Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/s9LDZPwc-T6P7bGBdPVGEf0lrsw.roa
File: s9LDZPwc-T6P7bGBdPVGEf0lrsw.roa (raw, json)
Hash identifier: WGmnMjyzmOEvjRGq8EeQOVL6sYco7Ov7pyMvLxP/1ww=
Subject key identifier: B3:D2:C3:64:FC:1C:F9:3E:8F:ED:B1:81:74:F5:46:11:FD:25:AE:CC
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 43DB
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/s9LDZPwc-T6P7bGBdPVGEf0lrsw.roa
Signing time: Sun 27 Feb 2022 00:30:14 +0000
ROA not before: Sun 27 Feb 2022 00:30:14 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17371 (0x43db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 27 00:30:14 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=B3D2C364FC1CF93E8FEDB18174F54611FD25AECC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:67:ed:5a:8f:cc:20:27:51:c3:4b:54:97:08:
49:61:41:ce:15:70:46:57:8f:d0:89:63:11:cb:0e:
26:a6:d5:26:b0:d2:82:a1:69:b6:b8:2b:23:14:32:
2d:9a:c5:c4:db:ee:4b:d1:03:04:9c:ac:84:cd:63:
a0:af:60:89:ba:26:3d:a8:07:db:26:f3:ea:2e:d2:
4d:ab:4b:4d:25:c1:0e:d7:be:59:f3:1b:56:22:dd:
ec:c7:09:11:93:27:24:41:48:4f:d2:2f:35:31:aa:
cb:9c:c2:b2:04:7d:d8:b2:b0:26:87:0d:1a:d0:9e:
6c:3a:b0:f4:0a:fd:36:e4:e5:cd:49:a9:34:de:5d:
cd:7a:ff:65:61:6b:19:19:f0:a6:4e:b4:65:4a:73:
30:90:9a:5c:9d:7c:1a:97:b4:cf:c7:7a:36:9a:69:
a5:d0:b4:35:5e:c6:0c:ce:1f:cf:7b:71:76:9c:77:
64:ff:f1:f3:64:5e:36:0f:71:75:f7:77:55:3b:b0:
87:4c:1e:26:f1:5f:2f:9a:91:28:72:0e:03:54:6e:
cd:74:c9:e2:ed:87:94:22:fa:b7:0f:3c:b5:08:1e:
56:f2:03:79:5f:85:91:e3:ac:a3:01:bf:a6:ba:3f:
8f:ef:13:88:42:1e:0d:08:38:bc:0f:1c:b7:e0:1f:
0a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D2:C3:64:FC:1C:F9:3E:8F:ED:B1:81:74:F5:46:11:FD:25:AE:CC
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/s9LDZPwc-T6P7bGBdPVGEf0lrsw.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ff:08:a5:70:eb:93:f1:55:00:9b:1d:8a:a8:0d:47:08:55:
67:69:6f:2f:b9:b1:88:4f:b8:bf:df:62:20:e3:6f:c5:e5:4b:
b1:32:23:ac:5f:47:60:8a:bb:3c:0d:14:60:fa:8d:a2:1c:f4:
2e:bc:69:43:db:c2:78:6d:c4:8e:e8:69:91:29:3f:e2:d4:5e:
d2:21:93:a7:6e:1a:51:2d:f7:35:29:52:e2:64:da:0d:30:70:
60:f7:e4:9f:d8:f5:a1:3f:74:65:e4:e7:67:95:4a:34:48:08:
68:55:ef:d9:ee:34:18:8f:b0:34:47:74:26:b5:f9:5b:c3:50:
76:76:db:d8:34:32:1e:24:fe:b6:fd:1f:17:94:1e:66:fc:28:
d6:8e:71:4a:90:38:b9:67:18:db:03:37:fa:00:98:2d:a4:6c:
ae:8c:6f:51:a9:47:a4:94:5c:56:19:45:42:91:dd:d3:a5:50:
94:49:90:a2:c7:e9:9a:b3:d7:33:60:5f:28:c4:f0:50:67:47:
f5:ea:62:1d:7b:05:d6:04:e2:7e:98:44:b8:da:89:59:a0:f7:
43:df:97:96:95:79:51:2a:77:5a:e6:6f:2d:9f:a8:2b:a1:99:
46:ba:a1:22:3d:f2:02:aa:e4:de:4e:49:50:ce:ac:4f:4a:b2:
14:e7:66:eb
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ9swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjcw
MDMwMTRaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEIzRDJDMzY0RkMxQ0Y5
M0U4RkVEQjE4MTc0RjU0NjExRkQyNUFFQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYZ+1aj8wgJ1HDS1SXCElhQc4VcEZXj9CJYxHLDiam1Saw0oKh
aba4KyMUMi2axcTb7kvRAwScrITNY6CvYIm6Jj2oB9sm8+ou0k2rS00lwQ7Xvlnz
G1Yi3ezHCRGTJyRBSE/SLzUxqsucwrIEfdiysCaHDRrQnmw6sPQK/Tbk5c1JqTTe
Xc16/2VhaxkZ8KZOtGVKczCQmlydfBqXtM/HejaaaaXQtDVexgzOH897cXacd2T/
8fNkXjYPcXX3d1U7sIdMHibxXy+akShyDgNUbs10yeLth5Qi+rcPPLUIHlbyA3lf
hZHjrKMBv6a6P4/vE4hCHg0IOLwPHLfgHwrpAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUs9LDZPwc+T6P7bGBdPVGEf0lrswwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9zOUxEWlB3Yy1UNlA3YkdCZFBWR0VmMGxyc3cucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AAP/CKVw65PxVQCbHYqoDUcIVWdpby+5sYhPuL/fYiDjb8XlS7EyI6xfR2CKuzwN
FGD6jaIc9C68aUPbwnhtxI7oaZEpP+LUXtIhk6duGlEt9zUpUuJk2g0wcGD35J/Y
9aE/dGXk52eVSjRICGhV79nuNBiPsDRHdCa1+VvDUHZ229g0Mh4k/rb9HxeUHmb8
KNaOcUqQOLlnGNsDN/oAmC2kbK6Mb1GpR6SUXFYZRUKR3dOlUJRJkKLH6Zqz1zNg
XyjE8FBnR/XqYh17BdYE4n6YRLjaiVmg90Pfl5aVeVEqd1rmby2fqCuhmUa6oSI9
8gKq5N5OSVDOrE9KshTnZus=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org