Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/qpAcwWGGsTdWgr1szAC4PchtRuA.roa
File: qpAcwWGGsTdWgr1szAC4PchtRuA.roa (raw, json)
Hash identifier: w/KEs5cYC8pUalDc827wJMH3zG9HPfr/JpeYYKMWUGQ=
Subject key identifier: AA:90:1C:C1:61:86:B1:37:56:82:BD:6C:CC:00:B8:3D:C8:6D:46:E0
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4257
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/qpAcwWGGsTdWgr1szAC4PchtRuA.roa
Signing time: Sun 30 Jan 2022 00:30:08 +0000
ROA not before: Sun 30 Jan 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16983 (0x4257)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jan 30 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=AA901CC16186B1375682BD6CCC00B83DC86D46E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:13:e2:8e:97:de:3b:a3:29:35:1d:d3:ae:09:
82:9e:3c:69:68:2a:57:d0:d4:49:17:a3:e2:66:5a:
17:85:a7:5a:9f:eb:6b:ef:a2:33:ff:64:ba:8e:21:
a0:aa:4f:48:d4:ee:69:98:bd:fe:4c:51:64:89:72:
a0:75:5b:d0:3c:f6:6c:ce:56:bd:df:fd:3a:f0:57:
09:eb:1d:20:3f:1b:85:7c:49:e6:3c:7c:f4:d6:3c:
ad:f3:a3:79:af:69:37:80:bc:f6:65:e0:3d:7d:ab:
2d:20:84:6f:89:0a:37:2c:3b:4e:6d:86:fb:50:31:
b2:2e:0e:28:1f:c9:ae:29:44:8e:c5:23:49:93:df:
da:d8:3b:62:9d:6b:b6:88:f2:b5:44:12:0b:bb:3a:
97:de:b8:a6:27:52:4c:21:b5:6a:22:9b:f0:f1:64:
25:6f:e1:2b:8f:13:39:2c:73:aa:c2:9b:a3:e1:bc:
83:76:e9:44:2d:79:b2:25:25:84:ff:52:35:bd:78:
16:ef:22:59:21:f1:b2:37:76:41:45:ee:75:76:65:
35:18:2c:85:94:13:1d:01:e4:93:07:1b:f7:b1:d9:
23:11:1a:b6:3d:9a:77:c8:a4:7e:0e:4f:1d:bf:e4:
c5:59:62:b9:e7:f7:16:cd:69:39:b2:3a:d9:2c:3c:
d8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:90:1C:C1:61:86:B1:37:56:82:BD:6C:CC:00:B8:3D:C8:6D:46:E0
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/qpAcwWGGsTdWgr1szAC4PchtRuA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:82:c8:22:d5:cb:2f:9d:f0:87:8f:dd:12:c5:5c:74:6f:ed:
35:de:ab:94:e8:4a:98:12:e7:cc:4b:bd:30:28:ae:b3:bc:81:
08:39:ec:4b:2c:d5:43:04:89:7b:ae:40:f6:f5:fd:7e:9a:97:
c1:7c:05:64:53:9e:ea:12:6d:7d:e1:97:b1:52:eb:0c:11:23:
04:23:6b:fb:5e:b1:e3:53:8b:f5:c1:7f:22:2e:05:d6:88:0b:
7c:51:00:e4:18:19:2d:8e:d3:4f:f2:c6:20:06:b1:3c:0d:ca:
2f:90:d0:81:aa:c9:f4:7e:d9:9d:49:c5:28:a8:ec:ba:dc:92:
6b:ea:13:af:5c:f6:de:9a:87:0d:f5:3f:e7:5c:30:10:73:e6:
54:b3:29:4b:50:5b:12:e8:ca:c4:28:08:73:37:1e:1b:95:c6:
be:fe:81:ea:43:b4:63:59:cb:47:4a:e4:5c:bf:e7:a9:a9:9b:
f0:85:0d:55:01:a2:dc:8e:fd:f9:0a:ed:c2:03:94:64:dd:5e:
c2:10:a9:5e:a3:ba:a7:78:8f:41:4d:3e:06:0b:df:28:49:b9:
bc:88:df:2f:6e:79:a0:70:b3:a7:42:48:68:ba:45:f1:dc:52:
f7:ac:ef:7b:eb:9e:ae:e2:09:53:9b:06:cd:fe:4b:79:46:d4:
f3:4d:f7:b5
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQlcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAxMzAw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEFBOTAxQ0MxNjE4NkIx
Mzc1NjgyQkQ2Q0NDMDBCODNEQzg2RDQ2RTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfE+KOl947oyk1HdOuCYKePGloKlfQ1EkXo+JmWheFp1qf62vv
ojP/ZLqOIaCqT0jU7mmYvf5MUWSJcqB1W9A89mzOVr3f/TrwVwnrHSA/G4V8SeY8
fPTWPK3zo3mvaTeAvPZl4D19qy0ghG+JCjcsO05thvtQMbIuDigfya4pRI7FI0mT
39rYO2Kda7aI8rVEEgu7OpfeuKYnUkwhtWoim/DxZCVv4SuPEzksc6rCm6PhvIN2
6UQtebIlJYT/UjW9eBbvIlkh8bI3dkFF7nV2ZTUYLIWUEx0B5JMHG/ex2SMRGrY9
mnfIpH4OTx2/5MVZYrnn9xbNaTmyOtksPNhpAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUqpAcwWGGsTdWgr1szAC4PchtRuAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9xcEFjd1dHR3NUZFdncjFzekFDNFBjaHRSdUEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AAyCyCLVyy+d8IeP3RLFXHRv7TXeq5ToSpgS58xLvTAorrO8gQg57Ess1UMEiXuu
QPb1/X6al8F8BWRTnuoSbX3hl7FS6wwRIwQja/teseNTi/XBfyIuBdaIC3xRAOQY
GS2O00/yxiAGsTwNyi+Q0IGqyfR+2Z1JxSio7LrckmvqE69c9t6ahw31P+dcMBBz
5lSzKUtQWxLoysQoCHM3HhuVxr7+gepDtGNZy0dK5Fy/56mpm/CFDVUBotyO/fkK
7cIDlGTdXsIQqV6juqd4j0FNPgYL3yhJubyI3y9ueaBws6dCSGi6RfHcUves73vr
nq7iCVObBs3+S3lG1PNN97U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org