Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS203333.roa
File: AS203333.roa (raw, json)
Hash identifier: y7qJvgP/KG6MRAt0BPHXFC/1oCcXURvEzJNa07w60Wo=
Subject key identifier: BD:31:62:44:78:21:0D:0B:CA:05:65:19:38:B6:9B:D8:CB:D0:69:DB
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 55DD6E389CDF7FD851024391B15E46A02246F816
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS203333.roa
Signing time: Sun 28 Apr 2024 16:14:43 +0000
ROA not before: Sun 28 Apr 2024 16:09:43 +0000
ROA not after: Sun 27 Apr 2025 16:14:43 +0000
asID: 203333
IP address blocks: 2a0f:9400:7383::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:dd:6e:38:9c:df:7f:d8:51:02:43:91:b1:5e:46:a0:22:46:f8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Apr 28 16:09:43 2024 GMT
Not After : Apr 27 16:14:43 2025 GMT
Subject: CN=BD31624478210D0BCA05651938B69BD8CBD069DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a8:0c:2a:f6:eb:04:3f:40:94:9b:93:c0:10:
2f:09:27:a2:ec:e8:ec:ab:17:5b:8c:b2:22:01:89:
f5:23:8b:aa:55:2e:13:39:4a:87:0b:91:66:d5:7b:
7c:2d:b3:76:c5:bb:99:ca:ac:67:67:62:58:40:48:
75:b4:9c:cb:5d:e3:93:d8:1a:42:bb:46:19:9a:a5:
b3:5d:48:9b:0a:68:8d:da:0c:fd:3f:33:95:c6:40:
ce:09:7b:85:22:12:b7:f5:6c:11:76:f2:33:5e:7a:
1e:6f:9e:99:8d:20:b8:fa:5c:4c:c7:35:42:e8:88:
35:43:76:1a:bd:c5:05:4c:f8:bb:13:b8:61:d2:56:
15:9e:f3:61:ff:9b:e3:34:1f:04:1c:c0:45:9f:fd:
f9:73:db:09:16:3e:b6:d7:fd:64:97:e9:91:77:ae:
57:96:c8:07:8f:d1:d5:e3:54:eb:16:8c:ea:21:7d:
79:30:f4:6e:3f:c3:ee:6a:96:39:01:0f:fd:7e:81:
1c:41:33:81:7b:58:08:46:f8:04:26:e2:4a:72:c9:
91:03:ca:8c:45:02:3e:b6:75:c7:ef:74:4f:ab:d8:
51:95:b5:15:b8:58:3c:f3:ad:7e:aa:21:c9:48:c1:
4f:32:e7:3b:7b:cb:8c:23:d7:76:7d:ae:6a:7c:16:
02:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:31:62:44:78:21:0D:0B:CA:05:65:19:38:B6:9B:D8:CB:D0:69:DB
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS203333.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:7383::/48
Signature Algorithm: sha256WithRSAEncryption
79:8c:ea:0b:61:7a:1e:8b:0c:74:63:3c:c3:fa:40:c0:4c:fe:
32:b8:67:32:6b:0a:0f:d5:91:08:6f:9d:fb:be:76:33:29:e8:
04:82:16:25:76:64:ea:e0:ff:3b:bb:64:ee:f4:98:1a:7a:15:
1a:9e:ff:0d:37:c5:05:4f:5b:1e:c3:0c:0f:9c:d3:19:f1:52:
43:ba:a3:fa:6b:bf:62:6a:8e:18:ff:8a:9f:2a:c7:9f:3b:c9:
7b:3e:1c:e9:3b:2c:aa:d5:dd:4a:25:f2:92:0e:4d:ac:a5:83:
45:f2:21:dd:00:3d:3a:7b:fc:e7:d8:fa:e8:6a:af:1e:17:9b:
a6:99:b3:85:da:07:c3:bd:35:9c:80:72:8f:74:77:cb:04:c0:
e4:be:86:1a:b8:c1:59:6f:30:f2:a7:46:02:38:f7:ac:23:27:
f5:b8:2b:13:d8:4e:97:57:9c:81:1c:62:0b:c1:8c:9b:11:11:
8c:8b:cd:39:86:2b:10:41:9f:57:16:05:94:9b:05:5b:eb:3f:
18:ee:f1:77:d6:e4:f6:c7:aa:4d:f8:2f:57:6b:2e:16:b5:98:
75:72:5f:97:b2:b6:9e:a6:a5:1f:b2:56:f6:fa:87:98:eb:e0:
71:c1:ab:c0:b9:1a:df:44:b8:ba:49:43:f7:e3:32:67:c0:e0:
8c:53:4e:15
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUVd1uOJzff9hRAkORsV5GoCJG+BYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDA0MjgxNjA5NDNaFw0yNTA0MjcxNjE0NDNaMDMxMTAvBgNV
BAMTKEJEMzE2MjQ0NzgyMTBEMEJDQTA1NjUxOTM4QjY5QkQ4Q0JEMDY5REIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbqAwq9usEP0CUm5PAEC8JJ6Ls
6OyrF1uMsiIBifUji6pVLhM5SocLkWbVe3wts3bFu5nKrGdnYlhASHW0nMtd45PY
GkK7RhmapbNdSJsKaI3aDP0/M5XGQM4Je4UiErf1bBF28jNeeh5vnpmNILj6XEzH
NULoiDVDdhq9xQVM+LsTuGHSVhWe82H/m+M0HwQcwEWf/flz2wkWPrbX/WSX6ZF3
rleWyAeP0dXjVOsWjOohfXkw9G4/w+5qljkBD/1+gRxBM4F7WAhG+AQm4kpyyZED
yoxFAj62dcfvdE+r2FGVtRW4WDzzrX6qIclIwU8y5zt7y4wj13Z9rmp8FgL3AgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUvTFiRHghDQvKBWUZOLab2MvQadswHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIwMzMzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlABzgzANBgkqhkiG9w0BAQsFAAOC
AQEAeYzqC2F6HosMdGM8w/pAwEz+MrhnMmsKD9WRCG+d+752MynoBIIWJXZk6uD/
O7tk7vSYGnoVGp7/DTfFBU9bHsMMD5zTGfFSQ7qj+mu/YmqOGP+KnyrHnzvJez4c
6TssqtXdSiXykg5NrKWDRfIh3QA9Onv859j66GqvHhebppmzhdoHw701nIByj3R3
ywTA5L6GGrjBWW8w8qdGAjj3rCMn9bgrE9hOl1ecgRxiC8GMmxERjIvNOYYrEEGf
VxYFlJsFW+s/GO7xd9bk9seqTfgvV2suFrWYdXJfl7K2nqalH7JW9vqHmOvgccGr
wLka30S4uklD9+MyZ8DgjFNOFQ==
-----END CERTIFICATE-----
Generated at Sat May 4 11:07:17 2024 by rpki-client on console-fra.rpki-client.org