Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/mIuzSWPus1eHqwM54QIneI1s1f8.roa
File: mIuzSWPus1eHqwM54QIneI1s1f8.roa (raw, json)
Hash identifier: aXjTnsgwWQCWHG0Jif4T5jcU9vn+DJcSkRgj9Nf2lw0=
Subject key identifier: 98:8B:B3:49:63:EE:B3:57:87:AB:03:39:E1:02:27:78:8D:6C:D5:FF
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4840
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/mIuzSWPus1eHqwM54QIneI1s1f8.roa
Signing time: Thu 19 May 2022 00:30:05 +0000
ROA not before: Thu 19 May 2022 00:30:05 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18496 (0x4840)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 19 00:30:05 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=988BB34963EEB35787AB0339E10227788D6CD5FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a6:3c:0a:68:b6:e2:48:d5:14:dc:5b:f5:3f:
68:90:50:28:49:49:24:b7:d1:f4:bc:98:ee:68:c1:
87:11:c3:67:e2:62:4f:8f:d0:40:5e:15:d5:6b:6e:
f6:18:b3:ef:c7:73:8a:80:ae:59:9f:2c:3e:09:69:
67:dc:57:c1:06:20:c6:2f:e4:93:60:1f:b9:18:db:
32:65:3b:41:b3:17:82:84:f7:0a:c5:61:bb:86:68:
16:20:66:80:4b:f3:42:63:ac:4c:81:73:0a:31:20:
25:71:74:b7:86:d4:f6:16:49:45:42:10:d1:fa:86:
59:ae:b4:3a:f9:9d:b1:d5:ce:58:e5:78:1b:73:95:
9f:11:52:c6:a4:89:cf:e2:7d:92:95:e1:8e:42:15:
ca:60:e8:75:ef:20:07:58:ad:02:8a:60:dd:19:fe:
9e:75:5e:8f:66:29:23:e2:82:cb:85:06:8a:91:71:
db:86:0b:7e:56:cd:c4:97:b2:86:64:ef:1b:f0:4d:
61:cf:84:58:c8:9f:c4:5b:ae:89:53:d8:d8:8e:ee:
8a:98:c8:9a:9d:99:51:5b:ae:72:ce:79:48:4a:21:
83:87:44:01:58:36:62:11:94:2a:ee:be:80:d7:7f:
71:47:b5:49:ba:84:c5:21:79:0d:1c:e6:e8:28:e1:
2a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:8B:B3:49:63:EE:B3:57:87:AB:03:39:E1:02:27:78:8D:6C:D5:FF
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/mIuzSWPus1eHqwM54QIneI1s1f8.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:eb:5e:c7:77:a8:86:0e:84:87:85:8d:e4:9f:0a:5e:20:27:
5c:d4:41:f6:32:9e:fd:84:db:14:62:35:65:f9:c9:43:7b:f5:
c2:17:4a:97:2a:ad:1a:7c:5f:08:4a:d1:97:d1:7f:73:4f:fe:
52:f9:93:54:d7:25:56:e4:3d:ca:97:e8:9f:8a:5d:66:98:85:
61:af:a2:ee:51:a1:bb:14:85:39:78:00:ce:0f:07:16:c8:e0:
17:06:c7:b6:ba:8a:83:ed:94:6a:0e:c3:52:fe:2f:ee:39:fa:
bc:4a:df:1e:8b:3c:a4:27:a9:97:81:21:0d:ca:e8:4e:ca:fe:
e9:16:77:c5:15:50:68:0f:73:ad:8d:b1:a3:07:96:dc:ab:d2:
fb:e0:78:c3:6a:2f:35:96:e1:62:9b:e4:a6:56:83:99:55:77:
5e:ce:63:1a:9b:a7:ad:99:e5:48:29:83:43:bc:f6:79:e4:6e:
15:c6:54:2a:2e:61:1c:69:cb:0c:d7:a8:b3:c3:98:07:c6:f5:
47:a0:b8:b2:d8:13:58:a8:d1:a0:e4:9e:cf:37:49:06:7c:b9:
d8:b0:f5:8d:88:57:6b:66:5d:86:5b:1e:51:2e:5f:25:88:8b:
59:94:38:f1:5c:c3:3e:6d:67:53:2d:c8:96:5b:0f:74:a5:99:
84:dd:4f:b7
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSEAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MTkw
MDMwMDVaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDk4OEJCMzQ5NjNFRUIz
NTc4N0FCMDMzOUUxMDIyNzc4OEQ2Q0Q1RkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9pjwKaLbiSNUU3Fv1P2iQUChJSSS30fS8mO5owYcRw2fiYk+P
0EBeFdVrbvYYs+/Hc4qArlmfLD4JaWfcV8EGIMYv5JNgH7kY2zJlO0GzF4KE9wrF
YbuGaBYgZoBL80JjrEyBcwoxICVxdLeG1PYWSUVCENH6hlmutDr5nbHVzljleBtz
lZ8RUsakic/ifZKV4Y5CFcpg6HXvIAdYrQKKYN0Z/p51Xo9mKSPigsuFBoqRcduG
C35WzcSXsoZk7xvwTWHPhFjIn8RbrolT2NiO7oqYyJqdmVFbrnLOeUhKIYOHRAFY
NmIRlCruvoDXf3FHtUm6hMUheQ0c5ugo4SpZAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUmIuzSWPus1eHqwM54QIneI1s1f8wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9tSXV6U1dQdXMxZUhxd001NFFJbmVJMXMxZjgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
ACvrXsd3qIYOhIeFjeSfCl4gJ1zUQfYynv2E2xRiNWX5yUN79cIXSpcqrRp8XwhK
0ZfRf3NP/lL5k1TXJVbkPcqX6J+KXWaYhWGvou5RobsUhTl4AM4PBxbI4BcGx7a6
ioPtlGoOw1L+L+45+rxK3x6LPKQnqZeBIQ3K6E7K/ukWd8UVUGgPc62NsaMHltyr
0vvgeMNqLzWW4WKb5KZWg5lVd17OYxqbp62Z5Ugpg0O89nnkbhXGVCouYRxpywzX
qLPDmAfG9UeguLLYE1io0aDkns83SQZ8udiw9Y2IV2tmXYZbHlEuXyWIi1mUOPFc
wz5tZ1MtyJZbD3SlmYTdT7c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org