Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: K5m7tbXEmSfNiX6kOmM9U2I/2qtxlZRzC588Nx9s83U=
Subject key identifier: 57:63:52:E7:E5:BD:BA:2A:0B:C7:DE:E8:FB:1F:A2:49:2B:68:85:02
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 57C19D9661A64E344429A9C64E1E54CF8F343A19
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
Signing time: Thu 14 Nov 2024 15:46:13 +0000
ROA not before: Thu 14 Nov 2024 15:41:13 +0000
ROA not after: Thu 13 Nov 2025 15:46:13 +0000
asID: 20473
IP address blocks: 2a0f:9400:610e::/48 maxlen: 48
2a0f:9400:610f::/48 maxlen: 48
2a0f:9400:6118::/48 maxlen: 48
2a0f:9400:6165::/48 maxlen: 48
2a0f:9400:6167::/48 maxlen: 48
2a0f:9400:690a::/48 maxlen: 48
2a0f:9400:690b::/48 maxlen: 48
2a0f:9400:690e::/48 maxlen: 48
2a0f:9400:693e::/48 maxlen: 48
2a0f:9400:7386::/48 maxlen: 48
2a0f:9400:750a::/48 maxlen: 48
2a0f:9400:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:c1:9d:96:61:a6:4e:34:44:29:a9:c6:4e:1e:54:cf:8f:34:3a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Nov 14 15:41:13 2024 GMT
Not After : Nov 13 15:46:13 2025 GMT
Subject: CN=576352E7E5BDBA2A0BC7DEE8FB1FA2492B688502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:bf:9f:50:fb:b4:02:4c:d0:79:af:c6:be:4d:
f2:ed:82:f5:7a:69:37:f4:b5:c8:fa:b0:da:0f:78:
77:c5:a4:24:a5:46:a0:c8:33:bb:de:c2:b5:a7:15:
29:d7:ea:00:94:8e:8b:37:2b:73:ec:04:f1:6a:82:
0a:0c:22:4e:b2:8b:dc:d4:0a:2e:f4:3f:4f:fa:c5:
22:2d:97:2a:30:63:bc:9b:76:dc:8a:0c:0f:2c:50:
e3:d3:b9:4b:57:a6:04:20:2e:78:0e:19:4b:34:44:
60:b3:14:45:90:f6:ea:67:7d:54:04:10:1a:7f:c5:
18:ec:be:e9:18:b8:3d:02:fa:56:bd:1b:60:b6:e7:
03:bc:8e:13:d6:77:d5:70:75:e9:6e:b3:49:2b:af:
6b:8f:62:2b:cf:c5:30:96:66:e3:70:84:e0:a3:57:
c7:58:7c:d4:bc:2e:84:06:c3:54:1a:9a:44:1e:f3:
93:62:36:70:b5:09:ee:c7:01:53:a0:02:fe:2d:01:
b6:bd:26:00:0d:08:da:74:82:d4:00:0b:6f:00:fa:
d3:0b:32:82:60:d0:3a:27:ca:5c:3d:12:61:72:b6:
cc:1b:da:3f:e5:aa:77:24:99:d6:72:f8:be:f8:65:
d5:83:a3:ce:e5:61:6b:2f:8a:7b:a1:30:4a:85:12:
c9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:63:52:E7:E5:BD:BA:2A:0B:C7:DE:E8:FB:1F:A2:49:2B:68:85:02
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:610e::/47
2a0f:9400:6118::/48
2a0f:9400:6165::/48
2a0f:9400:6167::/48
2a0f:9400:690a::/47
2a0f:9400:690e::/48
2a0f:9400:693e::/48
2a0f:9400:7386::/48
2a0f:9400:750a::/48
2a0f:9400:8020::/48
Signature Algorithm: sha256WithRSAEncryption
