Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/tGhwC-rZhuFp8oAj_qPXbLWVSfE.roa
File: tGhwC-rZhuFp8oAj_qPXbLWVSfE.roa (raw, json)
Hash identifier: Yeu9R5zykaVcU6FkQ8NbUGJJIy/lBLesSRBnNEhGGsM=
Subject key identifier: B4:68:70:0B:EA:D9:86:E1:69:F2:80:23:FE:A3:D7:6C:B5:95:49:F1
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 493A
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/tGhwC-rZhuFp8oAj_qPXbLWVSfE.roa
Signing time: Fri 03 Jun 2022 00:30:13 +0000
ROA not before: Fri 03 Jun 2022 00:30:13 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18746 (0x493a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 3 00:30:13 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=B468700BEAD986E169F28023FEA3D76CB59549F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:29:2c:86:53:af:68:bd:4e:f3:46:86:cd:da:
c0:b3:c4:e3:b4:31:dd:75:55:38:34:58:dc:95:07:
f3:4c:2a:35:29:04:5f:99:73:38:67:a2:57:0b:a8:
6f:4f:ff:e2:e7:7c:ef:ed:56:0b:31:24:bf:83:ce:
5d:02:d3:7c:f9:10:92:b6:06:4a:03:e6:13:26:f7:
ee:9f:c9:b3:4b:57:75:08:6d:cd:f3:36:02:0f:ad:
d5:df:96:76:6f:f2:86:e0:b9:28:f7:ee:37:1d:6c:
50:8d:e6:82:67:8e:15:33:d9:32:4c:85:9a:0c:60:
75:c1:72:53:26:9b:2c:d4:cd:96:eb:57:7e:1b:75:
c2:5f:3d:c0:36:f0:06:9a:16:c4:52:59:9e:63:40:
d2:b8:c9:b3:e6:8d:66:38:ad:92:f9:74:ff:d7:41:
47:76:bf:73:18:8a:05:17:01:37:61:74:b9:63:41:
ce:90:6a:05:b5:5d:1e:e8:26:78:66:ad:8b:1e:d3:
b4:90:e5:e2:96:09:29:26:0d:17:a6:06:6d:44:1d:
f1:17:75:00:a1:3d:f2:c6:9e:c0:64:4f:e5:5b:c9:
88:c4:fc:91:9c:4d:e9:b1:5c:1e:86:89:b1:8a:6b:
af:c2:fb:8b:10:d1:54:1b:3a:b1:14:d5:96:e6:8e:
ac:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:68:70:0B:EA:D9:86:E1:69:F2:80:23:FE:A3:D7:6C:B5:95:49:F1
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/tGhwC-rZhuFp8oAj_qPXbLWVSfE.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.10.0/24
Signature Algorithm: sha256WithRSAEncryption
79:6d:3f:32:4a:5f:aa:1d:56:f5:bc:86:bb:d2:77:84:dd:0f:
79:c9:76:35:86:38:d8:f7:40:64:d0:29:a6:5d:d9:40:25:da:
46:d0:79:bd:5e:67:15:e3:0e:62:5f:63:ab:de:8c:06:a2:b0:
71:8d:0d:ed:35:2a:27:69:e8:44:8e:3c:d9:47:22:4c:92:55:
a2:6f:5c:2f:07:2e:6e:f8:9d:dd:7d:2c:0a:56:26:d2:3a:72:
1b:b8:78:85:08:5b:4e:49:4f:0e:f7:3b:d4:75:d7:54:fe:eb:
72:1f:1b:3b:ac:7e:30:3a:65:5a:52:26:29:18:b3:b3:04:0d:
ab:84:85:82:37:b4:36:c0:00:ca:c8:af:16:0e:01:a7:d5:6d:
5b:fe:e5:36:6a:d2:50:98:f8:ec:c8:e2:a1:43:c7:bd:ed:8f:
21:8b:b9:5a:36:5b:33:32:b1:ff:79:f9:64:19:c5:89:ef:5b:
39:9e:a8:37:79:23:1c:02:bc:4c:cd:de:df:78:68:7d:66:f7:
8b:58:53:6c:ea:eb:2b:7f:e2:2f:52:d8:bd:2a:ea:c5:16:78:
83:90:72:3e:36:72:3d:20:9a:b6:7d:74:13:a3:50:d8:b4:11:
08:f7:00:91:b5:e5:95:7b:ea:4c:8a:8f:84:8f:bb:cd:ec:b0:
f7:b3:ff:46
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSTowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDMw
MDMwMTNaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEI0Njg3MDBCRUFEOTg2
RTE2OUYyODAyM0ZFQTNENzZDQjU5NTQ5RjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClKSyGU69ovU7zRobN2sCzxOO0Md11VTg0WNyVB/NMKjUpBF+Z
czhnolcLqG9P/+LnfO/tVgsxJL+Dzl0C03z5EJK2BkoD5hMm9+6fybNLV3UIbc3z
NgIPrdXflnZv8obguSj37jcdbFCN5oJnjhUz2TJMhZoMYHXBclMmmyzUzZbrV34b
dcJfPcA28AaaFsRSWZ5jQNK4ybPmjWY4rZL5dP/XQUd2v3MYigUXATdhdLljQc6Q
agW1XR7oJnhmrYse07SQ5eKWCSkmDRemBm1EHfEXdQChPfLGnsBkT+VbyYjE/JGc
TemxXB6GibGKa6/C+4sQ0VQbOrEU1ZbmjqwjAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUtGhwC+rZhuFp8oAj/qPXbLWVSfEwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS90R2h3Qy1yWmh1RnA4b0FqX3FQWGJMV1ZTZkUucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAowDQYJKoZIhvcNAQELBQADggEB
AHltPzJKX6odVvW8hrvSd4TdD3nJdjWGONj3QGTQKaZd2UAl2kbQeb1eZxXjDmJf
Y6vejAaisHGNDe01Kidp6ESOPNlHIkySVaJvXC8HLm74nd19LApWJtI6chu4eIUI
W05JTw73O9R111T+63IfGzusfjA6ZVpSJikYs7MEDauEhYI3tDbAAMrIrxYOAafV
bVv+5TZq0lCY+OzI4qFDx73tjyGLuVo2WzMysf95+WQZxYnvWzmeqDd5IxwCvEzN
3t94aH1m94tYU2zq6yt/4i9S2L0q6sUWeIOQcj42cj0gmrZ9dBOjUNi0EQj3AJG1
5ZV76kyKj4SPu83ssPez/0Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org