Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: nzxd2R+0mnl7/O8hF824Fm+0Lo7H3tK0I5Rd5XSBOvs=
Subject key identifier: E6:13:65:5F:53:26:75:41:AF:06:6C:7E:DD:82:E6:5C:B4:7C:A3:FF
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 1535B7BBC297167BC66488D0A4C27A87B6A94765
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
Signing time: Tue 11 Feb 2025 11:30:48 +0000
ROA not before: Tue 11 Feb 2025 11:25:48 +0000
ROA not after: Tue 10 Feb 2026 11:30:48 +0000
asID: 20473
IP address blocks: 2a0f:9400:610e::/48 maxlen: 48
2a0f:9400:6118::/48 maxlen: 48
2a0f:9400:6165::/48 maxlen: 48
2a0f:9400:6167::/48 maxlen: 48
2a0f:9400:690a::/48 maxlen: 48
2a0f:9400:690b::/48 maxlen: 48
2a0f:9400:690e::/48 maxlen: 48
2a0f:9400:693e::/48 maxlen: 48
2a0f:9400:7386::/48 maxlen: 48
2a0f:9400:750a::/48 maxlen: 48
2a0f:9400:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:35:b7:bb:c2:97:16:7b:c6:64:88:d0:a4:c2:7a:87:b6:a9:47:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Feb 11 11:25:48 2025 GMT
Not After : Feb 10 11:30:48 2026 GMT
Subject: CN=E613655F53267541AF066C7EDD82E65CB47CA3FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:44:ec:42:3a:c2:78:cb:2f:f9:c8:fb:07:fd:
28:35:57:20:d2:ff:2b:dd:3c:53:df:7b:71:6c:c1:
c0:1e:a4:f5:d4:75:bb:b8:f8:b5:e1:6c:0f:8b:23:
e8:ee:59:9a:65:2c:c5:34:a9:36:cb:03:57:b2:c1:
0e:2c:d9:9f:02:b5:be:6c:f7:d6:63:75:19:d7:55:
a4:d6:71:fa:7a:27:27:fa:6f:a6:8c:58:b6:63:d4:
7b:63:76:0b:fc:21:29:54:c8:3c:47:7c:f0:0e:2d:
ca:5c:52:66:3c:05:b6:55:fd:86:bd:06:4e:20:16:
f5:27:4b:02:6b:39:f3:7b:6b:b1:21:47:10:b6:6b:
08:fe:b3:11:23:3b:fd:96:05:25:18:71:42:19:1c:
a8:0f:17:e1:a4:51:a5:c5:a3:ed:30:57:77:14:be:
37:93:63:27:f3:57:84:13:b5:04:c2:98:d8:97:ab:
93:c9:9c:24:95:3f:7f:ba:c4:35:63:06:64:ae:c6:
8f:ef:c0:ad:57:8d:a5:57:b5:b6:19:94:67:91:e1:
1b:ca:48:57:ac:b4:71:6b:af:e5:63:e9:b0:49:c9:
22:bd:58:25:90:7a:03:db:c6:b3:43:f8:52:84:fb:
9e:0c:44:44:de:f2:3a:65:86:ca:16:71:87:d4:b5:
ea:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:13:65:5F:53:26:75:41:AF:06:6C:7E:DD:82:E6:5C:B4:7C:A3:FF
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:610e::/48
2a0f:9400:6118::/48
2a0f:9400:6165::/48
2a0f:9400:6167::/48
2a0f:9400:690a::/47
2a0f:9400:690e::/48
2a0f:9400:693e::/48
2a0f:9400:7386::/48
2a0f:9400:750a::/48
2a0f:9400:8020::/48
Signature Algorithm: sha256WithRSAEncryption
