Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/iNZ_fXuh22JQZcROGPKeC9xu2To.roa
File: iNZ_fXuh22JQZcROGPKeC9xu2To.roa (raw, json)
Hash identifier: LPPcclQ8aQwiFeqOx3fdHgLYUEMQNUvq+d31Kp81yQQ=
Subject key identifier: 88:D6:7F:7D:7B:A1:DB:62:50:65:C4:4E:18:F2:9E:0B:DC:6E:D9:3A
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4677
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/iNZ_fXuh22JQZcROGPKeC9xu2To.roa
Signing time: Sat 16 Apr 2022 00:30:06 +0000
ROA not before: Sat 16 Apr 2022 00:30:06 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 51224
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18039 (0x4677)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 16 00:30:06 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=88D67F7D7BA1DB625065C44E18F29E0BDC6ED93A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:0a:39:69:ac:ce:2b:77:01:aa:0c:37:f7:e6:
84:c3:d4:db:54:4c:aa:e2:84:a4:8b:02:d2:e7:f3:
a8:d9:f6:a0:a3:2e:bf:04:8a:bc:f1:73:b6:59:fa:
f8:55:79:31:fd:ca:5d:47:20:7d:8c:12:f8:8d:b7:
c5:0b:5f:91:4a:28:f2:f0:d2:f7:56:01:0b:00:db:
8e:57:ab:95:f7:1c:74:06:4b:76:17:18:41:e8:8b:
01:4e:14:9a:8c:75:e9:7d:e0:cc:4f:78:25:30:98:
99:69:7c:21:8e:de:cb:94:dd:56:b4:27:17:df:c4:
7a:cb:f6:65:12:ce:62:08:d3:5f:a7:4c:31:c7:d8:
50:34:65:0a:71:36:07:21:3b:d0:de:a4:00:e2:a1:
88:6b:32:be:93:0f:a0:61:e7:9a:b0:b3:eb:34:26:
6d:64:fe:55:d1:79:16:b5:e4:41:98:73:97:53:77:
7b:af:82:ac:47:af:78:02:d3:56:97:35:c8:ce:36:
12:8f:c7:d2:90:ec:bb:bc:7e:7e:ef:99:c4:9f:28:
b5:18:38:00:3c:bf:74:a2:43:29:4d:81:c0:b4:4a:
2d:57:4a:5b:ab:dd:42:41:94:6d:7c:81:b4:09:63:
6a:b9:9c:41:80:58:de:19:9a:9e:2c:3c:a4:90:2e:
f5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D6:7F:7D:7B:A1:DB:62:50:65:C4:4E:18:F2:9E:0B:DC:6E:D9:3A
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/iNZ_fXuh22JQZcROGPKeC9xu2To.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
41:38:da:d1:27:79:3f:65:a8:ad:8f:d9:0d:73:91:1f:e1:47:
7e:c3:45:3d:2c:b3:8d:3f:7a:b3:49:e7:79:60:43:51:ae:e0:
a8:70:dd:1d:f4:d6:e7:dd:64:5e:51:9d:5d:79:2d:09:b9:6e:
b6:e5:35:44:e1:90:ec:6d:03:1b:3f:19:6d:03:80:6a:13:97:
29:f4:66:27:c1:9e:4a:41:0e:17:cb:1e:14:65:34:97:71:a2:
13:65:f8:6c:97:20:6a:7d:c0:ff:bb:e6:1d:51:3e:0c:4d:ea:
d5:ae:7f:1b:6b:ab:29:27:8b:c2:3a:fe:16:10:a1:e8:c2:a8:
d2:6c:d2:e7:91:f2:98:92:93:8a:62:dd:eb:ed:46:45:45:4a:
ee:58:2e:f4:ab:0d:b0:df:a2:0c:a7:10:c5:e8:55:4b:79:f7:
07:5f:f9:6c:59:d5:98:89:92:ea:7f:ab:3c:03:fb:a8:6a:29:
de:2a:4c:1b:f3:e7:37:b0:db:b5:a2:ce:8c:38:61:e8:37:89:
fb:8f:69:b9:1d:5a:c1:0d:a7:75:6a:9e:3e:7c:fc:f9:d5:69:
9d:6c:02:57:94:5b:b6:73:43:e0:41:1f:a8:e6:60:a4:03:00:
70:91:18:4d:d0:e9:67:02:f1:43:ee:cd:79:f6:74:1d:3f:fd:
d8:06:72:b4
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRncwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MTYw
MDMwMDZaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDg4RDY3RjdEN0JBMURC
NjI1MDY1QzQ0RTE4RjI5RTBCREM2RUQ5M0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvCjlprM4rdwGqDDf35oTD1NtUTKrihKSLAtLn86jZ9qCjLr8E
irzxc7ZZ+vhVeTH9yl1HIH2MEviNt8ULX5FKKPLw0vdWAQsA245Xq5X3HHQGS3YX
GEHoiwFOFJqMdel94MxPeCUwmJlpfCGO3suU3Va0JxffxHrL9mUSzmII01+nTDHH
2FA0ZQpxNgchO9DepADioYhrMr6TD6Bh55qws+s0Jm1k/lXReRa15EGYc5dTd3uv
gqxHr3gC01aXNcjONhKPx9KQ7Lu8fn7vmcSfKLUYOAA8v3SiQylNgcC0Si1XSlur
3UJBlG18gbQJY2q5nEGAWN4Zmp4sPKSQLvWfAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUiNZ/fXuh22JQZcROGPKeC9xu2TowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9pTlpfZlh1aDIySlFaY1JPR1BLZUM5eHUyVG8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AEE42tEneT9lqK2P2Q1zkR/hR37DRT0ss40/erNJ53lgQ1Gu4Khw3R301ufdZF5R
nV15LQm5brblNUThkOxtAxs/GW0DgGoTlyn0ZifBnkpBDhfLHhRlNJdxohNl+GyX
IGp9wP+75h1RPgxN6tWufxtrqykni8I6/hYQoejCqNJs0ueR8piSk4pi3evtRkVF
Su5YLvSrDbDfogynEMXoVUt59wdf+WxZ1ZiJkup/qzwD+6hqKd4qTBvz5zew27Wi
zow4Yeg3ifuPabkdWsENp3Vqnj58/PnVaZ1sAleUW7ZzQ+BBH6jmYKQDAHCRGE3Q
6WcC8UPuzXn2dB0//dgGcrQ=
-----END CERTIFICATE-----
Generated at Tue Dec 26 10:19:21 2023 by rpki-client on console.sobornost.net