1f:6c:2d:a5:9e:f9:53:2e:7d:7f:ec:76:e8:ac:73:02:7f:42:
56:6f:ac:76:9a:e7:ff:ad:8a:76:b0:96:32:bf:60:a2:f0:fd:
c4:50:3c:cb:02:5b:85:4c:10:6b:9a:10:40:18:d1:75:74:cc:
89:3f:c1:27:f5:b6:c5:93:f9:ed:5b:46:dc:77:d3:08:23:fe:
17:b4:2d:ca:04:16:16:fd:08:09:34:04:35:e2:9f:c5:b5:7b:
93:51:b9:13:cf:9b:92:85:7c:e9:68:c6:b9:42:37:66:b3:d2:
04:c3:17:1d:6f:f3:ab:6e:c3:7f:72:2b:aa:3b:46:cb:ab:d1:
57:dd:96:2d:4b:a5:ba:09:78:25:5a:44:1a:36:5e:1a:8b:ee:
e1:c8:05:79:bd:72:9d:34:90:42:9a:47:58:14:a3:98:07:57:
e7:5f:27:1f:ae:80:22:0f:20:c8:1f:03:39:9c:78:45:8b:48:
a6:ea:bd:6c:26:ae:4d:ee:f9:9f:b4:1c:1f:f5:b3:7d:05:bb:
d8:90:88:c6:b3:03:05:7e:70:39:7b:37:80:c5:fd:f0:65:90:
db:da:5d:b3:86:2a:66:e4:c8:1f:26:ba:94:61:54:13:77:36:
01:a6:d4:d8:f8:ac:bc:14:ac:5e:13:34:23:46:0e:ec:5e:b3:
25:84:d1:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIUV8GdlmGmTjREKanGTh5Uz480OhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDExMTQxNTQxMTNaFw0yNTExMTMxNTQ2MTNaMDMxMTAvBgNV
BAMTKDU3NjM1MkU3RTVCREJBMkEwQkM3REVFOEZCMUZBMjQ5MkI2ODg1MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHv59Q+7QCTNB5r8a+TfLtgvV6
aTf0tcj6sNoPeHfFpCSlRqDIM7vewrWnFSnX6gCUjos3K3PsBPFqggoMIk6yi9zU
Ci70P0/6xSItlyowY7ybdtyKDA8sUOPTuUtXpgQgLngOGUs0RGCzFEWQ9upnfVQE
EBp/xRjsvukYuD0C+la9G2C25wO8jhPWd9Vwdelus0krr2uPYivPxTCWZuNwhOCj
V8dYfNS8LoQGw1QamkQe85NiNnC1Ce7HAVOgAv4tAba9JgANCNp0gtQAC28A+tML
MoJg0Donylw9EmFytswb2j/lqnckmdZy+L74ZdWDo87lYWsvinuhMEqFEsm5AgMB
AAGjggIZMIICFTAdBgNVHQ4EFgQUV2NS5+W9uioLx97o+x+iSStohQIwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBbBggrBgEFBQcBCwRPME0wSwYIKwYBBQUHMAuG
P3JzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIwNDczLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHMGCCsG
AQUFBwEHAQH/BGQwYjBgBAIAAjBaAwcBKg+UAGEOAwcAKg+UAGEYAwcAKg+UAGFl
AwcAKg+UAGFnAwcBKg+UAGkKAwcAKg+UAGkOAwcAKg+UAGk+AwcAKg+UAHOGAwcA
Kg+UAHUKAwcAKg+UAIAgMA0GCSqGSIb3DQEBCwUAA4IBAQAfbC2lnvlTLn1/7Hbo
rHMCf0JWb6x2muf/rYp2sJYyv2Ci8P3EUDzLAluFTBBrmhBAGNF1dMyJP8En9bbF
k/ntW0bcd9MII/4XtC3KBBYW/QgJNAQ14p/FtXuTUbkTz5uShXzpaMa5Qjdms9IE
wxcdb/OrbsN/ciuqO0bLq9FX3ZYtS6W6CXglWkQaNl4ai+7hyAV5vXKdNJBCmkdY
FKOYB1fnXycfroAiDyDIHwM5nHhFi0im6r1sJq5N7vmftBwf9bN9BbvYkIjGswMF
fnA5ezeAxf3wZZDb2l2zhipm5MgfJrqUYVQTdzYBptTY+Ky8FKxeEzQjRg7sXrMl
hNHk
-----END CERTIFICATE-----
Generated at Sun Nov 24 08:35:57 2024 by rpki-client on console-ams.rpki-client.org