Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/pRNyW8bHMQfMTZq9AhrhzwRinAY.roa
File: pRNyW8bHMQfMTZq9AhrhzwRinAY.roa (raw, json)
Hash identifier: V8ih/+XzW50IAZTb+yw2gT8DomRCscVM9lSPC/peffc=
Subject key identifier: A5:13:72:5B:C6:C7:31:07:CC:4D:9A:BD:02:1A:E1:CF:04:62:9C:06
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43CA
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/pRNyW8bHMQfMTZq9AhrhzwRinAY.roa
Signing time: Sat 26 Feb 2022 00:30:08 +0000
ROA not before: Sat 26 Feb 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17354 (0x43ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 26 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=A513725BC6C73107CC4D9ABD021AE1CF04629C06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c9:ca:f3:ea:70:94:47:b0:c8:a5:79:5d:16:
b3:39:3a:44:d1:9a:64:78:3a:0a:25:ae:fb:57:1d:
c0:f5:7e:02:46:f6:d7:65:a8:ed:2d:cf:9f:76:b7:
35:98:22:f6:fd:0a:26:2b:fd:b8:e4:80:87:b9:fe:
2b:0c:2f:f7:33:c2:c6:cf:7b:e8:33:9d:49:26:f4:
7b:12:ea:47:1a:ef:ed:85:07:6c:b3:ce:2d:19:05:
76:17:be:61:aa:15:33:70:65:ce:a0:0e:80:3f:19:
03:3f:b1:61:6f:5e:72:80:7c:fa:42:bb:d2:ba:35:
fc:55:85:ff:d8:cb:4a:be:44:dc:ad:da:a8:8b:a7:
ab:64:38:89:79:04:3c:5e:f2:86:1c:6e:00:1d:4d:
f3:18:19:d7:93:75:ba:ce:92:2e:ec:05:0f:91:96:
94:db:b9:18:d7:48:fb:91:b4:86:a9:37:b0:70:51:
23:1b:a0:30:59:dd:fd:85:f2:f6:06:f4:2d:82:20:
5e:db:3f:7b:63:3f:de:1f:fa:4f:08:c4:e9:e4:33:
77:13:eb:8a:b9:67:11:76:e8:73:ff:ab:40:41:68:
b4:2c:49:ee:89:1e:0d:c2:ac:65:b3:05:17:61:91:
61:27:d1:49:b1:db:29:be:19:ee:09:78:7f:76:79:
aa:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:13:72:5B:C6:C7:31:07:CC:4D:9A:BD:02:1A:E1:CF:04:62:9C:06
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/pRNyW8bHMQfMTZq9AhrhzwRinAY.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.13.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:9e:c3:8d:c5:6b:1a:fd:5a:9f:a6:34:e4:3d:b6:4f:2d:c4:
1e:b9:51:b6:17:3e:d0:33:32:e0:1d:3d:99:cb:83:64:67:ce:
3b:88:27:71:61:d1:14:02:bb:d0:6a:7e:13:e1:39:3d:83:2b:
51:d2:c9:9b:a9:75:91:18:8b:31:6a:5c:a3:f0:51:63:ea:3c:
2c:2a:c4:ef:d1:a7:42:19:56:93:81:78:c2:6c:0d:f4:04:96:
de:c4:d0:40:b2:36:f0:a7:e7:b7:48:27:cb:71:d0:a1:1d:8f:
aa:80:0e:ce:63:4b:ee:82:4f:c4:36:da:99:99:1f:5d:8d:1f:
92:c2:aa:e3:38:c7:0f:d4:3c:bd:ac:e6:12:ab:2f:2e:6e:83:
87:3f:2b:81:de:f2:08:9c:c5:41:9d:a4:0d:40:03:3b:76:f7:
68:54:85:37:95:74:9f:3e:55:cb:9c:b7:4d:ed:62:a9:05:c8:
b4:61:e7:e3:62:c5:88:d5:ab:d2:66:e2:8f:b0:2d:97:56:92:
45:6e:02:64:f3:02:b0:1e:80:2d:7d:ff:40:3d:9f:ba:d3:5e:
1c:35:d1:10:44:ae:31:32:e7:5b:6b:81:24:6e:bb:23:b1:03:
e0:64:c9:ae:e1:f5:b7:e3:dc:4d:d1:a0:c2:54:62:09:bd:5c:
1a:50:be:74
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ8owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjYw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEE1MTM3MjVCQzZDNzMx
MDdDQzREOUFCRDAyMUFFMUNGMDQ2MjlDMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMycrz6nCUR7DIpXldFrM5OkTRmmR4OgolrvtXHcD1fgJG9tdl
qO0tz592tzWYIvb9CiYr/bjkgIe5/isML/czwsbPe+gznUkm9HsS6kca7+2FB2yz
zi0ZBXYXvmGqFTNwZc6gDoA/GQM/sWFvXnKAfPpCu9K6NfxVhf/Yy0q+RNyt2qiL
p6tkOIl5BDxe8oYcbgAdTfMYGdeTdbrOki7sBQ+RlpTbuRjXSPuRtIapN7BwUSMb
oDBZ3f2F8vYG9C2CIF7bP3tjP94f+k8IxOnkM3cT64q5ZxF26HP/q0BBaLQsSe6J
Hg3CrGWzBRdhkWEn0Umx2ym+Ge4JeH92eaplAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUpRNyW8bHMQfMTZq9AhrhzwRinAYwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9wUk55VzhiSE1RZk1UWnE5QWhyaHp3UmluQVkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AEyew43Faxr9Wp+mNOQ9tk8txB65UbYXPtAzMuAdPZnLg2RnzjuIJ3Fh0RQCu9Bq
fhPhOT2DK1HSyZupdZEYizFqXKPwUWPqPCwqxO/Rp0IZVpOBeMJsDfQElt7E0ECy
NvCn57dIJ8tx0KEdj6qADs5jS+6CT8Q22pmZH12NH5LCquM4xw/UPL2s5hKrLy5u
g4c/K4He8gicxUGdpA1AAzt292hUhTeVdJ8+Vcuct03tYqkFyLRh5+NixYjVq9Jm
4o+wLZdWkkVuAmTzArAegC19/0A9n7rTXhw10RBErjEy51trgSRuuyOxA+Bkya7h
9bfj3E3RoMJUYgm9XBpQvnQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org