Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS204508.roa
File: AS204508.roa (raw, json)
Hash identifier: FRU0xXDCa30q82agMaetXWgNC8CHZC6XFaWOuURIrR4=
Subject key identifier: FB:07:9C:35:F7:DF:60:18:B6:81:B6:F9:63:32:52:CD:7F:34:4B:C0
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 0E0CA2E3C748F8AF3A5A6A0FCB9169EFBE6FCF17
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS204508.roa
Signing time: Mon 13 Jan 2025 19:00:34 +0000
ROA not before: Mon 13 Jan 2025 18:55:34 +0000
ROA not after: Mon 12 Jan 2026 19:00:34 +0000
asID: 204508
IP address blocks: 2a0f:9400:6111::/48 maxlen: 48
2a0f:9400:611d::/48 maxlen: 48
2a0f:9400:690d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:0c:a2:e3:c7:48:f8:af:3a:5a:6a:0f:cb:91:69:ef:be:6f:cf:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Jan 13 18:55:34 2025 GMT
Not After : Jan 12 19:00:34 2026 GMT
Subject: CN=FB079C35F7DF6018B681B6F9633252CD7F344BC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:47:ae:68:54:2d:76:7b:12:55:66:aa:b2:69:
7d:a1:fb:0b:45:b2:0c:4a:75:b5:24:01:24:0d:d9:
b8:82:5e:f1:11:69:29:54:94:22:21:a2:e0:d7:4b:
00:13:e0:2a:90:27:40:54:85:27:17:31:0d:fa:a8:
be:83:d7:32:c8:99:93:f6:50:55:18:01:5b:90:b1:
38:2a:0e:14:51:ea:cb:01:4b:f6:68:3e:d7:9f:96:
4c:7e:c9:c7:b8:a8:48:e0:32:cc:06:a6:65:56:9e:
51:05:df:b8:7a:6d:da:41:41:8e:99:98:0b:d2:df:
4e:0a:64:bb:ab:df:f5:c5:ca:41:7f:7a:4b:f3:f3:
39:db:38:41:f1:84:d1:a4:e2:6b:85:18:81:b8:7f:
49:22:0e:1c:75:f8:4c:4a:bf:ed:2e:c5:ee:8f:65:
b1:51:dc:3b:1c:d2:4c:95:f4:6e:44:55:cf:c9:15:
72:70:e5:24:af:c2:95:5c:38:eb:ee:9f:40:b0:b0:
f2:f5:cd:98:95:ba:78:b5:0f:2d:8f:ba:d1:10:e0:
88:71:02:e2:e3:09:6d:42:73:9a:25:fb:ed:a5:f1:
c2:48:3a:16:f0:93:fd:66:da:68:33:ce:0c:0b:c2:
4b:9b:5e:76:24:2d:16:c9:24:5f:d6:f5:9e:16:14:
e4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:07:9C:35:F7:DF:60:18:B6:81:B6:F9:63:32:52:CD:7F:34:4B:C0
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS204508.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6111::/48
2a0f:9400:611d::/48
2a0f:9400:690d::/48
Signature Algorithm: sha256WithRSAEncryption
af:d7:98:c3:2f:9f:3a:a9:3d:e3:53:68:86:10:83:4c:f8:2d:
9d:be:83:31:64:a5:aa:a9:ef:e5:fc:f3:77:c6:e5:62:cd:21:
2f:7a:87:47:50:24:eb:5c:b1:f6:83:10:06:1d:50:9e:da:4e:
ba:23:e1:f5:41:af:8a:8b:90:25:55:8f:02:87:99:78:4d:e6:
86:ef:69:b8:96:79:91:a5:47:5c:28:eb:ec:65:e6:53:ad:d8:
16:8a:f9:5a:d6:70:8e:b2:6d:8c:be:2b:65:24:d6:e7:3c:a6:
cf:9a:c6:a8:e3:f0:9b:79:26:9d:90:d4:ba:02:39:60:f2:07:
9c:f3:46:f9:21:e2:9c:0b:85:e3:b0:00:bd:d7:c7:8c:6a:97:
d2:a0:0c:16:6a:13:2e:9f:f8:87:fc:b5:d0:a0:ef:1b:9e:1e:
e2:bf:49:0a:63:9b:21:06:91:08:1b:19:80:61:76:6a:2e:15:
81:c3:02:2f:71:43:0b:7f:92:94:c8:e6:5d:e7:1f:5c:dc:b7:
6c:61:fc:9b:11:29:33:2a:f8:a3:fc:be:03:54:61:34:80:c9:
73:0f:8c:e2:8c:6b:61:bb:66:64:5a:34:bf:1d:15:a1:3c:68:
68:78:f8:ed:0b:28:6d:b8:78:f1:a1:5a:a4:b8:38:0b:d4:29:
82:00:b5:9d
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUDgyi48dI+K86WmoPy5Fp775vzxcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNTAxMTMxODU1MzRaFw0yNjAxMTIxOTAwMzRaMDMxMTAvBgNV
BAMTKEZCMDc5QzM1RjdERjYwMThCNjgxQjZGOTYzMzI1MkNEN0YzNDRCQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUR65oVC12exJVZqqyaX2h+wtF
sgxKdbUkASQN2biCXvERaSlUlCIhouDXSwAT4CqQJ0BUhScXMQ36qL6D1zLImZP2
UFUYAVuQsTgqDhRR6ssBS/ZoPteflkx+yce4qEjgMswGpmVWnlEF37h6bdpBQY6Z
mAvS304KZLur3/XFykF/ekvz8znbOEHxhNGk4muFGIG4f0kiDhx1+ExKv+0uxe6P
ZbFR3Dsc0kyV9G5EVc/JFXJw5SSvwpVcOOvun0CwsPL1zZiVuni1Dy2PutEQ4Ihx
AuLjCW1Cc5ol++2l8cJIOhbwk/1m2mgzzgwLwkubXnYkLRbJJF/W9Z4WFOQVAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQU+wecNfffYBi2gbb5YzJSzX80S8AwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIwNDUwOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0Bggr
BgEFBQcBBwEB/wQlMCMwIQQCAAIwGwMHACoPlABhEQMHACoPlABhHQMHACoPlABp
DTANBgkqhkiG9w0BAQsFAAOCAQEAr9eYwy+fOqk941NohhCDTPgtnb6DMWSlqqnv
5fzzd8blYs0hL3qHR1Ak61yx9oMQBh1QntpOuiPh9UGviouQJVWPAoeZeE3mhu9p
uJZ5kaVHXCjr7GXmU63YFor5WtZwjrJtjL4rZSTW5zymz5rGqOPwm3kmnZDUugI5
YPIHnPNG+SHinAuF47AAvdfHjGqX0qAMFmoTLp/4h/y10KDvG54e4r9JCmObIQaR
CBsZgGF2ai4VgcMCL3FDC3+SlMjmXecfXNy3bGH8mxEpMyr4o/y+A1RhNIDJcw+M
4oxrYbtmZFo0vx0VoTxoaHj47Qsobbh48aFapLg4C9QpggC1nQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:12:25 2025 by rpki-client