Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/qE3CT4TEYur9275xro6hof9vC1U.roa
File: qE3CT4TEYur9275xro6hof9vC1U.roa (raw, json)
Hash identifier: ZkWExy9XrLwsagtEojdJVTS9j2DVgHHbZ+YlNeaWo/c=
Subject key identifier: A8:4D:C2:4F:84:C4:62:EA:FD:DB:BE:71:AE:8E:A1:A1:FF:6F:0B:55
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4575
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/qE3CT4TEYur9275xro6hof9vC1U.roa
Signing time: Tue 29 Mar 2022 00:30:07 +0000
ROA not before: Tue 29 Mar 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17781 (0x4575)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 29 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=A84DC24F84C462EAFDDBBE71AE8EA1A1FF6F0B55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d3:ea:ea:01:f8:d6:e4:b2:f3:08:25:36:a3:
bd:2e:16:1b:31:ee:0f:68:b6:dd:2f:54:56:ad:76:
fb:f0:de:ac:28:39:95:48:59:24:e4:4c:30:c4:5a:
6b:03:58:94:d7:fe:df:20:da:3a:32:c9:c5:cc:39:
9f:99:8b:ca:14:ab:c5:34:15:99:f2:94:b4:09:f5:
56:bb:0e:55:3d:46:88:fc:99:45:a6:d2:f1:20:95:
e2:ee:b5:1d:5c:4a:3b:e6:4c:5b:07:32:b5:b8:cc:
b6:7c:1b:b9:6d:d3:b9:4f:6d:e3:57:0a:76:64:dc:
0c:8c:cc:ad:64:90:12:4b:d6:59:13:af:f8:6e:1d:
52:b7:2b:89:be:7c:81:81:d5:da:59:bf:40:51:d2:
9c:0b:cf:b8:8b:8d:1a:38:d1:d2:dc:75:65:68:46:
a0:90:24:dc:af:fe:59:85:c5:3c:c0:b8:74:ff:63:
c6:17:39:da:e7:06:73:84:68:85:e1:3a:8a:d8:b3:
f3:1d:f7:16:31:05:b6:74:e0:e6:22:4a:f6:92:ab:
e2:a8:43:dd:3d:cf:f9:48:d6:35:8a:5e:fd:38:05:
7b:09:ff:a3:57:5b:4b:3a:5d:46:fe:23:39:78:52:
e4:eb:8c:28:33:2c:e6:f9:75:94:59:7d:49:3b:46:
b7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:4D:C2:4F:84:C4:62:EA:FD:DB:BE:71:AE:8E:A1:A1:FF:6F:0B:55
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/qE3CT4TEYur9275xro6hof9vC1U.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
90:00:d9:a5:24:38:0a:72:e3:f0:99:a5:35:20:47:9e:d8:65:
8b:78:78:a2:92:6d:5e:6d:ad:75:b6:34:89:7d:02:ee:ce:72:
cb:db:3f:e4:71:94:87:18:cc:0f:a7:f9:fb:b4:af:4d:13:12:
2a:65:0c:07:07:e0:36:fa:d6:22:e4:d0:bd:ca:89:55:2f:67:
16:ec:a2:27:e5:d4:03:2c:8d:7c:9b:9e:de:bf:1c:02:37:5a:
cb:04:f0:41:7e:b9:92:72:c8:08:e5:57:d1:de:67:b7:db:c2:
bc:c5:fd:08:60:a0:6c:56:cb:93:69:17:40:4a:76:8b:bd:ed:
01:f8:df:dc:19:ff:4b:d6:a5:a7:a9:37:d4:27:56:1a:ac:16:
52:bd:23:21:d9:db:b7:cb:4b:1f:db:6a:1e:c5:a3:02:21:4e:
55:a7:09:70:3a:cb:42:61:d2:20:29:41:1a:b6:0f:2b:31:c4:
e0:88:45:ab:9b:3a:35:ed:83:e7:ee:6f:33:23:81:f9:47:03:
60:08:80:59:8a:9b:b8:ab:70:9a:78:b7:31:48:48:7a:a5:72:
5a:fa:1e:ad:47:93:ce:09:d4:54:d1:18:b5:98:87:cd:7e:35:
8e:1e:79:c6:db:f5:2f:e8:2a:d2:c2:af:9d:4e:60:bf:60:32:
91:08:27:9e
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRXUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjkw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEE4NERDMjRGODRDNDYy
RUFGRERCQkU3MUFFOEVBMUExRkY2RjBCNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDp0+rqAfjW5LLzCCU2o70uFhsx7g9ott0vVFatdvvw3qwoOZVI
WSTkTDDEWmsDWJTX/t8g2joyycXMOZ+Zi8oUq8U0FZnylLQJ9Va7DlU9Roj8mUWm
0vEgleLutR1cSjvmTFsHMrW4zLZ8G7lt07lPbeNXCnZk3AyMzK1kkBJL1lkTr/hu
HVK3K4m+fIGB1dpZv0BR0pwLz7iLjRo40dLcdWVoRqCQJNyv/lmFxTzAuHT/Y8YX
OdrnBnOEaIXhOorYs/Md9xYxBbZ04OYiSvaSq+KoQ909z/lI1jWKXv04BXsJ/6NX
W0s6XUb+Izl4UuTrjCgzLOb5dZRZfUk7RrchAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUqE3CT4TEYur9275xro6hof9vC1UwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9xRTNDVDRURVl1cjkyNzV4cm82aG9mOXZDMVUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AJAA2aUkOApy4/CZpTUgR57YZYt4eKKSbV5trXW2NIl9Au7OcsvbP+RxlIcYzA+n
+fu0r00TEiplDAcH4Db61iLk0L3KiVUvZxbsoifl1AMsjXybnt6/HAI3WssE8EF+
uZJyyAjlV9HeZ7fbwrzF/QhgoGxWy5NpF0BKdou97QH439wZ/0vWpaepN9QnVhqs
FlK9IyHZ27fLSx/bah7FowIhTlWnCXA6y0Jh0iApQRq2DysxxOCIRaubOjXtg+fu
bzMjgflHA2AIgFmKm7ircJp4tzFISHqlclr6Hq1Hk84J1FTRGLWYh81+NY4eecbb
9S/oKtLCr51OYL9gMpEIJ54=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org