Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/uAX-kVkdnZWCI6irrnGV0SmcM44.roa
File: uAX-kVkdnZWCI6irrnGV0SmcM44.roa (raw, json)
Hash identifier: bljHa3+/M9RMOhQDFtGSuBK8QvDoRPgO6/UVHEGNVaQ=
Subject key identifier: B8:05:FE:91:59:1D:9D:95:82:23:A8:AB:AE:71:95:D1:29:9C:33:8E
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 42B7
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/uAX-kVkdnZWCI6irrnGV0SmcM44.roa
Signing time: Sun 06 Feb 2022 00:30:07 +0000
ROA not before: Sun 06 Feb 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17079 (0x42b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 6 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=B805FE91591D9D958223A8ABAE7195D1299C338E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:65:74:b5:b2:15:c7:13:f8:b7:27:a4:62:11:
79:c2:87:0b:2a:c9:ca:af:6f:df:31:a2:6c:62:c5:
92:32:28:d3:87:20:65:3f:45:74:bb:5b:1e:c3:8c:
98:09:b1:c5:a0:32:a4:80:0d:26:1a:7f:97:c8:cb:
df:a8:e5:c2:8e:1a:1c:6b:bb:a0:8a:12:fa:4c:76:
40:6c:e9:4a:05:7b:e9:2a:11:c3:76:e4:0a:b8:60:
b9:ba:85:c8:e4:be:b9:8a:0e:ed:62:df:7a:2a:74:
77:b7:a2:57:d0:3f:e1:27:55:69:da:04:7b:b0:9a:
cb:b5:10:f6:76:76:9f:92:2a:73:d7:86:27:0a:4c:
2f:87:a6:9a:9d:fb:0d:fb:e4:8b:68:46:15:a3:3b:
fd:ff:bb:da:a0:f0:82:5c:52:36:f3:28:89:ba:0c:
e9:82:cf:bc:f6:ee:f6:fb:12:c7:5f:5c:36:95:82:
10:97:d2:af:4f:11:a0:5f:54:df:52:7d:24:4a:37:
75:ee:8f:ae:c4:53:d5:bb:3f:03:6f:df:e5:16:1f:
bd:e6:4a:54:e0:d5:d3:62:49:40:cb:84:b0:b4:39:
47:1f:b6:bf:4d:27:0d:5e:15:75:1f:10:e3:bc:1f:
34:8f:84:53:4f:52:a5:a3:a2:8b:46:66:96:4b:7f:
00:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:05:FE:91:59:1D:9D:95:82:23:A8:AB:AE:71:95:D1:29:9C:33:8E
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/uAX-kVkdnZWCI6irrnGV0SmcM44.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
56:58:eb:fb:40:3f:22:a6:04:17:a6:20:06:92:70:92:5a:17:
7b:85:8a:91:3c:2b:06:f8:a5:46:02:45:d2:d1:1c:2a:13:30:
ed:b8:e1:ee:80:df:96:d7:8a:3b:b1:79:25:ef:a0:19:37:89:
e4:c3:42:fc:ba:bb:c4:c4:4d:c2:d4:73:f9:e2:cb:53:b3:ee:
4d:50:30:2d:a5:17:85:8f:ba:8c:54:2f:c5:ea:81:c3:c0:41:
84:cd:bc:a8:8a:4c:e4:e9:06:c9:4f:fe:1b:69:fb:4e:57:42:
11:06:8c:ec:76:46:22:ce:27:5c:74:8d:d9:59:d6:b9:c9:f8:
f5:e3:cd:76:46:85:28:9a:97:49:9a:d5:ba:95:c9:b4:3d:50:
87:c6:88:86:bc:21:3e:6f:9a:a2:02:60:4d:ac:89:e5:55:25:
95:54:83:36:08:98:5e:3b:86:f3:24:d8:81:47:bb:31:92:93:
91:88:48:f1:ca:8f:5d:b4:d1:c5:f6:3d:21:b2:f1:ab:be:6c:
79:b8:e6:8a:62:79:18:2a:1a:b0:0e:74:05:63:29:8c:dd:e6:
c6:be:2d:23:31:72:e2:54:09:f8:7b:be:5b:63:b4:c2:03:78:
60:c5:ef:c7:86:77:9f:fe:30:9c:77:fd:30:ed:51:6d:4b:96:
d5:56:69:b2
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQrcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDYw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEI4MDVGRTkxNTkxRDlE
OTU4MjIzQThBQkFFNzE5NUQxMjk5QzMzOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpZXS1shXHE/i3J6RiEXnChwsqycqvb98xomxixZIyKNOHIGU/
RXS7Wx7DjJgJscWgMqSADSYaf5fIy9+o5cKOGhxru6CKEvpMdkBs6UoFe+kqEcN2
5Aq4YLm6hcjkvrmKDu1i33oqdHe3olfQP+EnVWnaBHuwmsu1EPZ2dp+SKnPXhicK
TC+Hppqd+w375ItoRhWjO/3/u9qg8IJcUjbzKIm6DOmCz7z27vb7EsdfXDaVghCX
0q9PEaBfVN9SfSRKN3Xuj67EU9W7PwNv3+UWH73mSlTg1dNiSUDLhLC0OUcftr9N
Jw1eFXUfEOO8HzSPhFNPUqWjootGZpZLfwBDAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUuAX+kVkdnZWCI6irrnGV0SmcM44wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS91QVgta1ZrZG5aV0NJNmlycm5HVjBTbWNNNDQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AFZY6/tAPyKmBBemIAaScJJaF3uFipE8Kwb4pUYCRdLRHCoTMO244e6A35bXijux
eSXvoBk3ieTDQvy6u8TETcLUc/niy1Oz7k1QMC2lF4WPuoxUL8XqgcPAQYTNvKiK
TOTpBslP/htp+05XQhEGjOx2RiLOJ1x0jdlZ1rnJ+PXjzXZGhSial0ma1bqVybQ9
UIfGiIa8IT5vmqICYE2sieVVJZVUgzYImF47hvMk2IFHuzGSk5GISPHKj1200cX2
PSGy8au+bHm45opieRgqGrAOdAVjKYzd5sa+LSMxcuJUCfh7vltjtMIDeGDF78eG
d5/+MJx3/TDtUW1LltVWabI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org