Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211066.roa
File: AS211066.roa (raw, json)
Hash identifier: r9rSBn7y+tO0wTbiFrYphLKowbCoXe0p32jnRTpFjGU=
Subject key identifier: 13:3D:F3:AE:43:7B:0B:9D:80:8A:74:AA:67:DE:3E:ED:BA:65:99:72
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 23D967C7B79E3BFBCCFA37B65756E7CF384959F4
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211066.roa
Signing time: Sat 27 Jul 2024 05:47:03 +0000
ROA not before: Sat 27 Jul 2024 05:42:03 +0000
ROA not after: Sat 26 Jul 2025 05:47:03 +0000
asID: 211066
IP address blocks: 2a0f:9400:7722::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:d9:67:c7:b7:9e:3b:fb:cc:fa:37:b6:57:56:e7:cf:38:49:59:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Jul 27 05:42:03 2024 GMT
Not After : Jul 26 05:47:03 2025 GMT
Subject: CN=133DF3AE437B0B9D808A74AA67DE3EEDBA659972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d4:2b:d1:ad:b2:00:4f:a8:6a:cb:7f:5b:e7:
3d:9b:5b:f4:c6:3d:d5:39:f7:09:a5:55:b9:b0:b8:
09:2e:a6:91:b2:91:fa:d4:4d:8d:f1:ae:8a:7a:17:
e3:d2:5a:c9:02:26:56:ae:94:ed:33:d0:ca:d3:bc:
7a:0c:70:32:6f:46:f6:1f:ec:97:e7:2d:30:fe:73:
ca:35:3c:1f:fc:1b:19:09:81:1a:7a:35:78:65:59:
e8:bd:cd:83:b8:a2:1f:73:24:c3:13:13:6f:3c:a5:
b0:39:3d:3b:e4:1f:7c:43:81:27:ab:0b:56:eb:62:
3e:a8:0a:a2:02:68:f9:b9:ab:e7:04:d0:f8:41:1d:
f7:f4:bc:02:c7:3a:77:1b:e0:03:99:82:6a:3f:ef:
67:f6:f0:59:fb:7c:dc:60:c4:32:b3:4f:7f:64:08:
f4:a8:bd:92:f0:ac:33:e8:11:6c:6c:bc:27:78:c0:
70:72:d1:7e:07:f1:0d:54:c7:49:f0:b6:e8:ae:7d:
43:79:b9:89:24:a4:2e:92:b0:d3:63:56:89:01:5b:
46:63:9b:b6:1a:f8:7b:10:b1:e4:8b:bf:69:fb:9e:
a0:96:36:8f:2a:f0:83:f2:5e:61:c6:b5:1b:69:a9:
8d:5e:ac:b8:cd:fd:a1:35:8b:83:31:45:27:f3:ef:
34:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:3D:F3:AE:43:7B:0B:9D:80:8A:74:AA:67:DE:3E:ED:BA:65:99:72
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211066.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:7722::/48
Signature Algorithm: sha256WithRSAEncryption
1a:0a:56:25:3d:6a:9b:c7:2d:25:5a:c3:4a:e4:46:34:37:9e:
70:e5:fd:9d:a2:4e:f8:0a:fc:60:81:11:ad:b8:36:8a:25:ff:
35:b0:78:1d:c3:2a:f1:d6:09:98:67:6b:51:48:3d:a2:7e:f1:
97:b8:07:25:d9:87:07:3f:36:0f:fa:f2:47:96:bb:7a:10:39:
b0:7c:de:3b:a1:65:5c:39:ca:7f:b2:f9:b4:12:55:a6:53:20:
e0:62:88:b6:0d:d5:26:7e:a3:a8:b8:f7:ca:12:94:90:ce:d8:
bf:c9:6e:23:a9:b3:02:33:03:4d:07:9b:4a:6e:d1:cd:ad:5e:
ae:28:ec:2b:9d:f6:d0:5f:b5:6b:c7:11:6f:15:a8:ae:77:f7:
b3:f6:da:c4:b5:49:57:75:3e:0b:03:53:95:60:c1:9a:09:b2:
ae:a6:14:af:f5:b6:2d:d2:92:5e:69:f4:e1:2f:bd:2f:78:bc:
9c:2c:3a:aa:9f:78:e9:8f:98:5b:fb:ad:7a:71:31:5d:96:eb:
e8:e8:0e:73:71:19:48:ad:ad:ba:cc:7f:40:d3:62:da:fd:50:
95:ce:1f:20:00:50:6b:19:07:6c:19:9d:9c:93:ed:d6:12:5a:
ab:c0:7f:d5:0f:31:47:b6:3a:81:61:7b:8c:8f:b6:dd:84:e7:
c6:9a:66:f0
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUI9lnx7eeO/vM+je2V1bnzzhJWfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDA3MjcwNTQyMDNaFw0yNTA3MjYwNTQ3MDNaMDMxMTAvBgNV
BAMTKDEzM0RGM0FFNDM3QjBCOUQ4MDhBNzRBQTY3REUzRUVEQkE2NTk5NzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv1CvRrbIAT6hqy39b5z2bW/TG
PdU59wmlVbmwuAkuppGykfrUTY3xrop6F+PSWskCJlaulO0z0MrTvHoMcDJvRvYf
7JfnLTD+c8o1PB/8GxkJgRp6NXhlWei9zYO4oh9zJMMTE288pbA5PTvkH3xDgSer
C1brYj6oCqICaPm5q+cE0PhBHff0vALHOncb4AOZgmo/72f28Fn7fNxgxDKzT39k
CPSovZLwrDPoEWxsvCd4wHBy0X4H8Q1Ux0nwtuiufUN5uYkkpC6SsNNjVokBW0Zj
m7Ya+HsQseSLv2n7nqCWNo8q8IPyXmHGtRtpqY1erLjN/aE1i4MxRSfz7zSDAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUEz3zrkN7C52AinSqZ94+7bplmXIwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxMTA2Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlAB3IjANBgkqhkiG9w0BAQsFAAOC
AQEAGgpWJT1qm8ctJVrDSuRGNDeecOX9naJO+Ar8YIERrbg2iiX/NbB4HcMq8dYJ
mGdrUUg9on7xl7gHJdmHBz82D/ryR5a7ehA5sHzeO6FlXDnKf7L5tBJVplMg4GKI
tg3VJn6jqLj3yhKUkM7Yv8luI6mzAjMDTQebSm7Rza1erijsK5320F+1a8cRbxWo
rnf3s/baxLVJV3U+CwNTlWDBmgmyrqYUr/W2LdKSXmn04S+9L3i8nCw6qp946Y+Y
W/utenExXZbr6OgOc3EZSK2tusx/QNNi2v1Qlc4fIABQaxkHbBmdnJPt1hJaq8B/
1Q8xR7Y6gWF7jI+23YTnxppm8A==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:54:22 2024 by rpki-client on console-fra.rpki-client.org