98:73:13:f3:12:4f:a3:52:c7:f4:ac:d6:c2:3f:ad:d6:ae:d8:
b3:d8:b6:22:d0:b5:cb:47:aa:c3:b0:fe:42:7e:d0:c5:7a:7c:
21:7c:fa:45:48:c1:23:be:53:7e:55:b8:fa:92:55:07:52:e7:
14:97:c3:82:39:03:f5:9c:1f:2f:14:7d:56:7b:43:4e:5f:8a:
6b:0c:26:8e:95:1b:4f:e8:72:ec:7e:89:5a:b0:40:bf:66:b6:
63:34:4f:33:5f:63:ea:bf:27:ba:81:9e:4f:8b:da:5f:2f:9d:
40:46:9e:d2:f5:f7:a7:4a:7c:9a:62:9a:96:00:89:43:70:d7:
21:06:96:10:b1:38:4c:56:75:64:96:fc:e5:96:33:5b:3a:a6:
c5:1c:c6:db:97:9c:72:a0:3d:71:78:a9:77:60:77:f4:28:d0:
7a:f2:63:f5:42:d0:90:22:29:cb:d1:6f:87:3b:9e:25:e7:38:
51:27:73:d1:da:9b:44:32:bb:d2:df:37:05:21:f0:73:18:31:
6b:9c:f7:0b:9f:54:7a:47:95:57:06:a2:89:65:b9:28:02:99:
c6:1e:81:61:2b:8f:85:2a:fb:34:60:7a:f7:5e:15:bb:86:1d:
6d:40:62:ff:53:6a:ea:b4:d5:3e:87:92:55:a0:07:ac:8b:45:
60:e5:34:e1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIUFTW3u8KXFnvGZIjQpMJ6h7apR2UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNTAyMTExMTI1NDhaFw0yNjAyMTAxMTMwNDhaMDMxMTAvBgNV
BAMTKEU2MTM2NTVGNTMyNjc1NDFBRjA2NkM3RUREODJFNjVDQjQ3Q0EzRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkROxCOsJ4yy/5yPsH/Sg1VyDS
/yvdPFPfe3FswcAepPXUdbu4+LXhbA+LI+juWZplLMU0qTbLA1eywQ4s2Z8Ctb5s
99ZjdRnXVaTWcfp6Jyf6b6aMWLZj1Htjdgv8ISlUyDxHfPAOLcpcUmY8BbZV/Ya9
Bk4gFvUnSwJrOfN7a7EhRxC2awj+sxEjO/2WBSUYcUIZHKgPF+GkUaXFo+0wV3cU
vjeTYyfzV4QTtQTCmNiXq5PJnCSVP3+6xDVjBmSuxo/vwK1XjaVXtbYZlGeR4RvK
SFestHFrr+Vj6bBJySK9WCWQegPbxrND+FKE+54MRETe8jplhsoWcYfUterDAgMB
AAGjggIZMIICFTAdBgNVHQ4EFgQU5hNlX1MmdUGvBmx+3YLmXLR8o/8wHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBbBggrBgEFBQcBCwRPME0wSwYIKwYBBQUHMAuG
P3JzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIwNDczLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHMGCCsG
AQUFBwEHAQH/BGQwYjBgBAIAAjBaAwcAKg+UAGEOAwcAKg+UAGEYAwcAKg+UAGFl
AwcAKg+UAGFnAwcBKg+UAGkKAwcAKg+UAGkOAwcAKg+UAGk+AwcAKg+UAHOGAwcA
Kg+UAHUKAwcAKg+UAIAgMA0GCSqGSIb3DQEBCwUAA4IBAQCYcxPzEk+jUsf0rNbC
P63Wrtiz2LYi0LXLR6rDsP5CftDFenwhfPpFSMEjvlN+Vbj6klUHUucUl8OCOQP1
nB8vFH1We0NOX4prDCaOlRtP6HLsfolasEC/ZrZjNE8zX2Pqvye6gZ5Pi9pfL51A
Rp7S9fenSnyaYpqWAIlDcNchBpYQsThMVnVklvzlljNbOqbFHMbbl5xyoD1xeKl3
YHf0KNB68mP1QtCQIinL0W+HO54l5zhRJ3PR2ptEMrvS3zcFIfBzGDFrnPcLn1R6
R5VXBqKJZbkoApnGHoFhK4+FKvs0YHr3XhW7hh1tQGL/U2rqtNU+h5JVoAesi0Vg
5TTh
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:11:16 2025 by rpki-client