Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS200809.roa
File: AS200809.roa (raw, json)
Hash identifier: lqicCe6fwu1cjPX6osB6459adGfm+bcEgtcZSYhtqks=
Subject key identifier: DF:37:35:23:4F:BD:84:5F:58:23:7F:5F:E2:D2:98:65:51:2B:B2:9D
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 49C69E24F7E29F4BC8AB4276B2CCB78D06055D51
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS200809.roa
Signing time: Sun 01 Dec 2024 20:41:18 +0000
ROA not before: Sun 01 Dec 2024 20:36:18 +0000
ROA not after: Sun 30 Nov 2025 20:41:18 +0000
asID: 200809
IP address blocks: 2a0f:9400:6903::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:c6:9e:24:f7:e2:9f:4b:c8:ab:42:76:b2:cc:b7:8d:06:05:5d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Dec 1 20:36:18 2024 GMT
Not After : Nov 30 20:41:18 2025 GMT
Subject: CN=DF3735234FBD845F58237F5FE2D29865512BB29D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:0b:69:81:ec:3b:58:fc:77:26:c2:7e:4d:c6:
bd:fb:ca:c6:a1:71:5d:75:65:0a:77:fe:6e:44:f0:
58:12:cf:9f:ae:44:b6:7b:4e:de:72:d1:8b:7f:ce:
42:a9:66:a7:f7:7c:04:79:ae:b4:14:b9:a1:cc:ba:
81:79:9a:f0:f0:87:cf:cd:23:78:05:96:f9:cc:7f:
e4:02:44:54:04:eb:7d:c7:f0:18:62:2c:7b:0f:5f:
18:1e:91:b1:1e:9b:3a:b4:6a:cc:c4:ec:5c:bb:47:
46:a6:4d:c5:20:f7:0d:69:5e:0f:79:f3:27:0f:41:
99:68:c3:c4:4b:44:a8:1c:eb:bf:2a:24:98:3d:3c:
20:71:59:f2:fb:18:65:1a:97:08:c7:c6:d1:3f:90:
95:58:03:b2:26:8b:84:ee:a7:d1:4b:98:cc:c5:11:
1a:c2:68:af:49:41:6c:92:b7:d5:49:35:9c:28:e4:
96:43:e6:c6:2e:d9:a1:ab:b7:57:65:a0:7d:35:b2:
98:24:f3:36:6b:8f:be:ff:75:89:3f:01:2c:2e:a9:
89:07:f5:08:79:9f:6c:22:06:93:32:6d:96:05:e6:
ee:02:6d:dd:37:21:5e:45:3c:31:85:3a:2a:7c:0b:
4e:47:d8:63:64:ec:14:72:5b:dc:34:06:ad:ca:7f:
52:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:37:35:23:4F:BD:84:5F:58:23:7F:5F:E2:D2:98:65:51:2B:B2:9D
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS200809.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6903::/48
Signature Algorithm: sha256WithRSAEncryption
19:dd:62:a5:7e:79:a2:b0:68:e2:5b:aa:b1:1b:7c:b5:ee:4c:
3f:f9:80:3b:ea:4d:2a:81:54:82:fb:a8:68:81:79:77:46:d2:
8c:9c:f1:4c:9c:91:2c:43:20:23:9c:6c:63:f0:b2:cd:6a:5b:
21:ce:da:0c:46:a0:44:d7:a8:15:06:29:d6:52:ec:38:e2:9f:
12:f0:ad:fb:39:98:41:39:f1:3f:22:62:66:ff:d9:3c:a4:52:
73:dd:0f:cd:10:f8:b2:0b:28:bc:c9:75:b7:1d:2a:ca:98:96:
3c:06:43:a8:47:80:99:e1:81:40:07:73:cc:39:b3:6d:b7:cb:
35:4f:09:46:a1:60:29:fc:c9:79:e8:99:26:29:3f:91:24:09:
74:a2:f2:97:09:36:bc:0c:07:f0:7b:f6:a5:cd:c5:23:2b:22:
31:5e:d7:4c:75:83:a5:a3:59:fa:0b:da:3c:64:60:61:70:03:
10:4a:c6:47:78:7d:c9:54:83:f6:40:fa:f1:78:8c:0d:8f:66:
43:2e:7d:a4:74:49:ce:fc:24:12:44:31:fb:24:6c:99:0e:2b:
64:34:d9:c3:9b:8e:72:9e:cc:c2:26:96:19:25:08:52:a4:da:
85:9e:f7:06:e3:9c:32:16:c1:02:4a:dc:c8:16:eb:e3:a1:08:
f9:4e:a8:fe
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUScaeJPfin0vIq0J2ssy3jQYFXVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDEyMDEyMDM2MThaFw0yNTExMzAyMDQxMThaMDMxMTAvBgNV
BAMTKERGMzczNTIzNEZCRDg0NUY1ODIzN0Y1RkUyRDI5ODY1NTEyQkIyOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0C2mB7DtY/Hcmwn5Nxr37ysah
cV11ZQp3/m5E8FgSz5+uRLZ7Tt5y0Yt/zkKpZqf3fAR5rrQUuaHMuoF5mvDwh8/N
I3gFlvnMf+QCRFQE633H8BhiLHsPXxgekbEemzq0aszE7Fy7R0amTcUg9w1pXg95
8ycPQZlow8RLRKgc678qJJg9PCBxWfL7GGUalwjHxtE/kJVYA7Imi4Tup9FLmMzF
ERrCaK9JQWySt9VJNZwo5JZD5sYu2aGrt1dloH01spgk8zZrj77/dYk/ASwuqYkH
9Qh5n2wiBpMybZYF5u4Cbd03IV5FPDGFOip8C05H2GNk7BRyW9w0Bq3Kf1KzAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQU3zc1I0+9hF9YI39f4tKYZVErsp0wHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIwMDgwOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlABpAzANBgkqhkiG9w0BAQsFAAOC
AQEAGd1ipX55orBo4luqsRt8te5MP/mAO+pNKoFUgvuoaIF5d0bSjJzxTJyRLEMg
I5xsY/CyzWpbIc7aDEagRNeoFQYp1lLsOOKfEvCt+zmYQTnxPyJiZv/ZPKRSc90P
zRD4sgsovMl1tx0qypiWPAZDqEeAmeGBQAdzzDmzbbfLNU8JRqFgKfzJeeiZJik/
kSQJdKLylwk2vAwH8Hv2pc3FIysiMV7XTHWDpaNZ+gvaPGRgYXADEErGR3h9yVSD
9kD68XiMDY9mQy59pHRJzvwkEkQx+yRsmQ4rZDTZw5uOcp7MwiaWGSUIUqTahZ73
BuOcMhbBAkrcyBbr46EI+U6o/g==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:07:10 2025 by rpki-client