Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/y6syo6B9ZWe14WcbyKzFwArCQ28.roa
File: y6syo6B9ZWe14WcbyKzFwArCQ28.roa (raw, json)
Hash identifier: nG1RQaWxAkbBoAwe5+2cdoEb2uJkhzgaAUTU4KPDLtE=
Subject key identifier: CB:AB:32:A3:A0:7D:65:67:B5:E1:67:1B:C8:AC:C5:C0:0A:C2:43:6F
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4499
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/y6syo6B9ZWe14WcbyKzFwArCQ28.roa
Signing time: Sun 13 Mar 2022 00:30:09 +0000
ROA not before: Sun 13 Mar 2022 00:30:09 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17561 (0x4499)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 13 00:30:09 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=CBAB32A3A07D6567B5E1671BC8ACC5C00AC2436F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8e:d7:82:58:d7:ba:3c:ae:d4:ff:8f:42:09:
45:71:7c:01:88:98:b6:04:42:08:7f:95:f7:17:af:
e1:8e:0a:3d:e3:cb:7e:62:99:36:b5:36:d1:e6:2f:
eb:a6:e9:ca:51:6a:21:45:54:44:1f:46:a4:6b:32:
25:e9:93:bd:ab:e6:ed:f2:6b:8d:88:54:e4:7c:32:
10:7f:1c:58:19:f8:1a:5a:c1:7a:67:aa:dd:a0:9e:
55:4f:d3:60:1c:8e:55:b9:25:2b:70:f6:ce:3b:de:
49:65:16:01:5d:90:cb:36:40:42:b4:0d:b6:93:dc:
50:7d:f1:f4:89:a0:58:7b:ba:f4:f1:47:6d:67:db:
68:f7:29:1b:6d:af:16:06:a9:f3:4d:25:78:ec:f6:
07:7a:d7:ab:25:5c:ae:b6:01:1d:92:1e:5d:99:d0:
6b:47:e1:8a:10:2e:fe:13:5b:37:8a:d4:9e:40:c7:
0b:46:1d:a8:42:d5:ab:26:3c:d1:aa:2c:c3:e8:78:
13:d8:b2:fa:fc:e1:3f:0d:90:d1:18:5c:cd:49:38:
d1:b7:4c:24:f4:f0:9c:53:82:6a:fa:5c:0f:09:00:
b0:ac:8f:9e:42:fb:da:37:e4:9e:80:c4:01:d4:75:
2a:2f:7c:3b:47:be:45:45:38:40:81:fa:1a:6d:5f:
1b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:AB:32:A3:A0:7D:65:67:B5:E1:67:1B:C8:AC:C5:C0:0A:C2:43:6F
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/y6syo6B9ZWe14WcbyKzFwArCQ28.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:4f:aa:97:66:0d:a3:bf:5e:28:1b:25:39:3d:b8:e3:71:89:
9f:f1:1a:c6:77:09:4f:14:cd:15:cd:91:a3:48:68:89:74:9b:
0c:42:90:5d:ad:19:03:98:c6:76:8a:3e:9e:ad:59:47:4c:78:
51:45:6f:4a:db:60:f7:0a:c1:36:cb:e6:27:95:cb:0b:89:8e:
16:d4:b5:1b:5e:a6:7b:67:6c:f3:d5:e2:fd:63:7d:a8:f5:26:
46:e8:d2:f4:42:f1:58:b9:73:62:11:f2:48:67:8b:f9:25:48:
60:64:3c:7a:44:94:da:f0:0e:7a:19:63:62:54:31:7e:29:22:
75:ac:53:d3:81:e6:ad:01:63:96:a4:ab:bf:9f:45:98:9b:f3:
46:71:e9:d8:a7:36:1a:af:2c:f2:1d:7d:69:41:c6:6a:fd:c2:
94:ab:a8:21:df:20:27:60:7f:3f:8a:ff:f3:bf:12:4b:5f:ac:
30:6c:31:79:e8:2d:f0:e7:d9:a8:f4:90:cc:7c:52:6e:d4:d6:
d1:60:31:a7:3c:6e:93:f1:09:6c:64:42:2a:6c:98:45:d9:db:
0f:9e:dd:bd:c7:0f:57:a0:31:08:63:46:8d:8e:25:36:7d:e2:
1b:84:b1:5e:40:e3:cb:2c:92:71:06:9d:6c:b7:95:00:e0:8e:
ab:a4:d3:ee
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTMw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKENCQUIzMkEzQTA3RDY1
NjdCNUUxNjcxQkM4QUNDNUMwMEFDMjQzNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJjteCWNe6PK7U/49CCUVxfAGImLYEQgh/lfcXr+GOCj3jy35i
mTa1NtHmL+um6cpRaiFFVEQfRqRrMiXpk72r5u3ya42IVOR8MhB/HFgZ+BpawXpn
qt2gnlVP02AcjlW5JStw9s473kllFgFdkMs2QEK0DbaT3FB98fSJoFh7uvTxR21n
22j3KRttrxYGqfNNJXjs9gd616slXK62AR2SHl2Z0GtH4YoQLv4TWzeK1J5AxwtG
HahC1asmPNGqLMPoeBPYsvr84T8NkNEYXM1JONG3TCT08JxTgmr6XA8JALCsj55C
+9o35J6AxAHUdSovfDtHvkVFOECB+hptXxstAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUy6syo6B9ZWe14WcbyKzFwArCQ28wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS95NnN5bzZCOVpXZTE0V2NieUt6RndBckNRMjgucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ADpPqpdmDaO/XigbJTk9uONxiZ/xGsZ3CU8UzRXNkaNIaIl0mwxCkF2tGQOYxnaK
Pp6tWUdMeFFFb0rbYPcKwTbL5ieVywuJjhbUtRtepntnbPPV4v1jfaj1Jkbo0vRC
8Vi5c2IR8khni/klSGBkPHpElNrwDnoZY2JUMX4pInWsU9OB5q0BY5akq7+fRZib
80Zx6dinNhqvLPIdfWlBxmr9wpSrqCHfICdgfz+K//O/EktfrDBsMXnoLfDn2aj0
kMx8Um7U1tFgMac8bpPxCWxkQipsmEXZ2w+e3b3HD1egMQhjRo2OJTZ94huEsV5A
48ssknEGnWy3lQDgjquk0+4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org