Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/yXloDnMMwp2DYxqWz30UA0jWDLw.roa
File: yXloDnMMwp2DYxqWz30UA0jWDLw.roa (raw, json)
Hash identifier: 9UTmnhn/i+LuyCxkq2NGa04id2Y7aKSIRaqwnZUWSnw=
Subject key identifier: C9:79:68:0E:73:0C:C2:9D:83:63:1A:96:CF:7D:14:03:48:D6:0C:BC
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4936
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/yXloDnMMwp2DYxqWz30UA0jWDLw.roa
Signing time: Fri 03 Jun 2022 00:30:11 +0000
ROA not before: Fri 03 Jun 2022 00:30:11 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18742 (0x4936)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Jun 3 00:30:11 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=C979680E730CC29D83631A96CF7D140348D60CBC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1e:db:79:b1:c9:34:f8:b7:be:94:ac:25:6f:
65:31:b8:8e:75:78:8b:74:60:89:13:5b:9c:81:9f:
e5:74:a6:2d:c0:81:a4:24:49:da:11:bd:10:65:41:
47:b1:91:35:49:d1:4c:63:99:e6:1d:28:2e:48:75:
d5:9b:12:d6:7d:e9:05:1f:dd:b4:e0:82:5d:97:03:
d3:ac:17:92:d1:7c:52:f6:c6:ab:90:0d:63:e8:06:
1b:54:be:1d:6f:25:37:84:b9:ab:bf:01:41:45:0b:
5c:be:44:01:0c:75:ca:53:35:cc:4e:a1:41:a5:2f:
5c:ad:89:98:1f:fd:18:5d:81:2c:cd:2a:0e:e0:0d:
fd:93:8f:9c:e2:e3:f8:c3:7d:e3:15:26:09:60:23:
db:5d:59:e5:75:b8:77:aa:79:c8:e1:16:ee:84:27:
8c:7c:33:97:3d:4d:e3:be:b6:a3:2a:9e:ee:28:6b:
79:64:80:10:63:1c:26:d5:d4:7b:e8:7d:93:9b:b6:
00:9a:e4:fb:8c:52:1a:dc:81:c0:1b:71:4e:9c:58:
8f:1b:1a:10:80:9e:1c:a2:78:05:fb:8c:95:c5:f5:
ca:51:ad:4b:ca:bf:cd:81:55:a8:ce:68:73:d8:db:
27:af:45:47:c7:34:19:18:61:cc:ab:87:27:49:61:
98:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:79:68:0E:73:0C:C2:9D:83:63:1A:96:CF:7D:14:03:48:D6:0C:BC
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/yXloDnMMwp2DYxqWz30UA0jWDLw.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
38:2c:14:22:26:ce:3c:30:3b:6b:3f:ad:8d:6e:fd:f5:23:c7:
4b:d7:73:a9:34:dc:30:a0:40:5f:be:6c:cf:72:6e:58:76:51:
ea:22:de:50:76:e2:0c:e4:1a:b1:4f:6e:8e:cf:7c:8c:92:f2:
bf:4c:25:2f:da:12:b4:f4:5b:c7:7a:19:1e:1d:97:0f:4d:3b:
c6:78:9a:35:4e:91:a7:68:83:86:4c:b1:cd:e3:f2:5b:5e:76:
10:fd:36:3d:02:34:e3:4e:4f:fa:0d:d9:1a:89:ed:3b:67:60:
9d:e5:b4:d1:a4:89:f9:e5:06:cf:cc:1b:6b:b2:3b:af:5f:22:
b9:24:a2:7c:ee:b7:bb:19:36:ed:ef:61:09:6b:f6:c3:59:5d:
a9:09:54:7f:ca:f8:2a:13:5f:2f:6a:37:e5:b1:52:95:ba:97:
42:2d:16:8e:63:e8:fc:16:29:b0:4f:0b:82:53:82:cb:89:2f:
b4:64:82:f2:22:87:cd:3a:31:40:e5:53:3b:5d:11:2c:16:e4:
ef:ce:a2:8a:43:5e:30:cc:46:7c:d2:39:fb:fc:97:d4:f6:93:
7c:57:93:a1:92:7b:8b:b7:93:8e:70:a1:ef:b7:38:94:77:cb:
65:d6:d9:ad:a9:17:6b:f8:d8:1c:f4:42:c8:4e:6e:ef:48:6b:
8b:c5:86:04
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSTYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDMw
MDMwMTFaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEM5Nzk2ODBFNzMwQ0My
OUQ4MzYzMUE5NkNGN0QxNDAzNDhENjBDQkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpHtt5sck0+Le+lKwlb2UxuI51eIt0YIkTW5yBn+V0pi3AgaQk
SdoRvRBlQUexkTVJ0UxjmeYdKC5IddWbEtZ96QUf3bTggl2XA9OsF5LRfFL2xquQ
DWPoBhtUvh1vJTeEuau/AUFFC1y+RAEMdcpTNcxOoUGlL1ytiZgf/RhdgSzNKg7g
Df2Tj5zi4/jDfeMVJglgI9tdWeV1uHeqecjhFu6EJ4x8M5c9TeO+tqMqnu4oa3lk
gBBjHCbV1HvofZObtgCa5PuMUhrcgcAbcU6cWI8bGhCAnhyieAX7jJXF9cpRrUvK
v82BVajOaHPY2yevRUfHNBkYYcyrhydJYZjrAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUyXloDnMMwp2DYxqWz30UA0jWDLwwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS95WGxvRG5NTXdwMkRZeHFXejMwVUEwaldETHcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ADgsFCImzjwwO2s/rY1u/fUjx0vXc6k03DCgQF++bM9yblh2Ueoi3lB24gzkGrFP
bo7PfIyS8r9MJS/aErT0W8d6GR4dlw9NO8Z4mjVOkadog4ZMsc3j8ltedhD9Nj0C
NONOT/oN2RqJ7TtnYJ3ltNGkifnlBs/MG2uyO69fIrkkonzut7sZNu3vYQlr9sNZ
XakJVH/K+CoTXy9qN+WxUpW6l0ItFo5j6PwWKbBPC4JTgsuJL7RkgvIih806MUDl
UztdESwW5O/OoopDXjDMRnzSOfv8l9T2k3xXk6GSe4u3k45woe+3OJR3y2XW2a2p
F2v42Bz0QshObu9Ia4vFhgQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org