Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: TYeUiALlRjefofF+2umSncM8QNkYbdNEdcjY6KBIFlA=
Subject key identifier: 3B:F2:58:8E:48:CA:54:A8:A8:52:F7:CD:96:B1:0F:09:42:F8:77:FE
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 328AF2E1FFB840499734FC18EC271FF85AC32D1C
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
Signing time: Mon 29 Apr 2024 14:53:33 +0000
ROA not before: Mon 29 Apr 2024 14:48:33 +0000
ROA not after: Mon 28 Apr 2025 14:53:33 +0000
asID: 20473
IP address blocks: 2a0f:9400:610e::/48 maxlen: 48
2a0f:9400:6118::/48 maxlen: 48
2a0f:9400:6165::/48 maxlen: 48
2a0f:9400:6167::/48 maxlen: 48
2a0f:9400:690a::/48 maxlen: 48
2a0f:9400:690b::/48 maxlen: 48
2a0f:9400:690e::/48 maxlen: 48
2a0f:9400:693e::/48 maxlen: 48
2a0f:9400:7386::/48 maxlen: 48
2a0f:9400:750a::/48 maxlen: 48
2a0f:9400:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:8a:f2:e1:ff:b8:40:49:97:34:fc:18:ec:27:1f:f8:5a:c3:2d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Apr 29 14:48:33 2024 GMT
Not After : Apr 28 14:53:33 2025 GMT
Subject: CN=3BF2588E48CA54A8A852F7CD96B10F0942F877FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:6f:28:77:4b:d6:0d:a4:17:aa:97:c5:28:7d:
a0:1e:7e:41:ab:a5:83:1b:7c:03:03:54:8d:a7:f3:
49:93:4d:c0:f1:dc:7e:f5:05:4a:2f:2e:71:a8:f6:
da:aa:24:8f:81:d3:a6:e2:dc:bf:1b:fa:9d:13:13:
05:17:68:f8:8a:18:81:c0:74:cb:d5:b5:6d:5f:48:
aa:cc:6e:e1:ff:1e:88:fb:5f:01:a4:7f:de:fc:b5:
7d:2d:d9:40:3d:9a:38:e7:9f:03:a0:54:d8:bd:ae:
91:98:f6:c8:04:82:30:da:08:d0:c5:07:fd:49:e3:
3d:fb:27:05:40:cf:9c:67:93:0b:29:ce:ee:4d:c4:
bd:a8:22:b3:43:fd:48:5b:1c:3c:34:df:bb:54:15:
8d:9a:6e:59:e0:43:74:66:c7:5c:6b:25:be:27:24:
e0:32:13:c6:13:54:7f:60:24:d1:f2:de:7d:b4:fd:
40:c9:b9:4c:f9:af:a0:8d:2f:25:ce:69:61:b7:d6:
4f:10:e5:39:37:b2:14:47:eb:db:ae:0b:4d:aa:1f:
b0:59:ad:77:25:9e:79:dc:0c:fc:9e:c1:0c:68:d1:
c2:1a:07:95:59:61:9d:e3:fc:52:02:3b:cb:18:59:
48:d7:ea:f5:c4:23:b6:df:32:2b:ec:00:f3:8f:2f:
96:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F2:58:8E:48:CA:54:A8:A8:52:F7:CD:96:B1:0F:09:42:F8:77:FE
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:610e::/48
2a0f:9400:6118::/48
2a0f:9400:6165::/48
2a0f:9400:6167::/48
2a0f:9400:690a::/47
2a0f:9400:690e::/48
2a0f:9400:693e::/48
2a0f:9400:7386::/48
2a0f:9400:750a::/48
2a0f:9400:8020::/48
Signature Algorithm: sha256WithRSAEncryption
