Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/wd3nZbHiFze-PEEfrv33WSQYCtA.roa
File: wd3nZbHiFze-PEEfrv33WSQYCtA.roa (raw, json)
Hash identifier: iFlgj7iCSpQF/VgGM5xNlytu3SByAq1BrXtuJjnj1ws=
Subject key identifier: C1:DD:E7:65:B1:E2:17:37:BE:3C:41:1F:AE:FD:F7:59:24:18:0A:D0
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4908
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/wd3nZbHiFze-PEEfrv33WSQYCtA.roa
Signing time: Wed 01 Jun 2022 00:30:11 +0000
ROA not before: Wed 01 Jun 2022 00:30:11 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18696 (0x4908)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 1 00:30:11 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=C1DDE765B1E21737BE3C411FAEFDF75924180AD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:40:a4:da:00:d8:94:19:2a:85:86:a7:9e:a1:
0c:da:e5:76:fe:2d:1d:7a:e4:43:e5:ae:58:ad:34:
b2:eb:d4:88:40:ee:ac:8e:83:c7:6a:09:12:e2:7a:
93:8b:c9:17:0c:b3:76:4a:3e:78:a5:22:34:2b:09:
ca:b7:b6:42:3b:77:3d:1f:10:20:da:26:ca:bf:32:
4f:85:58:ad:f8:b8:79:3e:58:f1:ad:39:aa:a5:b9:
8b:c7:b9:c9:2c:d5:7e:4a:af:92:b5:72:82:91:7d:
ee:55:fa:92:10:5c:58:e6:07:a2:eb:8a:87:e7:98:
c6:b4:60:85:cf:bd:a4:d0:67:1b:6b:14:52:df:df:
08:8e:82:71:45:8f:65:74:b0:c7:d1:e9:92:04:83:
84:aa:04:a1:3a:e5:28:d1:13:1f:a9:b6:d5:71:ff:
73:fa:af:7a:e5:8d:fc:ed:76:85:01:94:9c:fd:63:
9c:f6:f7:8b:65:d9:55:44:8f:93:d7:14:fc:04:36:
0e:6f:5a:91:29:ac:b3:f2:96:88:09:5e:4f:3e:09:
29:2e:c9:b0:89:c8:c7:bf:93:f9:82:da:58:5c:db:
76:c4:a4:f6:37:d1:7c:c2:71:d3:bb:9f:6e:c1:54:
be:d0:12:24:61:5b:ae:29:3c:e0:e5:c9:73:3b:1c:
62:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:DD:E7:65:B1:E2:17:37:BE:3C:41:1F:AE:FD:F7:59:24:18:0A:D0
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/wd3nZbHiFze-PEEfrv33WSQYCtA.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:66:71:c2:87:62:d7:73:dc:53:56:ef:b7:2c:bd:21:4b:e9:
b6:31:3c:63:93:7c:07:d4:eb:65:76:fa:1e:e1:85:da:44:fb:
02:b2:e2:ab:93:a3:f8:3e:5c:31:b9:6e:74:6c:0c:52:93:a1:
aa:ab:b6:b5:ab:87:63:3f:1c:be:2a:91:8d:fb:d5:c2:00:18:
99:50:09:7d:a4:3d:d1:28:d2:26:62:69:4e:c7:3c:66:9c:9b:
78:35:10:49:46:2e:0f:ae:58:02:26:4c:3e:7b:5d:a6:e8:bd:
6d:97:54:10:aa:f2:d0:ea:82:5d:09:f2:7e:f3:69:21:3d:50:
54:72:af:c9:42:90:cb:1a:31:ec:c3:c2:88:3c:cc:24:8f:29:
f1:af:2e:26:7d:26:20:32:81:a7:a8:43:16:9e:ee:0b:9d:87:
7b:4f:1c:99:ce:c8:32:a2:0d:8f:09:18:39:ad:3f:ce:f7:26:
5d:69:df:6f:fd:3a:29:c1:81:29:76:6b:d7:d0:69:b4:43:e7:
97:47:8a:a7:6a:0d:2c:78:bd:05:ae:e6:03:09:20:61:ae:83:
a8:44:30:f9:cc:91:b0:45:96:f4:2e:93:65:a0:90:c6:07:82:
60:59:da:e3:90:a5:e4:27:88:b6:01:ec:49:89:48:8b:3f:c1:
5a:df:29:cc
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSQgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDEw
MDMwMTFaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEMxRERFNzY1QjFFMjE3
MzdCRTNDNDExRkFFRkRGNzU5MjQxODBBRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8QKTaANiUGSqFhqeeoQza5Xb+LR165EPlrlitNLLr1IhA7qyO
g8dqCRLiepOLyRcMs3ZKPnilIjQrCcq3tkI7dz0fECDaJsq/Mk+FWK34uHk+WPGt
OaqluYvHucks1X5Kr5K1coKRfe5V+pIQXFjmB6LriofnmMa0YIXPvaTQZxtrFFLf
3wiOgnFFj2V0sMfR6ZIEg4SqBKE65SjREx+pttVx/3P6r3rljfztdoUBlJz9Y5z2
94tl2VVEj5PXFPwENg5vWpEprLPylogJXk8+CSkuybCJyMe/k/mC2lhc23bEpPY3
0XzCcdO7n27BVL7QEiRhW64pPODlyXM7HGJxAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUwd3nZbHiFze+PEEfrv33WSQYCtAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS93ZDNuWmJIaUZ6ZS1QRUVmcnYzM1dTUVlDdEEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AHxmccKHYtdz3FNW77csvSFL6bYxPGOTfAfU62V2+h7hhdpE+wKy4quTo/g+XDG5
bnRsDFKToaqrtrWrh2M/HL4qkY371cIAGJlQCX2kPdEo0iZiaU7HPGacm3g1EElG
Lg+uWAImTD57XabovW2XVBCq8tDqgl0J8n7zaSE9UFRyr8lCkMsaMezDwog8zCSP
KfGvLiZ9JiAygaeoQxae7gudh3tPHJnOyDKiDY8JGDmtP873Jl1p32/9OinBgSl2
a9fQabRD55dHiqdqDSx4vQWu5gMJIGGug6hEMPnMkbBFlvQuk2WgkMYHgmBZ2uOQ
peQniLYB7EmJSIs/wVrfKcw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org