Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/rHWW9xPMtQN0VUaU3vmMgCWTnpE.roa
File: rHWW9xPMtQN0VUaU3vmMgCWTnpE.roa (raw, json)
Hash identifier: 87XrIKvGy4t1H4RI+nwYz1MZCCmG0KtLNP/2P6Pm08Y=
Subject key identifier: AC:75:96:F7:13:CC:B5:03:74:55:46:94:DE:F9:8C:80:25:93:9E:91
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 47DE
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/rHWW9xPMtQN0VUaU3vmMgCWTnpE.roa
Signing time: Thu 12 May 2022 00:30:07 +0000
ROA not before: Thu 12 May 2022 00:30:07 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18398 (0x47de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 12 00:30:07 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=AC7596F713CCB50374554694DEF98C8025939E91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:da:6c:36:5c:b0:97:57:10:dc:bb:21:6a:bf:
8f:f4:21:22:9d:e1:a6:71:0e:ac:43:f2:cd:62:c9:
b0:ac:ef:34:b9:81:f2:94:81:0e:d4:0e:38:16:59:
72:9b:e5:72:5b:45:f7:d8:df:3b:f8:f6:f6:ab:3a:
6c:80:9c:78:5b:9d:dd:83:9a:9d:43:00:b9:30:07:
1c:12:c8:7e:26:a7:d5:ac:8c:c0:f5:a5:0e:7b:a6:
b2:80:3f:33:79:49:ce:d2:f4:66:47:31:7a:69:b8:
57:04:19:49:52:81:e7:c0:7a:ff:d4:62:c8:76:e9:
e8:b3:b7:0e:76:df:ff:12:5a:44:f9:2a:68:86:cc:
ac:04:27:de:8b:14:8c:0b:0e:ef:a8:8d:87:6f:88:
d5:b7:9b:e1:a6:07:f4:8e:a1:1d:6d:99:8d:8e:c1:
06:16:0a:12:1c:7d:cf:c3:13:67:ed:5e:49:02:53:
e9:37:95:8e:27:00:2d:67:f6:48:8b:ba:c0:d8:dc:
00:58:3b:25:48:00:e5:ae:cf:11:86:2e:22:ed:80:
6f:10:cc:d4:5a:6f:a7:8e:7f:5e:d5:e3:d1:2d:74:
59:a2:e5:96:eb:4a:b9:1d:b7:23:f2:9e:27:a4:ca:
6c:53:2b:8b:cc:20:fd:54:01:7f:27:b7:9d:f6:00:
be:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:75:96:F7:13:CC:B5:03:74:55:46:94:DE:F9:8C:80:25:93:9E:91
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/rHWW9xPMtQN0VUaU3vmMgCWTnpE.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.5.0/24
Signature Algorithm: sha256WithRSAEncryption
99:8e:b3:62:c1:b1:fd:9f:a6:f0:0b:d4:bf:e9:92:a3:b1:39:
52:28:7b:59:c7:43:cb:5f:1b:f4:47:dd:c0:94:94:90:e5:c1:
98:31:c2:a8:05:a4:f4:a1:3d:53:31:0d:f4:54:e4:71:b6:2f:
da:70:5c:b4:7c:99:e7:98:d3:82:5e:0c:93:17:34:60:71:91:
50:86:36:b2:3f:80:66:ca:f6:9c:90:55:f4:e5:b0:1f:2a:c7:
c6:84:89:29:40:72:d0:4d:9c:57:0e:71:e2:16:53:84:44:b0:
ab:4e:2e:06:71:35:25:ca:5f:4d:11:2d:ac:70:3c:91:e9:20:
e8:05:24:6e:43:3f:82:5b:50:99:a4:0f:80:55:b7:4b:3d:bd:
e6:72:67:72:fd:95:31:aa:d8:8d:d6:2b:50:b1:45:60:a3:04:
0a:41:22:ae:fa:18:0c:18:4e:c6:08:91:0a:a4:61:c3:f4:f7:
0e:10:67:a0:88:26:7d:e9:80:69:d9:e3:d2:39:8f:ae:c7:96:
07:e0:20:d0:7b:4b:dd:c2:e2:00:00:34:cd:bc:ce:16:2b:99:
12:e3:9f:d4:13:f0:f7:8a:f5:c8:d9:c0:2e:af:2f:2f:2f:5a:
a7:4c:44:2c:6d:61:cb:c3:59:33:80:0b:4f:7c:a0:46:35:83:
aa:90:8a:98
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR94wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MTIw
MDMwMDdaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEFDNzU5NkY3MTNDQ0I1
MDM3NDU1NDY5NERFRjk4QzgwMjU5MzlFOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK2mw2XLCXVxDcuyFqv4/0ISKd4aZxDqxD8s1iybCs7zS5gfKU
gQ7UDjgWWXKb5XJbRffY3zv49varOmyAnHhbnd2Dmp1DALkwBxwSyH4mp9WsjMD1
pQ57prKAPzN5Sc7S9GZHMXppuFcEGUlSgefAev/UYsh26eiztw523/8SWkT5KmiG
zKwEJ96LFIwLDu+ojYdviNW3m+GmB/SOoR1tmY2OwQYWChIcfc/DE2ftXkkCU+k3
lY4nAC1n9kiLusDY3ABYOyVIAOWuzxGGLiLtgG8QzNRab6eOf17V49EtdFmi5Zbr
SrkdtyPyniekymxTK4vMIP1UAX8nt532AL6TAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUrHWW9xPMtQN0VUaU3vmMgCWTnpEwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ySFdXOXhQTXRRTjBWVWFVM3ZtTWdDV1RucEUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AJmOs2LBsf2fpvAL1L/pkqOxOVIoe1nHQ8tfG/RH3cCUlJDlwZgxwqgFpPShPVMx
DfRU5HG2L9pwXLR8meeY04JeDJMXNGBxkVCGNrI/gGbK9pyQVfTlsB8qx8aEiSlA
ctBNnFcOceIWU4REsKtOLgZxNSXKX00RLaxwPJHpIOgFJG5DP4JbUJmkD4BVt0s9
veZyZ3L9lTGq2I3WK1CxRWCjBApBIq76GAwYTsYIkQqkYcP09w4QZ6CIJn3pgGnZ
49I5j67HlgfgINB7S93C4gAANM28zhYrmRLjn9QT8PeK9cjZwC6vLy8vWqdMRCxt
YcvDWTOAC098oEY1g6qQipg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org