Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/yC1I9p87tQTVWg4mYYQrRIeWDDM.roa
File: yC1I9p87tQTVWg4mYYQrRIeWDDM.roa (raw, json)
Hash identifier: 9azHXoZjZy3LcHo+fdeVAeOj8xlcYUzmcNaJ4vv5zoc=
Subject key identifier: C8:2D:48:F6:9F:3B:B5:04:D5:5A:0E:26:61:84:2B:44:87:96:0C:33
Certificate issuer: /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial: E9B0
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/yC1I9p87tQTVWg4mYYQrRIeWDDM.roa
Signing time: Fri 30 Sep 2022 03:24:04 +0000
ROA not before: Fri 30 Sep 2022 03:24:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3130
IP address blocks: 147.28.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59824 (0xe9b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Validity
Not Before: Sep 30 03:24:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=C82D48F69F3BB504D55A0E2661842B4487960C33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:75:f7:e3:18:f5:3c:a1:87:fc:04:0d:6c:81:
ca:83:a5:ee:6c:24:ca:f5:72:28:e2:0b:c9:9a:70:
6c:26:f5:76:b4:c7:f4:d4:50:fc:0b:9f:3d:fb:f7:
45:df:fe:06:c6:66:60:8c:09:99:a1:91:17:3e:68:
4b:b5:c8:5d:aa:ed:31:c4:d2:6e:fb:8e:86:b8:e4:
1b:85:29:62:04:b2:b3:6e:62:7d:bf:9d:e6:d2:70:
b2:6c:a7:d6:b6:ab:4c:df:74:f1:af:28:79:92:10:
75:72:c4:6c:a2:ca:87:2f:f4:30:cf:e5:06:04:a9:
8f:4f:ff:84:39:79:7f:ef:3c:88:13:37:4f:2b:3c:
86:a2:6f:2d:c6:ed:27:6c:59:86:67:f1:e7:46:40:
dc:27:26:30:26:21:d5:00:1b:0b:74:00:6d:eb:58:
bb:65:ee:6f:41:52:a4:11:79:bb:53:ea:89:0e:43:
e7:1f:c7:ff:78:4c:8c:c2:7f:a8:60:fe:8c:eb:15:
a0:7f:7b:97:bc:41:60:3c:3f:72:fd:8a:01:17:9a:
cb:6f:c6:94:61:00:59:7d:a5:8b:ec:80:27:8e:87:
f5:7b:52:6d:75:16:68:21:1d:d4:06:15:e7:b2:e0:
83:4d:27:87:e9:f0:64:c9:05:aa:d3:98:49:31:3a:
7d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:2D:48:F6:9F:3B:B5:04:D5:5A:0E:26:61:84:2B:44:87:96:0C:33
X509v3 Authority Key Identifier:
keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/yC1I9p87tQTVWg4mYYQrRIeWDDM.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.7.0/24
Signature Algorithm: sha256WithRSAEncryption
16:fe:e8:9c:82:ec:fc:26:f0:43:d6:93:4d:8f:e8:b3:48:e5:
86:09:c0:80:8d:e6:67:d5:05:c3:d4:9a:44:df:87:ee:7e:1b:
46:44:bb:d3:2f:fc:c1:ad:2c:98:f0:8b:41:84:5d:b6:c7:f0:
8f:a3:70:a2:3d:aa:1e:a7:b4:85:38:d6:43:96:d0:3a:9e:3d:
19:0f:3c:07:71:df:02:ba:6e:f0:fa:f4:b4:ce:28:5c:dd:42:
f6:e1:60:ad:9f:01:89:3e:a3:51:06:dd:e1:da:c5:00:5a:87:
b9:31:db:24:cd:50:05:52:d4:ef:c4:ec:37:9e:a5:b6:54:a7:
54:16:e1:bd:92:71:aa:25:9b:a7:33:a8:06:4b:92:b0:92:77:
fc:f8:51:34:e8:6e:72:f6:25:79:5b:bb:fd:0d:09:64:d6:8a:
c0:fa:01:a9:01:42:8c:8b:25:e4:19:18:67:b2:fc:19:0c:ca:
a6:5a:bb:fb:d0:fc:15:7e:22:7e:78:09:44:1f:30:3e:90:36:
f9:22:7f:b4:5d:85:7d:31:62:2d:21:e3:b7:d7:43:84:44:72:
6e:a9:e5:4b:d1:3b:1d:e1:6a:fb:7f:4a:f2:a2:5d:83:8e:19:
10:20:01:f5:cb:46:a8:bc:a5:aa:51:bf:d9:c0:fe:13:82:8e:
10:74:25:66
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDAOmwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjIwOTMw
MDMyNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhDODJENDhGNjlGM0JC
NTA0RDU1QTBFMjY2MTg0MkI0NDg3OTYwQzMzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzXX34xj1PKGH/AQNbIHKg6XubCTK9XIo4gvJmnBsJvV2tMf0
1FD8C589+/dF3/4GxmZgjAmZoZEXPmhLtchdqu0xxNJu+46GuOQbhSliBLKzbmJ9
v53m0nCybKfWtqtM33Txryh5khB1csRsosqHL/Qwz+UGBKmPT/+EOXl/7zyIEzdP
KzyGom8txu0nbFmGZ/HnRkDcJyYwJiHVABsLdABt61i7Ze5vQVKkEXm7U+qJDkPn
H8f/eEyMwn+oYP6M6xWgf3uXvEFgPD9y/YoBF5rLb8aUYQBZfaWL7IAnjof1e1Jt
dRZoIR3UBhXnsuCDTSeH6fBkyQWq05hJMTp9AwIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFMgtSPafO7UE1VoOJmGEK0SHlgwzMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VL3lDMUk5cDg3dFFUVldnNG1ZWVFyUkllV0RETS5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAJMcBzANBgkqhkiG9w0BAQsFAAOCAQEAFv7o
nILs/CbwQ9aTTY/os0jlhgnAgI3mZ9UFw9SaRN+H7n4bRkS70y/8wa0smPCLQYRd
tsfwj6Nwoj2qHqe0hTjWQ5bQOp49GQ88B3HfArpu8Pr0tM4oXN1C9uFgrZ8BiT6j
UQbd4drFAFqHuTHbJM1QBVLU78TsN56ltlSnVBbhvZJxqiWbpzOoBkuSsJJ3/PhR
NOhucvYleVu7/Q0JZNaKwPoBqQFCjIsl5BkYZ7L8GQzKplq7+9D8FX4ifngJRB8w
PpA2+SJ/tF2FfTFiLSHjt9dDhERybqnlS9E7HeFq+39K8qJdg44ZECAB9ctGqLyl
qlG/2cD+E4KOEHQlZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org