Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS197438.roa
File: AS197438.roa (raw, json)
Hash identifier: ucvvxBGXyXO6F7UqZ7zZ/2bsJCsI13iNzwLRC5qVVos=
Subject key identifier: 25:BC:F3:F6:ED:38:9A:77:7B:D9:D1:8E:4A:6B:12:55:95:C0:FE:39
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 5FDFA6C1FB8F6EB9A3B077CA1A07B05E6B526466
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS197438.roa
Signing time: Fri 03 Jan 2025 12:43:07 +0000
ROA not before: Fri 03 Jan 2025 12:38:07 +0000
ROA not after: Fri 02 Jan 2026 12:43:07 +0000
asID: 197438
IP address blocks: 2a0f:9400:611e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:df:a6:c1:fb:8f:6e:b9:a3:b0:77:ca:1a:07:b0:5e:6b:52:64:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Jan 3 12:38:07 2025 GMT
Not After : Jan 2 12:43:07 2026 GMT
Subject: CN=25BCF3F6ED389A777BD9D18E4A6B125595C0FE39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bb:19:d1:85:69:9f:1c:59:0b:8a:43:69:76:
ff:20:7a:4b:c3:5d:1d:30:7c:64:be:3b:cb:20:d7:
de:a1:d9:8f:b8:26:ab:fc:7d:57:ec:a7:16:84:55:
90:07:63:7d:8c:40:f2:48:2f:9a:8d:c4:9f:58:54:
cf:b9:75:a1:e2:18:aa:f2:84:16:d1:68:f5:53:14:
c4:b2:20:c6:a5:e4:8a:6b:30:9b:02:7b:2c:cd:d7:
61:95:4a:eb:e4:1a:0c:61:33:b3:a0:02:dd:e7:cc:
4b:b8:6e:86:5f:87:6c:73:a9:66:cc:7c:bb:ff:a7:
bc:89:1b:55:94:eb:83:2d:2b:16:32:c0:fc:72:bb:
ac:9f:92:c1:f4:13:91:0a:22:2c:f0:fd:13:a0:5f:
65:a8:9d:33:64:30:12:10:56:6b:1c:bf:38:e7:44:
e4:76:8f:28:3c:40:d7:e7:f6:82:1f:c9:e8:46:07:
d2:c3:66:c0:5e:d9:e9:98:9f:0a:ea:48:a8:b6:ba:
0b:8d:58:2e:14:05:31:3e:ba:5e:3b:a4:4f:c7:39:
f1:c4:e2:9e:10:82:9d:db:03:9a:6e:3e:31:15:ba:
18:59:e1:a7:11:e2:b0:0d:62:84:c1:04:b5:20:2a:
3e:6a:c6:62:7d:83:c8:32:7f:3b:fc:b9:fc:db:71:
1d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BC:F3:F6:ED:38:9A:77:7B:D9:D1:8E:4A:6B:12:55:95:C0:FE:39
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS197438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:611e::/48
Signature Algorithm: sha256WithRSAEncryption
42:a5:7a:2d:94:0a:53:4b:00:95:0f:42:5c:97:b8:4a:0a:3f:
1b:a4:51:2b:68:ae:f7:13:10:71:a9:bd:b0:b4:d7:73:43:d2:
54:92:ae:80:74:d7:07:5d:27:e6:8a:56:d6:76:13:71:2d:82:
b1:e7:75:16:89:09:a1:c6:1e:73:b9:3c:87:8a:96:4a:f8:57:
00:41:40:06:6d:f3:a7:72:f7:2a:69:66:2c:6b:5f:59:1f:9b:
25:66:73:c9:53:5a:77:c3:51:1f:8e:3b:7c:33:00:bd:d1:25:
d5:43:df:4f:73:3b:c8:9e:e7:44:8a:76:02:76:85:4d:e4:04:
2d:24:1a:98:95:50:db:a0:a9:7e:b0:4c:d8:c6:0f:e7:54:db:
43:fb:87:32:38:1c:4f:8f:fc:c0:65:2e:17:0b:5e:c8:65:a9:
2e:a1:0e:50:5d:72:b6:72:5b:06:08:dd:3f:ff:ef:c9:18:4b:
6a:90:22:05:f6:2e:1d:c1:f5:fa:2b:f3:a0:49:bf:84:9e:b6:
d5:31:17:8e:68:97:e9:87:03:53:a7:58:5f:52:3f:34:fd:bb:
65:e4:89:ee:75:72:a4:00:c7:a6:a2:8f:5f:7e:be:8c:ed:ee:
5a:f8:60:45:e1:ef:47:bd:e0:0e:9a:3f:04:12:89:da:d3:14:
c6:e5:41:06
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUX9+mwfuPbrmjsHfKGgewXmtSZGYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNTAxMDMxMjM4MDdaFw0yNjAxMDIxMjQzMDdaMDMxMTAvBgNV
BAMTKDI1QkNGM0Y2RUQzODlBNzc3QkQ5RDE4RTRBNkIxMjU1OTVDMEZFMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1uxnRhWmfHFkLikNpdv8gekvD
XR0wfGS+O8sg196h2Y+4Jqv8fVfspxaEVZAHY32MQPJIL5qNxJ9YVM+5daHiGKry
hBbRaPVTFMSyIMal5IprMJsCeyzN12GVSuvkGgxhM7OgAt3nzEu4boZfh2xzqWbM
fLv/p7yJG1WU64MtKxYywPxyu6yfksH0E5EKIizw/ROgX2WonTNkMBIQVmscvzjn
ROR2jyg8QNfn9oIfyehGB9LDZsBe2emYnwrqSKi2uguNWC4UBTE+ul47pE/HOfHE
4p4Qgp3bA5puPjEVuhhZ4acR4rANYoTBBLUgKj5qxmJ9g8gyfzv8ufzbcR13AgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUJbzz9u04mnd72dGOSmsSVZXA/jkwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzE5NzQzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlABhHjANBgkqhkiG9w0BAQsFAAOC
AQEAQqV6LZQKU0sAlQ9CXJe4Sgo/G6RRK2iu9xMQcam9sLTXc0PSVJKugHTXB10n
5opW1nYTcS2Csed1FokJocYec7k8h4qWSvhXAEFABm3zp3L3KmlmLGtfWR+bJWZz
yVNad8NRH447fDMAvdEl1UPfT3M7yJ7nRIp2AnaFTeQELSQamJVQ26CpfrBM2MYP
51TbQ/uHMjgcT4/8wGUuFwteyGWpLqEOUF1ytnJbBgjdP//vyRhLapAiBfYuHcH1
+ivzoEm/hJ621TEXjmiX6YcDU6dYX1I/NP27ZeSJ7nVypADHpqKPX36+jO3uWvhg
ReHvR73gDpo/BBKJ2tMUxuVBBg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:13:47 2025 by rpki-client