Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/vCI4uQV88EKGa45S48azZMPuhIA.roa
File: vCI4uQV88EKGa45S48azZMPuhIA.roa (raw, json)
Hash identifier: 0kw/QkIHUuJoaOSomWcSH0e/ytFrmve1FUoDdZenU7Y=
Subject key identifier: BC:22:38:B9:05:7C:F0:42:86:6B:8E:52:E3:C6:B3:64:C3:EE:84:80
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4473
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/vCI4uQV88EKGa45S48azZMPuhIA.roa
Signing time: Thu 10 Mar 2022 00:36:53 +0000
ROA not before: Thu 10 Mar 2022 00:36:53 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17523 (0x4473)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 10 00:36:53 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=BC2238B9057CF042866B8E52E3C6B364C3EE8480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f7:5a:4f:2d:80:69:38:44:0b:de:26:e4:ee:
e7:fe:86:97:71:a8:38:d8:6f:06:2b:2f:0c:5b:26:
9e:4c:c6:98:bc:fa:24:31:1f:b2:6e:1c:60:db:aa:
1a:34:da:2f:50:f2:8e:3f:1f:77:95:35:89:fa:70:
31:0a:e9:55:bc:92:96:5a:ff:09:4d:3c:54:d5:17:
28:59:4f:e4:a8:7a:99:67:35:d3:49:8d:35:a6:7b:
24:36:25:7e:74:ce:fd:2a:8f:be:1e:11:f3:46:89:
90:67:c6:8f:08:10:ad:b1:79:27:f0:6d:42:2f:6d:
89:2b:90:f6:91:a6:bb:03:d9:a7:5e:85:dc:41:58:
c0:38:2a:ad:63:b7:b0:34:ee:d7:c2:36:45:4c:4e:
66:83:00:fa:e6:8d:50:29:b2:1b:aa:dd:18:f4:d6:
cf:37:2b:1e:0e:45:16:d0:15:0d:36:c9:29:45:f1:
30:bf:5e:9f:1d:88:b4:f0:11:02:90:ce:78:d2:5c:
07:cd:c8:13:ae:e9:e2:a9:d1:96:e7:81:f8:89:26:
e2:f7:16:a6:f1:c8:5f:78:0c:19:90:53:ce:5f:12:
1b:ee:8f:44:c3:bc:d6:b5:5d:3a:b1:e9:a1:8b:90:
6c:59:a0:67:c4:f2:03:e5:63:4b:47:7e:2f:57:0d:
72:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:22:38:B9:05:7C:F0:42:86:6B:8E:52:E3:C6:B3:64:C3:EE:84:80
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/vCI4uQV88EKGa45S48azZMPuhIA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
41:e3:77:fb:3d:10:9e:e5:76:e5:30:87:01:33:72:e3:a0:a9:
74:17:67:4e:7c:84:70:3c:e2:27:b2:d6:81:10:60:4b:3f:93:
a3:fc:46:9c:93:bd:d1:a3:27:15:57:38:88:37:77:25:70:c0:
ef:28:3a:01:51:91:49:6a:ba:9d:9f:14:c3:c9:6f:40:5d:6a:
61:38:a8:63:91:f1:92:c9:f4:5b:2b:cc:94:e4:99:28:9f:c8:
03:c8:24:10:1d:d5:ed:81:be:ee:dd:a1:81:c7:40:b7:59:ff:
2c:a4:98:55:60:6d:35:ca:c7:30:8a:8d:df:7d:e2:15:f5:4f:
a8:2b:c4:58:83:e5:48:22:39:41:64:bb:89:c4:64:d6:14:63:
92:24:a5:ce:b8:56:0e:b0:05:e9:78:5e:59:f0:f4:c9:f1:f4:
7a:dd:74:35:66:ac:b0:30:c7:62:a9:c0:66:11:36:1a:70:e0:
4c:75:97:3b:60:e6:97:1e:0d:be:88:35:82:28:3f:67:95:62:
c3:81:05:09:95:bc:99:71:d5:90:58:63:a8:04:9f:69:e5:85:
7c:fe:8c:4f:07:e8:97:a1:ef:be:08:13:b8:a8:63:7a:ed:21:
b1:78:47:e6:13:2f:33:bf:be:93:48:93:36:e6:06:5f:da:86:
7d:07:fd:6d
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRHMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTAw
MDM2NTNaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEJDMjIzOEI5MDU3Q0Yw
NDI4NjZCOEU1MkUzQzZCMzY0QzNFRTg0ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC991pPLYBpOEQL3ibk7uf+hpdxqDjYbwYrLwxbJp5Mxpi8+iQx
H7JuHGDbqho02i9Q8o4/H3eVNYn6cDEK6VW8kpZa/wlNPFTVFyhZT+SoeplnNdNJ
jTWmeyQ2JX50zv0qj74eEfNGiZBnxo8IEK2xeSfwbUIvbYkrkPaRprsD2adehdxB
WMA4Kq1jt7A07tfCNkVMTmaDAPrmjVApshuq3Rj01s83Kx4ORRbQFQ02ySlF8TC/
Xp8diLTwEQKQznjSXAfNyBOu6eKp0ZbngfiJJuL3FqbxyF94DBmQU85fEhvuj0TD
vNa1XTqx6aGLkGxZoGfE8gPlY0tHfi9XDXLPAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUvCI4uQV88EKGa45S48azZMPuhIAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS92Q0k0dVFWODhFS0dhNDVTNDhhelpNUHVoSUEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AEHjd/s9EJ7lduUwhwEzcuOgqXQXZ058hHA84iey1oEQYEs/k6P8RpyTvdGjJxVX
OIg3dyVwwO8oOgFRkUlqup2fFMPJb0BdamE4qGOR8ZLJ9FsrzJTkmSifyAPIJBAd
1e2Bvu7doYHHQLdZ/yykmFVgbTXKxzCKjd994hX1T6grxFiD5UgiOUFku4nEZNYU
Y5Ikpc64Vg6wBel4Xlnw9Mnx9HrddDVmrLAwx2KpwGYRNhpw4Ex1lztg5pceDb6I
NYIoP2eVYsOBBQmVvJlx1ZBYY6gEn2nlhXz+jE8H6Jeh774IE7ioY3rtIbF4R+YT
LzO/vpNIkzbmBl/ahn0H/W0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org