Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS210440.roa
File: AS210440.roa (raw, json)
Hash identifier: nPlLdGm5TLc2R1u10jL1ZCLZa/Yq/mVw6ullnJaa5yc=
Subject key identifier: B5:50:7C:90:D8:E4:DD:03:4C:E1:78:C3:EB:AA:F3:C1:9A:7B:D1:F6
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 06E28EDE871364B25153EA4631EAB895A8FA224D
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS210440.roa
Signing time: Wed 16 Apr 2025 14:46:03 +0000
ROA not before: Wed 16 Apr 2025 14:41:03 +0000
ROA not after: Wed 15 Apr 2026 14:46:03 +0000
asID: 210440
IP address blocks: 2a0f:9400:6110::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 13:22:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:e2:8e:de:87:13:64:b2:51:53:ea:46:31:ea:b8:95:a8:fa:22:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Apr 16 14:41:03 2025 GMT
Not After : Apr 15 14:46:03 2026 GMT
Subject: CN=B5507C90D8E4DD034CE178C3EBAAF3C19A7BD1F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b2:87:65:dd:fa:c6:b6:65:11:05:75:7a:8f:
64:e0:d2:d0:d6:01:98:cf:c4:85:2d:61:ab:48:16:
14:06:b4:f2:10:20:4b:82:90:e4:56:52:51:a6:15:
26:2d:68:a3:64:92:0b:b0:ac:6e:91:1b:35:bb:11:
63:16:86:7d:ec:9e:c7:fb:b1:19:f1:76:79:63:9b:
08:cc:bf:ef:65:b7:d6:4b:20:a4:fc:dc:0d:a6:df:
69:39:bf:8e:66:46:22:0a:5c:3b:d0:2f:c7:74:b5:
6f:79:43:4b:d2:e9:3f:ef:5e:05:67:e5:9d:10:c4:
41:57:21:8b:2c:d5:1f:a6:dc:b4:79:29:15:bd:7d:
79:29:fe:d3:5d:73:cc:94:85:a7:70:d9:cf:6d:b2:
e3:6c:24:0b:f3:f3:8a:be:52:79:92:cb:3e:a0:7e:
b8:64:cb:2a:39:88:54:04:cc:10:3c:2c:b2:ce:0c:
f4:b0:f4:4f:df:1f:8d:62:f8:8b:2f:ee:09:ae:9f:
26:3c:ae:98:cf:31:85:56:ae:3d:9a:92:f8:ca:7c:
8d:4b:1e:98:e2:2b:f4:b9:b9:d0:cc:97:d8:46:39:
1b:61:27:d4:51:ee:71:d5:0c:b5:56:57:8f:8f:93:
c9:e6:70:2f:d2:41:d4:76:1e:6a:a1:47:30:92:7b:
12:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:50:7C:90:D8:E4:DD:03:4C:E1:78:C3:EB:AA:F3:C1:9A:7B:D1:F6
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS210440.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6110::/48
Signature Algorithm: sha256WithRSAEncryption
b0:4b:84:bb:ac:3e:fe:13:f5:e7:55:37:69:73:14:38:e9:14:
1e:94:13:2e:60:f2:49:14:54:9d:4b:fb:6c:ee:e6:7d:35:5d:
54:89:0a:4e:4f:4d:df:4a:e4:81:be:30:9c:14:4e:bf:da:d4:
06:b4:93:38:21:45:98:8d:21:a6:67:2b:fe:0d:6e:70:08:2c:
5d:b1:82:94:86:6f:f4:4b:a5:f9:5d:da:7d:df:13:b6:02:ed:
67:34:67:97:eb:3f:0b:6d:84:64:d7:a2:fa:5e:f2:3c:1e:58:
e3:3b:01:92:d5:34:30:a1:7f:6a:ab:73:dc:67:1e:b3:fb:86:
03:68:de:3e:5f:01:5e:6c:a4:7c:3a:3e:e3:e7:20:06:0b:67:
23:9b:0e:9b:62:da:d7:79:7a:2c:33:30:c8:f5:1d:8e:1b:a1:
b0:14:8a:9a:fe:4c:fc:df:d9:f1:0b:f0:b5:24:d0:59:13:7c:
99:f7:26:40:32:5e:b0:65:a2:c7:dd:57:98:ae:8a:3b:49:16:
86:40:7c:98:01:41:f1:40:f7:2c:7a:5d:d2:34:ce:92:e4:ee:
6c:f1:7a:de:e6:12:4c:15:39:77:cd:6f:36:c3:82:9f:85:d4:
3a:74:73:d9:eb:02:01:5b:b8:bf:fb:0c:16:fa:b9:17:5c:1e:
31:ea:bc:4c
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUBuKO3ocTZLJRU+pGMeq4laj6Ik0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNTA0MTYxNDQxMDNaFw0yNjA0MTUxNDQ2MDNaMDMxMTAvBgNV
BAMTKEI1NTA3QzkwRDhFNEREMDM0Q0UxNzhDM0VCQUFGM0MxOUE3QkQxRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpsodl3frGtmURBXV6j2Tg0tDW
AZjPxIUtYatIFhQGtPIQIEuCkORWUlGmFSYtaKNkkguwrG6RGzW7EWMWhn3snsf7
sRnxdnljmwjMv+9lt9ZLIKT83A2m32k5v45mRiIKXDvQL8d0tW95Q0vS6T/vXgVn
5Z0QxEFXIYss1R+m3LR5KRW9fXkp/tNdc8yUhadw2c9tsuNsJAvz84q+UnmSyz6g
frhkyyo5iFQEzBA8LLLODPSw9E/fH41i+Isv7gmunyY8rpjPMYVWrj2akvjKfI1L
HpjiK/S5udDMl9hGORthJ9RR7nHVDLVWV4+Pk8nmcC/SQdR2HmqhRzCSexI7AgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUtVB8kNjk3QNM4XjD66rzwZp70fYwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxMDQ0MC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlABhEDANBgkqhkiG9w0BAQsFAAOC
AQEAsEuEu6w+/hP151U3aXMUOOkUHpQTLmDySRRUnUv7bO7mfTVdVIkKTk9N30rk
gb4wnBROv9rUBrSTOCFFmI0hpmcr/g1ucAgsXbGClIZv9Eul+V3afd8TtgLtZzRn
l+s/C22EZNei+l7yPB5Y4zsBktU0MKF/aqtz3Gces/uGA2jePl8BXmykfDo+4+cg
BgtnI5sOm2La13l6LDMwyPUdjhuhsBSKmv5M/N/Z8QvwtSTQWRN8mfcmQDJesGWi
x91XmK6KO0kWhkB8mAFB8UD3LHpd0jTOkuTubPF63uYSTBU5d81vNsOCn4XUOnRz
2esCAVu4v/sMFvq5F1weMeq8TA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:22:06 2025 by rpki-client