Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS142586.roa
File: AS142586.roa (raw, json)
Hash identifier: kGT0dLotH8edQyNlNWFewN5nKdATfsTUXx/oyAH7No8=
Subject key identifier: 89:01:4C:5E:D1:B0:EF:95:FB:BD:2C:6B:D7:A7:6A:1F:5B:B5:1D:6D
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 32D1C1FC4CBEA4D8D92D1EFFDEF6F28BEBFFB661
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS142586.roa
Signing time: Tue 15 Aug 2023 02:00:24 +0000
ROA not before: Tue 15 Aug 2023 01:55:24 +0000
ROA not after: Tue 13 Aug 2024 02:00:24 +0000
asID: 142586
IP address blocks: 2a0f:9400:7870::/48 maxlen: 48
2a0f:9400:7871::/48 maxlen: 48
2a0f:9400:7872::/48 maxlen: 48
2a0f:9400:7873::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:d1:c1:fc:4c:be:a4:d8:d9:2d:1e:ff:de:f6:f2:8b:eb:ff:b6:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Aug 15 01:55:24 2023 GMT
Not After : Aug 13 02:00:24 2024 GMT
Subject: CN=89014C5ED1B0EF95FBBD2C6BD7A76A1F5BB51D6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:06:6b:25:69:bd:ed:65:ea:c7:e0:dc:5c:6e:
cf:e1:a8:36:d6:b7:5d:b4:79:f4:7d:eb:22:7d:9c:
1e:47:20:53:60:a6:31:b3:17:c8:a0:c0:bf:fd:04:
eb:8b:eb:3e:eb:4b:f5:c1:c1:5c:75:0e:6d:69:46:
d8:1f:7f:49:76:1c:6e:86:82:2a:ff:7f:a9:7c:d1:
dc:4f:09:41:1a:0b:ac:05:1a:58:28:ce:40:32:f3:
1c:8b:8b:d2:01:e4:be:a2:73:7b:8d:c2:eb:6a:2d:
47:f8:f1:8f:77:e2:85:34:a0:7e:83:b9:78:5b:b6:
03:8a:d3:bd:42:17:8b:b4:15:ee:22:e0:c9:05:ef:
4c:18:4a:26:31:85:26:7a:1a:25:bc:48:45:36:86:
1d:2a:32:84:9c:23:95:15:0b:b3:bd:8c:5c:48:85:
af:b2:b1:86:a2:64:f1:13:86:b8:db:35:85:59:15:
fe:59:81:8d:61:f4:87:29:e1:c7:eb:e2:3a:fd:fa:
00:b3:e1:05:16:4e:7a:02:e4:1f:c3:69:d9:e5:34:
43:47:ff:a3:c5:34:b6:e1:c4:f8:c7:4a:d8:e9:63:
c0:81:9d:91:c0:2d:47:63:7d:08:06:6d:9d:47:cd:
3a:1f:cd:f3:f1:96:7f:1d:9c:33:25:af:77:5b:ad:
29:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:01:4C:5E:D1:B0:EF:95:FB:BD:2C:6B:D7:A7:6A:1F:5B:B5:1D:6D
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS142586.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:7870::/46
Signature Algorithm: sha256WithRSAEncryption
7f:ef:a7:7b:11:25:02:d8:6a:85:c2:6d:98:80:33:01:24:e6:
98:41:81:3f:2d:86:9c:b1:4e:88:13:31:fa:51:71:e7:82:10:
9b:58:f0:04:81:e8:f0:f3:5d:eb:7d:a4:21:f6:8b:0b:fc:18:
b4:73:86:4a:01:1f:07:62:6d:c4:2b:57:b4:60:b4:d2:16:9c:
aa:b0:05:61:1d:dd:7b:f9:24:12:17:4b:60:3c:21:d8:32:18:
3c:89:2b:c1:d8:ab:84:3f:dc:49:2e:27:ba:62:c1:6b:99:03:
32:07:a8:92:da:b7:56:23:5e:82:8f:40:82:4a:a9:38:c3:c0:
db:cb:18:78:13:a7:ae:bc:af:a8:db:5c:b9:5a:97:9e:09:57:
f2:bc:6c:aa:e8:08:9a:75:6a:3d:7f:e8:08:06:6e:06:ee:01:
32:6f:5d:9c:b8:92:c3:8c:da:de:63:f6:9c:57:bd:d1:9a:39:
19:3c:85:ca:85:99:fb:6f:32:12:49:50:85:37:bc:b6:44:ed:
fa:60:0b:4f:d5:fd:88:d0:e2:c9:c8:47:2a:65:f4:07:87:1e:
d7:3e:33:0e:f7:45:81:47:3a:7f:6d:59:1e:85:e8:e8:84:6f:
8f:f8:54:1f:26:1d:b8:8c:77:49:d4:fb:3c:b5:6d:3b:0b:bb:
0d:c1:f4:a3
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUMtHB/Ey+pNjZLR7/3vbyi+v/tmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yMzA4MTUwMTU1MjRaFw0yNDA4MTMwMjAwMjRaMDMxMTAvBgNV
BAMTKDg5MDE0QzVFRDFCMEVGOTVGQkJEMkM2QkQ3QTc2QTFGNUJCNTFENkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Bmslab3tZerH4Nxcbs/hqDbW
t120efR96yJ9nB5HIFNgpjGzF8igwL/9BOuL6z7rS/XBwVx1Dm1pRtgff0l2HG6G
gir/f6l80dxPCUEaC6wFGlgozkAy8xyLi9IB5L6ic3uNwutqLUf48Y934oU0oH6D
uXhbtgOK071CF4u0Fe4i4MkF70wYSiYxhSZ6GiW8SEU2hh0qMoScI5UVC7O9jFxI
ha+ysYaiZPEThrjbNYVZFf5ZgY1h9Icp4cfr4jr9+gCz4QUWTnoC5B/DadnlNENH
/6PFNLbhxPjHStjpY8CBnZHALUdjfQgGbZ1HzTofzfPxln8dnDMlr3dbrSkBAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUiQFMXtGw75X7vSxr16dqH1u1HW0wHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzE0MjU4Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioPlAB4cDANBgkqhkiG9w0BAQsFAAOC
AQEAf++nexElAthqhcJtmIAzASTmmEGBPy2GnLFOiBMx+lFx54IQm1jwBIHo8PNd
632kIfaLC/wYtHOGSgEfB2JtxCtXtGC00hacqrAFYR3de/kkEhdLYDwh2DIYPIkr
wdirhD/cSS4numLBa5kDMgeoktq3ViNego9AgkqpOMPA28sYeBOnrryvqNtcuVqX
nglX8rxsqugImnVqPX/oCAZuBu4BMm9dnLiSw4za3mP2nFe90Zo5GTyFyoWZ+28y
EklQhTe8tkTt+mALT9X9iNDiychHKmX0B4ce1z4zDvdFgUc6f21ZHoXo6IRvj/hU
HyYduIx3SdT7PLVtOwu7DcH0ow==
-----END CERTIFICATE-----
Generated at Sat May 4 11:05:08 2024 by rpki-client on console-ams.rpki-client.org