Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS142586.roa
File: AS142586.roa (raw, json)
Hash identifier: yjGljHED47jkVQlYD2lNXFGsefIfoUs5/MyUXJ5DZFg=
Subject key identifier: 52:9F:5B:24:B5:80:83:47:67:C8:92:02:B3:3C:C4:DC:17:5C:D9:18
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 2AEA194041BB6353AF20B68F49EE84B38CAA7804
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS142586.roa
Signing time: Tue 19 May 2026 04:03:24 +0000
ROA not before: Tue 19 May 2026 03:58:24 +0000
ROA not after: Tue 18 May 2027 04:03:24 +0000
asID: 142586
IP address blocks: 2a0f:9400:7870::/48 maxlen: 48
2a0f:9400:7871::/48 maxlen: 48
2a0f:9400:7872::/48 maxlen: 48
2a0f:9400:7873::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:ea:19:40:41:bb:63:53:af:20:b6:8f:49:ee:84:b3:8c:aa:78:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: May 19 03:58:24 2026 GMT
Not After : May 18 04:03:24 2027 GMT
Subject: CN=529F5B24B580834767C89202B33CC4DC175CD918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1f:e3:33:18:ed:fd:bb:16:ae:eb:d1:38:fb:
04:0f:50:a1:f4:cc:05:2a:99:5e:d1:2a:bf:71:f5:
6b:97:4f:41:84:20:85:ca:f0:04:7e:2e:c3:6a:a7:
20:32:90:7e:ff:93:01:c0:b1:1b:e9:bc:8f:33:d2:
f2:2a:41:66:0c:56:dc:a1:39:ba:fd:f7:49:d9:03:
71:7b:6d:49:f0:70:9e:03:80:79:17:d6:3c:38:9b:
48:7f:68:c2:84:b7:41:74:b2:5f:36:06:52:3f:36:
97:c6:ef:83:a8:cc:3f:e7:30:8b:cd:b4:c9:5c:31:
b7:9e:24:3f:71:ea:52:d2:6e:d5:81:0e:6f:a3:c6:
81:63:22:42:4e:6f:cf:da:87:26:ba:f3:7c:b9:e8:
f7:05:0b:a9:38:06:f4:3f:63:cd:ba:06:0a:d0:d1:
34:be:c8:4a:83:c0:6e:87:00:bb:19:db:45:fc:27:
57:a2:df:cf:dc:37:47:61:97:c6:ac:dc:21:6e:a8:
bc:43:8f:f4:a6:f7:69:6e:ce:84:c8:b8:b6:1c:25:
df:a4:4a:d0:06:2a:40:a4:1b:fa:af:fd:e0:ab:73:
90:94:27:fb:55:e4:0f:3a:d4:ee:66:43:81:88:f9:
be:ab:ba:11:54:03:1c:5c:f2:ed:38:c6:55:ed:6d:
8d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:9F:5B:24:B5:80:83:47:67:C8:92:02:B3:3C:C4:DC:17:5C:D9:18
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS142586.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:7870::/46
Signature Algorithm: sha256WithRSAEncryption
4c:c4:ec:ae:0a:16:67:46:f9:d1:28:dc:d2:ef:7e:a2:c9:88:
8b:f4:ab:f7:8c:9e:ee:6c:c7:c8:e9:f3:0a:3e:f4:82:6a:1e:
c2:1e:c4:b2:24:f3:a9:b3:f2:bb:3e:2e:58:6b:40:1f:64:e9:
00:98:96:d6:33:f0:1d:1d:f5:27:fd:87:c7:ea:09:ee:ad:4f:
30:25:09:1a:08:f1:0e:a7:d0:fb:02:04:10:fb:85:97:e5:5f:
34:b8:4e:db:6f:1e:6f:0c:f1:92:90:c1:ad:b3:9f:bd:26:a2:
5e:7a:ce:a0:f3:3a:6a:78:67:17:e5:98:72:3a:48:03:4c:f6:
66:c0:9f:09:d0:ac:4f:70:db:de:9b:a9:7a:39:44:b7:45:91:
3f:7c:ac:b7:f6:75:0c:77:dc:77:0d:31:08:11:13:9e:84:b5:
a3:26:0a:ea:51:4b:13:1d:c3:d9:91:74:66:cf:56:ad:7b:b1:
25:e7:77:8b:c5:5f:94:a1:cd:c4:8b:62:e1:15:81:59:1c:55:
5b:96:8b:59:34:b1:8f:ef:86:c9:ad:a6:c0:65:c1:de:6c:c9:
d2:21:58:c3:1e:f5:22:75:b8:e1:a5:9c:a6:0a:72:60:41:5a:
ec:34:16:3e:fc:d9:68:2d:f9:60:52:f4:cd:82:b2:51:4c:16:
ec:93:90:d9
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUKuoZQEG7Y1OvILaPSe6Es4yqeAQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNjA1MTkwMzU4MjRaFw0yNzA1MTgwNDAzMjRaMDMxMTAvBgNV
BAMTKDUyOUY1QjI0QjU4MDgzNDc2N0M4OTIwMkIzM0NDNERDMTc1Q0Q5MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFH+MzGO39uxau69E4+wQPUKH0
zAUqmV7RKr9x9WuXT0GEIIXK8AR+LsNqpyAykH7/kwHAsRvpvI8z0vIqQWYMVtyh
Obr990nZA3F7bUnwcJ4DgHkX1jw4m0h/aMKEt0F0sl82BlI/NpfG74OozD/nMIvN
tMlcMbeeJD9x6lLSbtWBDm+jxoFjIkJOb8/ahya683y56PcFC6k4BvQ/Y826BgrQ
0TS+yEqDwG6HALsZ20X8J1ei38/cN0dhl8as3CFuqLxDj/Sm92luzoTIuLYcJd+k
StAGKkCkG/qv/eCrc5CUJ/tV5A861O5mQ4GI+b6ruhFUAxxc8u04xlXtbY0HAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUUp9bJLWAg0dnyJICszzE3Bdc2RgwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzE0MjU4Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioPlAB4cDANBgkqhkiG9w0BAQsFAAOC
AQEATMTsrgoWZ0b50Sjc0u9+osmIi/Sr94ye7mzHyOnzCj70gmoewh7EsiTzqbPy
uz4uWGtAH2TpAJiW1jPwHR31J/2Hx+oJ7q1PMCUJGgjxDqfQ+wIEEPuFl+VfNLhO
228ebwzxkpDBrbOfvSaiXnrOoPM6anhnF+WYcjpIA0z2ZsCfCdCsT3Db3pupejlE
t0WRP3yst/Z1DHfcdw0xCBETnoS1oyYK6lFLEx3D2ZF0Zs9WrXuxJed3i8VflKHN
xIti4RWBWRxVW5aLWTSxj++Gya2mwGXB3mzJ0iFYwx71InW44aWcpgpyYEFa7DQW
PvzZaC35YFL0zYKyUUwW7JOQ2Q==
-----END CERTIFICATE-----
Generated at Sat Jun 6 09:23:52 2026 by rpki-client