7d:e6:ab:02:91:ea:fd:2f:ea:84:c7:eb:81:bd:15:a3:30:cf:
c2:f4:c0:e6:ff:2d:4b:b1:ca:6a:15:6d:2f:25:03:95:2a:dd:
26:6b:26:61:14:9f:8f:a1:8d:a0:3c:fe:a1:c1:34:0b:49:41:
96:0e:ae:31:c4:f9:3f:24:ba:7a:c4:02:ad:cd:bd:78:4e:05:
4a:7b:d9:fb:88:ff:66:4b:dd:b9:05:c0:68:48:a1:93:7f:95:
a6:88:ea:4c:99:ee:33:ff:53:3b:de:ea:97:8d:4b:ee:3d:93:
39:f3:28:93:04:49:37:04:7a:47:8a:7d:4a:1e:fe:cd:15:f1:
05:35:87:94:51:5f:0b:0c:8a:a2:a9:fc:4a:bc:54:df:d2:71:
c5:ec:21:11:f4:bb:60:d4:71:1d:25:94:33:43:cc:b4:7f:85:
74:fe:84:8c:82:ba:62:dd:4f:ad:c8:9e:29:1c:9a:ae:25:f5:
94:74:95:af:9a:26:98:9f:17:60:f9:88:68:7f:af:44:72:5b:
5b:c0:6a:a1:09:df:cf:17:d1:1f:eb:63:69:03:b7:89:88:6e:
43:74:ee:98:20:fc:b8:db:b0:fe:ef:30:cf:ef:0c:ef:14:94:
d8:7e:b1:e4:2e:c6:94:37:ba:8f:e2:34:34:b7:78:55:d6:60:
09:7e:5c:75
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIUMory4f+4QEmXNPwY7Ccf+FrDLRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDA0MjkxNDQ4MzNaFw0yNTA0MjgxNDUzMzNaMDMxMTAvBgNV
BAMTKDNCRjI1ODhFNDhDQTU0QThBODUyRjdDRDk2QjEwRjA5NDJGODc3RkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4byh3S9YNpBeql8UofaAefkGr
pYMbfAMDVI2n80mTTcDx3H71BUovLnGo9tqqJI+B06bi3L8b+p0TEwUXaPiKGIHA
dMvVtW1fSKrMbuH/Hoj7XwGkf978tX0t2UA9mjjnnwOgVNi9rpGY9sgEgjDaCNDF
B/1J4z37JwVAz5xnkwspzu5NxL2oIrND/UhbHDw037tUFY2ablngQ3Rmx1xrJb4n
JOAyE8YTVH9gJNHy3n20/UDJuUz5r6CNLyXOaWG31k8Q5Tk3shRH69uuC02qH7BZ
rXclnnncDPyewQxo0cIaB5VZYZ3j/FICO8sYWUjX6vXEI7bfMivsAPOPL5YDAgMB
AAGjggIZMIICFTAdBgNVHQ4EFgQUO/JYjkjKVKioUvfNlrEPCUL4d/4wHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBbBggrBgEFBQcBCwRPME0wSwYIKwYBBQUHMAuG
P3JzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIwNDczLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHMGCCsG
AQUFBwEHAQH/BGQwYjBgBAIAAjBaAwcAKg+UAGEOAwcAKg+UAGEYAwcAKg+UAGFl
AwcAKg+UAGFnAwcBKg+UAGkKAwcAKg+UAGkOAwcAKg+UAGk+AwcAKg+UAHOGAwcA
Kg+UAHUKAwcAKg+UAIAgMA0GCSqGSIb3DQEBCwUAA4IBAQB95qsCker9L+qEx+uB
vRWjMM/C9MDm/y1LscpqFW0vJQOVKt0mayZhFJ+PoY2gPP6hwTQLSUGWDq4xxPk/
JLp6xAKtzb14TgVKe9n7iP9mS925BcBoSKGTf5WmiOpMme4z/1M73uqXjUvuPZM5
8yiTBEk3BHpHin1KHv7NFfEFNYeUUV8LDIqiqfxKvFTf0nHF7CER9Ltg1HEdJZQz
Q8y0f4V0/oSMgrpi3U+tyJ4pHJquJfWUdJWvmiaYnxdg+Yhof69EcltbwGqhCd/P
F9Ef62NpA7eJiG5DdO6YIPy427D+7zDP7wzvFJTYfrHkLsaUN7qP4jQ0t3hV1mAJ
flx1
-----END CERTIFICATE-----
Generated at Tue May 7 03:53:34 2024 by rpki-client on console-fra.rpki-client.org