Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: ZhpQLJae67OOq/oTvHy1JH7MsUDLG8Ea9h/XS21pNzI=
Subject key identifier: 88:DD:2F:B5:4D:69:8B:A2:96:D8:AF:FF:89:24:3C:AC:3F:28:95:25
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 3CFA157B6142938E940F5D64E09F842FF8202388
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
Signing time: Tue 23 May 2023 13:58:00 +0000
ROA not before: Tue 23 May 2023 13:53:00 +0000
ROA not after: Tue 21 May 2024 13:58:00 +0000
asID: 20473
IP address blocks: 2a0f:9400:6118::/48 maxlen: 48
2a0f:9400:6905::/48 maxlen: 48
2a0f:9400:693e::/48 maxlen: 48
2a0f:9400:750a::/48 maxlen: 48
2a0f:9400:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 Jun 2023 16:19:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:fa:15:7b:61:42:93:8e:94:0f:5d:64:e0:9f:84:2f:f8:20:23:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: May 23 13:53:00 2023 GMT
Not After : May 21 13:58:00 2024 GMT
Subject: CN=88DD2FB54D698BA296D8AFFF89243CAC3F289525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:bc:d8:2e:45:7a:9c:20:4a:d5:e2:67:e0:58:
ec:8e:58:f9:5f:3b:41:d3:1f:02:76:28:d5:2c:ef:
f6:c3:1f:bd:1a:30:b0:88:45:38:28:1b:77:38:e0:
e4:3c:af:5f:7d:7b:14:66:b4:80:1e:ec:a5:77:57:
80:ec:c1:47:6a:7b:4d:9f:a1:f5:82:96:65:9b:d1:
d4:49:5b:f3:80:fe:8e:26:8d:19:a0:3d:bb:d6:c9:
87:c0:18:fd:3b:13:66:d9:02:93:58:87:cf:ff:00:
49:7f:7e:70:7b:2d:39:99:c2:9b:e9:88:d9:5f:8f:
08:12:97:3e:3f:be:14:31:2d:a8:e2:99:4d:a1:c1:
a1:a8:36:ad:b8:ce:06:07:3c:91:d2:d4:e7:57:6c:
0b:e5:68:79:e5:49:c8:87:75:c0:2e:54:69:bb:0c:
d1:2e:fe:3b:fb:30:a4:0a:38:b7:62:42:ca:61:96:
64:cd:27:f0:aa:96:b7:2f:47:cd:0e:e4:6a:c9:07:
ce:41:58:5a:6c:9e:ac:18:aa:15:5d:90:06:2b:91:
ab:a7:b3:1a:f0:26:c6:d4:2e:2a:04:89:aa:95:84:
e9:52:3d:65:c6:fe:43:5b:27:c8:2a:22:87:e5:9a:
3a:aa:d3:16:28:ad:82:22:41:0a:ed:88:eb:0c:bb:
cc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:DD:2F:B5:4D:69:8B:A2:96:D8:AF:FF:89:24:3C:AC:3F:28:95:25
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6118::/48
2a0f:9400:6905::/48
2a0f:9400:693e::/48
2a0f:9400:750a::/48
2a0f:9400:8020::/48
Signature Algorithm: sha256WithRSAEncryption
b6:9e:78:ef:5b:06:8f:03:45:f7:ad:f2:c8:f5:2a:eb:60:44:
17:b2:ef:0e:f8:9a:f8:3f:5f:c0:6c:96:63:5d:47:a3:3e:da:
7a:0d:26:c0:e9:07:bf:ea:08:e4:38:ac:70:1c:19:d9:dc:89:
3c:c8:0c:71:cf:21:cf:fb:14:28:b0:1a:96:2c:33:6a:9b:e8:
a9:22:e7:40:3e:13:61:b8:9d:0e:53:db:47:39:76:b6:18:a7:
50:3c:d0:bb:8a:e8:9b:37:1b:08:eb:31:36:6d:6b:29:a8:9a:
6c:dc:7a:b5:54:f0:1a:6c:5a:71:2e:a9:ee:51:88:44:49:6b:
3c:c3:29:26:e4:86:0b:08:e9:43:1f:95:1f:22:e9:77:99:f1:
e3:4d:49:71:30:40:ea:56:29:4d:0b:70:1e:d9:ed:b3:27:ff:
ec:ed:f7:9d:5d:6b:0e:4c:b7:ff:0d:39:73:cf:62:d8:61:6c:
4e:a5:56:fb:f7:6d:f0:c4:af:fb:dc:dc:22:70:3b:57:95:25:
ff:be:c7:4d:b1:e6:51:84:26:82:81:30:e0:f5:6d:5f:06:4b:
9a:d2:cf:72:f3:90:95:9c:db:f1:dc:c6:87:3f:7c:cf:e8:de:
90:f6:66:4b:ce:c8:19:05:c3:1d:db:11:01:2a:6e:ba:40:73:
da:8e:0a:a8
-----BEGIN CERTIFICATE-----
MIIE4jCCA8qgAwIBAgIUPPoVe2FCk46UD11k4J+EL/ggI4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yMzA1MjMxMzUzMDBaFw0yNDA1MjExMzU4MDBaMDMxMTAvBgNV
BAMTKDg4REQyRkI1NEQ2OThCQTI5NkQ4QUZGRjg5MjQzQ0FDM0YyODk1MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfvNguRXqcIErV4mfgWOyOWPlf
O0HTHwJ2KNUs7/bDH70aMLCIRTgoG3c44OQ8r199exRmtIAe7KV3V4DswUdqe02f
ofWClmWb0dRJW/OA/o4mjRmgPbvWyYfAGP07E2bZApNYh8//AEl/fnB7LTmZwpvp
iNlfjwgSlz4/vhQxLajimU2hwaGoNq24zgYHPJHS1OdXbAvlaHnlSciHdcAuVGm7
DNEu/jv7MKQKOLdiQsphlmTNJ/CqlrcvR80O5GrJB85BWFpsnqwYqhVdkAYrkaun
sxrwJsbULioEiaqVhOlSPWXG/kNbJ8gqIoflmjqq0xYorYIiQQrtiOsMu8xVAgMB
AAGjggHsMIIB6DAdBgNVHQ4EFgQUiN0vtU1pi6KW2K//iSQ8rD8olSUwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBbBggrBgEFBQcBCwRPME0wSwYIKwYBBQUHMAuG
P3JzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIwNDczLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsG
AQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKg+UAGEYAwcAKg+UAGkFAwcAKg+UAGk+
AwcAKg+UAHUKAwcAKg+UAIAgMA0GCSqGSIb3DQEBCwUAA4IBAQC2nnjvWwaPA0X3
rfLI9SrrYEQXsu8O+Jr4P1/AbJZjXUejPtp6DSbA6Qe/6gjkOKxwHBnZ3Ik8yAxx
zyHP+xQosBqWLDNqm+ipIudAPhNhuJ0OU9tHOXa2GKdQPNC7iuibNxsI6zE2bWsp
qJps3Hq1VPAabFpxLqnuUYhESWs8wykm5IYLCOlDH5UfIul3mfHjTUlxMEDqVilN
C3Ae2e2zJ//s7fedXWsOTLf/DTlzz2LYYWxOpVb7923wxK/73NwicDtXlSX/vsdN
seZRhCaCgTDg9W1fBkua0s9y85CVnNvx3MaHP3zP6N6Q9mZLzsgZBcMd2xEBKm66
QHPajgqo
-----END CERTIFICATE-----
Generated at Wed May 31 19:52:13 2023 by rpki-client on console-fra.rpki-client.org