Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/oJsi3IeLrxB07Ahc9HlCUCeBg5w.roa
File: oJsi3IeLrxB07Ahc9HlCUCeBg5w.roa (raw, json)
Hash identifier: 95vM2OSP51lZnseciTVfqbkONx4uJoNC2EWhUEbRUoI=
Subject key identifier: A0:9B:22:DC:87:8B:AF:10:74:EC:08:5C:F4:79:42:50:27:81:83:9C
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 45E6
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/oJsi3IeLrxB07Ahc9HlCUCeBg5w.roa
Signing time: Wed 06 Apr 2022 00:30:05 +0000
ROA not before: Wed 06 Apr 2022 00:30:05 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17894 (0x45e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 6 00:30:05 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=A09B22DC878BAF1074EC085CF47942502781839C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ab:b6:56:f9:8b:13:58:e7:5d:63:64:96:fe:
52:38:ad:85:5f:67:21:45:bf:89:c5:f7:ec:5b:94:
b5:cd:c0:ea:a9:91:9a:45:5d:cd:54:8a:4d:37:78:
06:b0:50:35:ee:60:30:51:51:72:bd:bb:e3:d3:71:
70:17:2c:f9:50:2a:68:15:20:80:1e:29:57:50:75:
b5:39:ef:5d:b7:1b:12:5b:31:99:37:f2:26:1c:b3:
0c:44:8a:d9:75:37:26:cb:5f:5c:a3:33:77:4c:cd:
16:21:7d:ee:5e:6c:19:00:01:67:3f:90:1a:ba:20:
74:a0:0b:28:cc:a9:3c:90:10:53:cb:0b:cf:37:0b:
1c:32:58:c1:1f:67:71:32:77:02:46:66:7e:9f:f4:
d1:8e:cf:81:2a:2f:5f:64:c4:a3:38:85:c2:17:43:
b3:69:66:8c:33:22:63:85:87:82:0e:d0:9a:e3:1a:
5d:54:e9:26:41:ba:20:ee:a8:9b:52:fb:fe:d1:5f:
b8:a1:a4:03:3d:ea:8c:0f:56:12:de:8c:28:3b:71:
34:da:15:2c:e9:49:1a:26:fa:d0:43:94:96:98:b0:
b3:d1:25:77:31:88:c1:95:c2:30:0e:bc:66:93:e8:
93:fa:b4:5a:7e:15:62:8c:29:25:da:23:9b:80:f4:
74:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:9B:22:DC:87:8B:AF:10:74:EC:08:5C:F4:79:42:50:27:81:83:9C
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/oJsi3IeLrxB07Ahc9HlCUCeBg5w.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:ac:77:a3:2d:53:ca:15:41:d3:f4:b0:58:6a:a1:48:7d:b0:
1e:80:77:9e:ce:f1:aa:2b:8a:b5:f0:95:fe:63:c7:47:1d:28:
78:41:c9:9c:51:65:ca:82:00:d9:90:7f:bd:a8:2f:44:d4:35:
a3:36:be:74:e8:4f:17:88:07:6c:37:95:67:c3:9e:7f:94:80:
46:f1:35:bd:a4:be:4f:49:bc:7f:7e:36:c0:92:e2:2f:e1:2d:
81:a0:dc:b5:ef:5a:ac:cb:32:f1:7c:29:b4:d7:8c:d6:89:69:
d5:b6:b9:65:f5:39:7a:4f:09:3b:53:af:ae:3b:ad:33:e1:32:
cd:b5:36:86:86:a1:76:0c:db:77:e7:97:13:76:9b:88:50:4b:
da:ec:48:44:62:a5:fa:ad:5f:f7:9e:2a:8c:b4:74:5a:fd:80:
ca:1d:bc:c1:bd:40:2e:7f:a5:fc:c6:94:6a:f4:87:56:61:cf:
3c:1d:19:ab:76:47:37:c7:19:e8:ee:64:85:bd:61:8c:60:de:
1c:7d:cd:89:ea:a7:ca:56:3b:39:22:0d:f2:74:94:9e:43:73:
ac:0b:9a:79:b0:b7:23:48:1d:1a:74:ee:b0:63:cd:19:ca:ff:
d0:02:ae:01:1a:64:50:ed:a1:23:78:e7:7a:6c:4f:fa:fa:84:
c3:fe:fc:62
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICReYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MDYw
MDMwMDVaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEEwOUIyMkRDODc4QkFG
MTA3NEVDMDg1Q0Y0Nzk0MjUwMjc4MTgzOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxq7ZW+YsTWOddY2SW/lI4rYVfZyFFv4nF9+xblLXNwOqpkZpF
Xc1Uik03eAawUDXuYDBRUXK9u+PTcXAXLPlQKmgVIIAeKVdQdbU57123GxJbMZk3
8iYcswxEitl1NybLX1yjM3dMzRYhfe5ebBkAAWc/kBq6IHSgCyjMqTyQEFPLC883
CxwyWMEfZ3EydwJGZn6f9NGOz4EqL19kxKM4hcIXQ7NpZowzImOFh4IO0JrjGl1U
6SZBuiDuqJtS+/7RX7ihpAM96owPVhLejCg7cTTaFSzpSRom+tBDlJaYsLPRJXcx
iMGVwjAOvGaT6JP6tFp+FWKMKSXaI5uA9HQZAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUoJsi3IeLrxB07Ahc9HlCUCeBg5wwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9vSnNpM0llTHJ4QjA3QWhjOUhsQ1VDZUJnNXcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
ALCsd6MtU8oVQdP0sFhqoUh9sB6Ad57O8aorirXwlf5jx0cdKHhByZxRZcqCANmQ
f72oL0TUNaM2vnToTxeIB2w3lWfDnn+UgEbxNb2kvk9JvH9+NsCS4i/hLYGg3LXv
WqzLMvF8KbTXjNaJadW2uWX1OXpPCTtTr647rTPhMs21NoaGoXYM23fnlxN2m4hQ
S9rsSERipfqtX/eeKoy0dFr9gModvMG9QC5/pfzGlGr0h1ZhzzwdGat2RzfHGeju
ZIW9YYxg3hx9zYnqp8pWOzkiDfJ0lJ5Dc6wLmnmwtyNIHRp07rBjzRnK/9ACrgEa
ZFDtoSN453psT/r6hMP+/GI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org