Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS139686.roa
File: AS139686.roa (raw, json)
Hash identifier: I89ImSreWTemMpfKaLAkevOGB2xA48bK/VOj4y/ccwY=
Subject key identifier: 8C:64:51:BB:43:C5:79:06:BE:AC:BD:D7:FE:CE:1B:09:37:BD:C8:E2
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 5641EFAC0CE273E62F9E26E9B8E119A96A00DEAC
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS139686.roa
Signing time: Tue 11 Feb 2025 04:12:21 +0000
ROA not before: Tue 11 Feb 2025 04:07:21 +0000
ROA not after: Tue 10 Feb 2026 04:12:21 +0000
asID: 139686
IP address blocks: 2a0f:9400::/48 maxlen: 48
2a0f:9400:1::/48 maxlen: 48
2a0f:9400:2::/48 maxlen: 48
2a0f:9400:3::/48 maxlen: 48
2a0f:9400:4::/48 maxlen: 48
2a0f:9400:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:41:ef:ac:0c:e2:73:e6:2f:9e:26:e9:b8:e1:19:a9:6a:00:de:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Feb 11 04:07:21 2025 GMT
Not After : Feb 10 04:12:21 2026 GMT
Subject: CN=8C6451BB43C57906BEACBDD7FECE1B0937BDC8E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c2:0e:77:52:26:18:5d:41:a0:70:b7:1e:ed:
0b:47:ba:ba:5f:88:7e:dc:7f:bf:35:f1:8f:76:d7:
5b:25:71:52:bd:37:34:25:49:df:a6:cf:89:8c:c4:
ae:7a:33:53:a3:ab:46:9d:52:0b:5f:77:3c:12:a1:
1d:12:d8:74:95:f8:5f:7c:69:91:92:18:7a:cd:fc:
08:fc:60:d3:d2:66:a5:8d:8e:78:f5:cd:6c:5f:ee:
53:25:ee:a0:9c:13:71:a0:65:23:8a:08:9c:0d:06:
5e:84:34:78:17:64:bd:70:ed:8f:c9:cc:88:51:62:
1f:56:bf:66:dc:5b:e6:d9:fd:4e:43:d5:1e:8c:a1:
44:17:bb:a0:be:13:34:d3:ca:61:44:7c:4e:af:60:
33:97:85:5c:d0:ee:05:35:58:20:ac:54:62:a0:bb:
c8:02:2f:9b:96:2c:2f:0a:91:64:ff:27:ee:b7:d8:
d9:33:1d:39:69:07:16:71:7a:99:dd:f5:a9:66:74:
c7:bc:05:dc:e0:8e:c9:e9:ba:7c:d5:fd:55:61:3d:
c3:a6:a8:e2:2a:47:5b:ae:b3:da:fd:27:e3:2b:da:
2d:4c:97:af:d8:de:0f:7f:bf:4d:1f:bf:27:24:20:
64:b4:5c:9e:22:32:e3:b0:4e:4b:2a:51:a6:47:13:
b2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:64:51:BB:43:C5:79:06:BE:AC:BD:D7:FE:CE:1B:09:37:BD:C8:E2
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS139686.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400::-2a0f:9400:4:ffff:ffff:ffff:ffff:ffff
2a0f:9400:6::/48
Signature Algorithm: sha256WithRSAEncryption
70:a8:bf:66:4e:bc:69:27:45:a8:77:02:92:0c:5e:8a:af:a2:
39:17:17:43:57:38:c6:8c:10:72:65:20:d1:77:40:cf:bd:65:
c9:ce:b0:d9:a1:25:4c:f6:d1:b1:27:cf:a2:99:e8:08:67:28:
ac:e9:df:e0:6f:82:cb:18:b7:f0:7f:5d:a0:04:ec:a7:2d:50:
cc:f0:81:b7:1e:cb:a8:b7:29:16:ea:a5:db:2b:bc:2e:3d:b5:
c0:82:ed:e5:88:a3:86:f1:d5:42:ce:fe:02:bd:12:fb:79:45:
fe:79:14:f0:98:e3:26:20:77:28:00:ea:86:df:cd:fb:e0:e9:
88:50:8a:f7:2a:5d:be:09:00:ba:cf:11:11:5e:09:7c:bc:a7:
a0:91:f2:81:f5:32:8d:27:6b:fc:94:58:f0:7b:22:73:73:b4:
4e:9e:78:e5:e5:4e:9a:e7:3f:52:b9:e8:bb:c7:12:9d:50:0d:
9b:42:fd:67:81:d9:b6:2c:a9:64:18:81:fe:c2:19:fa:26:11:
7a:4a:b2:24:12:fc:b8:6e:23:54:d5:27:7e:85:1a:0f:52:69:
75:eb:7b:08:17:23:dd:e3:c6:92:00:1d:c0:df:a2:88:c0:3d:
65:6d:87:ab:b8:48:9f:b0:23:85:ec:29:75:b9:f0:7c:ef:39:
2e:fc:47:bc
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgIUVkHvrAzic+YvnibpuOEZqWoA3qwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNTAyMTEwNDA3MjFaFw0yNjAyMTAwNDEyMjFaMDMxMTAvBgNV
BAMTKDhDNjQ1MUJCNDNDNTc5MDZCRUFDQkREN0ZFQ0UxQjA5MzdCREM4RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNwg53UiYYXUGgcLce7QtHurpf
iH7cf7818Y9211slcVK9NzQlSd+mz4mMxK56M1Ojq0adUgtfdzwSoR0S2HSV+F98
aZGSGHrN/Aj8YNPSZqWNjnj1zWxf7lMl7qCcE3GgZSOKCJwNBl6ENHgXZL1w7Y/J
zIhRYh9Wv2bcW+bZ/U5D1R6MoUQXu6C+EzTTymFEfE6vYDOXhVzQ7gU1WCCsVGKg
u8gCL5uWLC8KkWT/J+632NkzHTlpBxZxepnd9almdMe8BdzgjsnpunzV/VVhPcOm
qOIqR1uus9r9J+Mr2i1Ml6/Y3g9/v00fvyckIGS0XJ4iMuOwTksqUaZHE7JDAgMB
AAGjggHaMIIB1jAdBgNVHQ4EFgQUjGRRu0PFeQa+rL3X/s4bCTe9yOIwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzEzOTY4Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAzBggr
BgEFBQcBBwEB/wQkMCIwIAQCAAIwGjAPAwQCKg+UAwcAKg+UAAAEAwcAKg+UAAAG
MA0GCSqGSIb3DQEBCwUAA4IBAQBwqL9mTrxpJ0WodwKSDF6Kr6I5FxdDVzjGjBBy
ZSDRd0DPvWXJzrDZoSVM9tGxJ8+imegIZyis6d/gb4LLGLfwf12gBOynLVDM8IG3
HsuotykW6qXbK7wuPbXAgu3liKOG8dVCzv4CvRL7eUX+eRTwmOMmIHcoAOqG3837
4OmIUIr3Kl2+CQC6zxERXgl8vKegkfKB9TKNJ2v8lFjweyJzc7ROnnjl5U6a5z9S
uei7xxKdUA2bQv1ngdm2LKlkGIH+whn6JhF6SrIkEvy4biNU1Sd+hRoPUml163sI
FyPd48aSAB3A36KIwD1lbYeruEifsCOF7Cl1ufB87zku/Ee8
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:45 2025 by rpki-client