:5f:40:70:c2:a6:b0:54:29:
f5:9b:41:10:40:90:be:0b:2e:1a:11:e8:d9:b8:f3:
41:ea:ec:f9:8f:b2:5b:81:b4:a6:10:27:b6:b9:82:
f4:0d:c0:26:b3:9d:97:9b:ee:d9:36:35:ec:be:1c:
bc:8b:be:af:90:4b:97:cf:ea:49:f9:00:11:61:9b:
2f:15:9e:35:3e:4f:76:fe:2b:73:77:99:d8:6a:44:
06:7b:71:0b:9d:e4:6b:d9:06:9b:ae:d4:ad:ab:db:
75:e5:a7:b7:ec:ae:24:2f:3c:7d:89:cb:60:cf:a2:
3c:a7:5c:7d:45:61:b0:ee:75:4a:15:0e:f0:ea:c7:
3f:74:b0:83:61:ed:b8:70:c2:b6:d8:01:70:8f:e8:
f5:64:9b:e0:6c:42:b1:54:b1:e2:fc:c4:a6:e6:fa:
cf:14:e5:cd:93:16:20:a1:b2:9a:63:81:1b:f9:cf:
c5:2c:8d:77:ab:38:06:dc:bb:fc:be:cb:cf:52:76:
53:a6:18:eb:c4:39:0e:82:98:18:9b:15:62:2b:31:
35:13:de:f0:dd:85:75:46:3f:c0:65:d0:8a:8e:34:
3f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:39:9D:A2:98:07:19:D5:EF:04:08:F7:8C:E4:4F:41:BF:CC:A1:DD
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/lzmdopgHGdXvBAj3jORPQb_Mod0.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
81:07:7e:c0:d2:39:ef:7d:5a:22:19:4b:d7:dc:bf:9b:e2:60:
fd:3d:98:d8:55:8a:b7:2c:11:55:62:b7:39:95:6b:29:40:0a:
29:f2:f3:a2:c4:68:d2:37:09:98:5c:63:88:eb:db:1b:f0:31:
1a:0a:58:24:35:1f:f9:eb:25:e1:cf:84:fe:ba:2b:49:be:c1:
0f:9b:95:69:50:1f:cb:c3:fc:37:42:4d:d2:9f:e5:66:10:6d:
a3:6c:39:4d:71:7f:20:a1:e3:9f:df:8b:a9:82:c7:61:0c:12:
82:03:89:b9:f7:c3:ce:22:ad:b0:ee:54:76:df:df:58:fb:2c:
ff:47:20:4f:fd:c5:88:ab:33:25:82:ab:22:53:40:e7:e9:8f:
59:59:3f:d6:16:ec:c9:91:3d:9c:8c:09:bc:7a:c1:33:09:9a:
7a:4c:75:df:8d:ae:bc:c8:64:2a:12:48:a6:c9:4f:5d:36:ce:
ff:b8:55:fc:d5:ee:38:fe:93:b6:a7:df:30:9d:4b:d7:36:d4:
2f:66:ed:5a:ec:49:c6:97:88:a7:dc:85:a4:ee:73:be:56:83:
25:a2:07:b4:8e:7b:39:e8:82:31:12:24:2c:17:ff:d3:fa:0c:
14:f5:08:93:ce:fa:71:71:66:26:43:f4:43:ed:cd:61:2c:85:
9b:7a:3b:fd
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRWcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjgw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDk3Mzk5REEyOTgwNzE5
RDVFRjA0MDhGNzhDRTQ0RjQxQkZDQ0ExREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCi9mByGPCuM9plYD/WkLDPIwYVbS8+HYUBIrlRKWLmICs/FTJf
QHDCprBUKfWbQRBAkL4LLhoR6Nm480Hq7PmPsluBtKYQJ7a5gvQNwCaznZeb7tk2
Ney+HLyLvq+QS5fP6kn5ABFhmy8VnjU+T3b+K3N3mdhqRAZ7cQud5GvZBpuu1K2r
23Xlp7fsriQvPH2Jy2DPojynXH1FYbDudUoVDvDqxz90sINh7bhwwrbYAXCP6PVk
m+BsQrFUseL8xKbm+s8U5c2TFiChsppjgRv5z8UsjXerOAbcu/y+y89SdlOmGOvE
OQ6CmBibFWIrMTUT3vDdhXVGP8Bl0IqOND/tAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUlzmdopgHGdXvBAj3jORPQb/Mod0wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9sem1kb3BnSEdkWHZCQWozak9SUFFiX01vZDAucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AIEHfsDSOe99WiIZS9fcv5viYP09mNhVircsEVVitzmVaylACiny86LEaNI3CZhc
Y4jr2xvwMRoKWCQ1H/nrJeHPhP66K0m+wQ+blWlQH8vD/DdCTdKf5WYQbaNsOU1x
fyCh45/fi6mCx2EMEoIDibn3w84irbDuVHbf31j7LP9HIE/9xYirMyWCqyJTQOfp
j1lZP9YW7MmRPZyMCbx6wTMJmnpMdd+NrrzIZCoSSKbJT102zv+4VfzV7jj+k7an
3zCdS9c21C9m7VrsScaXiKfchaTuc75WgyWiB7SOeznogjESJCwX/9P6DBT1CJPO
+nFxZiZD9EPtzWEshZt6O/0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org