Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: IGpmHnO7CXcHlx8IvPmyJRcyDn61KfCoAhg8Y6Es0TY=
Subject key identifier: FE:B7:9F:A7:84:85:17:68:25:1B:43:37:C2:F9:CA:8C:B3:F5:E7:BE
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 20496E6EA490CED30C4A49A176331FC1133172B8
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
Signing time: Sun 24 Aug 2025 15:05:48 +0000
ROA not before: Sun 24 Aug 2025 15:00:48 +0000
ROA not after: Sun 23 Aug 2026 15:05:48 +0000
asID: 20473
IP address blocks: 2a0f:9400:610e::/48 maxlen: 48
2a0f:9400:6167::/48 maxlen: 48
2a0f:9400:690a::/48 maxlen: 48
2a0f:9400:690b::/48 maxlen: 48
2a0f:9400:693e::/48 maxlen: 48
2a0f:9400:750a::/48 maxlen: 48
2a0f:9400:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 00:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:49:6e:6e:a4:90:ce:d3:0c:4a:49:a1:76:33:1f:c1:13:31:72:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Aug 24 15:00:48 2025 GMT
Not After : Aug 23 15:05:48 2026 GMT
Subject: CN=FEB79FA784851768251B4337C2F9CA8CB3F5E7BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:93:04:ba:57:fb:8a:aa:90:e8:b1:52:ee:61:
8f:33:cf:d8:37:1b:ec:b9:8c:08:24:f7:fc:53:02:
01:84:64:e9:77:e7:22:a9:7a:c0:cb:cc:aa:51:21:
df:6c:b6:87:eb:b4:a8:7d:35:3a:85:ae:a8:3d:33:
44:40:6e:0d:3b:80:33:c5:96:1e:02:7d:f4:ae:87:
6b:07:74:e4:47:83:80:5e:eb:5e:55:fe:82:c8:e7:
c6:47:6e:27:74:97:ff:ec:7b:ae:a0:62:15:d6:2f:
28:12:89:90:6f:09:61:82:c2:bd:51:10:a5:27:82:
11:c8:6f:62:4b:9c:26:3f:fc:20:77:0c:4a:28:c4:
c0:27:0c:17:f6:3a:14:17:e5:f5:2d:df:a0:dc:d6:
c4:68:a1:c2:e8:75:5c:a8:f5:b4:43:9c:14:3c:74:
a5:8e:e4:9f:9a:42:07:e3:0f:73:55:88:60:14:35:
68:e0:4d:ac:48:0d:b7:2b:0c:96:32:f5:3d:ad:74:
b8:d4:5f:fb:04:fd:99:de:1b:0b:55:25:35:04:09:
33:9e:26:e1:9b:04:a5:30:f9:8d:20:fb:80:4d:50:
ce:01:88:01:b8:90:32:6a:80:77:a2:6d:4c:a1:6d:
4d:ff:fa:42:d4:59:67:41:47:a9:26:a4:6f:73:c9:
f5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B7:9F:A7:84:85:17:68:25:1B:43:37:C2:F9:CA:8C:B3:F5:E7:BE
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:610e::/48
2a0f:9400:6167::/48
2a0f:9400:690a::/47
2a0f:9400:693e::/48
2a0f:9400:750a::/48
2a0f:9400:8020::/48
Signature Algorithm: sha256WithRSAEncryption
1f:03:52:75:20:48:63:6a:03:bc:de:7e:0e:fc:3e:c2:4a:6f:
48:2f:1b:d5:3e:b3:16:b4:94:9c:05:a5:b5:e0:66:f7:1a:5f:
89:20:98:03:20:9d:d2:fa:eb:90:65:0c:23:93:52:a7:99:f2:
87:6a:42:5a:27:fc:b3:d5:fc:7e:81:7f:3c:14:05:29:04:8c:
f4:82:42:a3:be:38:bb:bc:8e:dd:12:01:be:96:62:c6:84:60:
bc:e7:56:71:35:c4:64:7b:ff:b3:0d:96:a4:5a:a2:de:b4:ac:
a7:44:34:6b:5c:17:18:3e:26:72:b7:ef:2b:0e:7f:1f:bf:2d:
a9:c9:f9:2f:1f:88:0b:85:b9:c3:15:43:95:d1:5c:0d:a0:1c:
48:a4:10:3b:27:c2:08:dd:76:e0:6c:22:22:cc:6b:04:42:05:
60:04:e1:6d:ba:91:ad:0d:70:cf:00:c5:02:a2:7c:f1:57:b6:
17:b3:eb:e8:db:2a:62:4c:c8:7e:f3:03:b1:48:d9:c2:28:6c:
3c:8d:84:e8:e5:02:5b:1b:14:91:ce:09:c1:3f:1a:f6:c1:4a:
4b:ba:74:76:59:92:9f:0d:9c:c5:6b:07:da:47:58:38:7b:0f:
77:d1:bf:02:19:e9:7c:eb:60:f6:2b:19:fd:e8:c2:76:8a:91:
db:66:68:f8
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUIElubqSQztMMSkmhdjMfwRMxcrgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNTA4MjQxNTAwNDhaFw0yNjA4MjMxNTA1NDhaMDMxMTAvBgNV
BAMTKEZFQjc5RkE3ODQ4NTE3NjgyNTFCNDMzN0MyRjlDQThDQjNGNUU3QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7kwS6V/uKqpDosVLuYY8zz9g3
G+y5jAgk9/xTAgGEZOl35yKpesDLzKpRId9stofrtKh9NTqFrqg9M0RAbg07gDPF
lh4CffSuh2sHdORHg4Be615V/oLI58ZHbid0l//se66gYhXWLygSiZBvCWGCwr1R
EKUnghHIb2JLnCY//CB3DEooxMAnDBf2OhQX5fUt36Dc1sRoocLodVyo9bRDnBQ8
dKWO5J+aQgfjD3NViGAUNWjgTaxIDbcrDJYy9T2tdLjUX/sE/ZneGwtVJTUECTOe
JuGbBKUw+Y0g+4BNUM4BiAG4kDJqgHeibUyhbU3/+kLUWWdBR6kmpG9zyfXRAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQU/refp4SFF2glG0M3wvnKjLP1574wHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBbBggrBgEFBQcBCwRPME0wSwYIKwYBBQUHMAuG
P3JzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIwNDczLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME8GCCsG
AQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKg+UAGEOAwcAKg+UAGFnAwcBKg+UAGkK
AwcAKg+UAGk+AwcAKg+UAHUKAwcAKg+UAIAgMA0GCSqGSIb3DQEBCwUAA4IBAQAf
A1J1IEhjagO83n4O/D7CSm9ILxvVPrMWtJScBaW14Gb3Gl+JIJgDIJ3S+uuQZQwj
k1KnmfKHakJaJ/yz1fx+gX88FAUpBIz0gkKjvji7vI7dEgG+lmLGhGC851ZxNcRk
e/+zDZakWqLetKynRDRrXBcYPiZyt+8rDn8fvy2pyfkvH4gLhbnDFUOV0VwNoBxI
pBA7J8II3XbgbCIizGsEQgVgBOFtupGtDXDPAMUConzxV7YXs+vo2ypiTMh+8wOx
SNnCKGw8jYTo5QJbGxSRzgnBPxr2wUpLunR2WZKfDZzFawfaR1g4ew930b8CGel8
62D2Kxn96MJ2ipHbZmj4
-----END CERTIFICATE-----
Generated at Thu Sep 18 07:51:53 2025 by rpki-client