Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211066.roa
File: AS211066.roa (raw, json)
Hash identifier: kOBUUCJ00akV+ofrPnHPGD4kc6syF7INNvMIY+Ijd7Y=
Subject key identifier: C4:69:41:3E:C9:F8:54:B5:DE:4A:61:5B:52:F2:CC:74:A7:88:FC:AC
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 5C9EF5C46D40ECBDC66F526B6C54A4EE6D8D8925
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211066.roa
Signing time: Sat 26 Aug 2023 05:05:03 +0000
ROA not before: Sat 26 Aug 2023 05:00:03 +0000
ROA not after: Sat 24 Aug 2024 05:05:03 +0000
asID: 211066
IP address blocks: 2a0f:9400:7722::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:9e:f5:c4:6d:40:ec:bd:c6:6f:52:6b:6c:54:a4:ee:6d:8d:89:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Aug 26 05:00:03 2023 GMT
Not After : Aug 24 05:05:03 2024 GMT
Subject: CN=C469413EC9F854B5DE4A615B52F2CC74A788FCAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:1d:29:dd:4f:01:c8:83:9d:c0:8b:50:32:0c:
35:2f:0e:6f:58:7d:12:f2:03:36:30:e6:bb:db:f4:
b9:dd:35:39:b1:d4:02:c7:40:9c:62:56:85:bb:d9:
60:70:b5:a9:6a:69:3e:01:f5:16:a8:21:f6:dd:dc:
1b:ab:6c:2f:f9:be:53:f0:b0:84:cc:93:93:e6:bb:
1b:99:4f:d6:ae:8f:ec:1a:36:11:21:74:79:61:6e:
0e:2a:af:1e:20:94:eb:4c:52:d5:83:36:ef:15:c0:
16:83:6c:98:f8:2a:d4:8b:17:2e:0b:31:f3:06:6f:
62:68:03:69:b9:b2:e5:5e:0a:ed:52:4a:54:6b:96:
98:2e:ce:15:15:d6:eb:f4:d6:4f:ff:83:f3:5a:4b:
9e:41:e9:c0:49:59:be:63:79:d7:b8:1b:2e:34:5d:
a7:7e:b5:45:72:b9:c5:08:92:98:d7:ab:c0:21:47:
60:03:04:8f:ad:9a:29:25:a2:2d:8e:04:a5:99:17:
44:5a:5d:1e:78:cf:e5:3c:d1:a6:a2:16:4f:05:0c:
f1:b6:f7:32:8b:74:e3:a4:64:8a:d5:61:aa:3f:05:
9e:e1:52:87:8c:1e:ca:bd:34:ad:2c:e7:33:38:ce:
39:3b:96:d4:69:30:da:fd:81:1d:ca:c3:dc:07:8e:
08:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:69:41:3E:C9:F8:54:B5:DE:4A:61:5B:52:F2:CC:74:A7:88:FC:AC
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211066.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:7722::/48
Signature Algorithm: sha256WithRSAEncryption
42:04:c1:57:fb:b0:33:eb:0f:2a:37:ce:d3:a6:16:01:e3:4b:
0f:b1:af:e8:7d:c5:ad:1b:c0:af:46:e3:2a:64:56:a9:b8:a9:
67:ca:f1:fb:bc:05:5d:d9:66:cb:d3:ff:79:1e:bb:15:09:40:
c5:c9:21:c8:7a:b6:6c:f7:61:42:b1:64:cc:87:8d:9f:a4:83:
6d:3e:38:54:57:52:f6:e5:52:4c:d0:d1:72:69:7b:fa:62:ba:
e8:07:dd:fa:6e:3a:3f:88:98:83:59:8b:05:58:51:50:b0:f8:
a1:a1:55:ab:1d:de:bb:80:54:e5:53:38:15:f1:f5:d5:23:a2:
2b:19:d4:5e:88:20:42:66:87:e1:75:d6:57:24:02:27:b7:99:
d3:9a:1b:f0:1c:f7:09:63:24:0f:db:4b:ad:12:b6:01:1b:96:
72:88:d1:b7:90:3c:b4:fb:4d:1d:27:af:05:cb:30:3d:4f:46:
aa:e9:82:11:1f:59:97:5d:af:80:4d:93:0c:69:8c:d4:c5:e8:
89:fb:a7:97:69:dd:41:e2:cb:f6:ed:3b:a4:77:25:1a:f2:c5:
c6:3a:17:a6:7c:72:3c:fa:35:0d:a3:b8:6e:ca:ee:f0:36:d3:
5c:09:4c:d3:81:0d:24:1e:70:30:db:d8:ff:61:d6:78:04:3b:
6d:90:48:dd
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUXJ71xG1A7L3Gb1JrbFSk7m2NiSUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yMzA4MjYwNTAwMDNaFw0yNDA4MjQwNTA1MDNaMDMxMTAvBgNV
BAMTKEM0Njk0MTNFQzlGODU0QjVERTRBNjE1QjUyRjJDQzc0QTc4OEZDQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuHSndTwHIg53Ai1AyDDUvDm9Y
fRLyAzYw5rvb9LndNTmx1ALHQJxiVoW72WBwtalqaT4B9RaoIfbd3BurbC/5vlPw
sITMk5PmuxuZT9auj+waNhEhdHlhbg4qrx4glOtMUtWDNu8VwBaDbJj4KtSLFy4L
MfMGb2JoA2m5suVeCu1SSlRrlpguzhUV1uv01k//g/NaS55B6cBJWb5jede4Gy40
Xad+tUVyucUIkpjXq8AhR2ADBI+tmikloi2OBKWZF0RaXR54z+U80aaiFk8FDPG2
9zKLdOOkZIrVYao/BZ7hUoeMHsq9NK0s5zM4zjk7ltRpMNr9gR3Kw9wHjgj5AgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUxGlBPsn4VLXeSmFbUvLMdKeI/KwwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxMTA2Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlAB3IjANBgkqhkiG9w0BAQsFAAOC
AQEAQgTBV/uwM+sPKjfO06YWAeNLD7Gv6H3FrRvAr0bjKmRWqbipZ8rx+7wFXdlm
y9P/eR67FQlAxckhyHq2bPdhQrFkzIeNn6SDbT44VFdS9uVSTNDRcml7+mK66Afd
+m46P4iYg1mLBVhRULD4oaFVqx3eu4BU5VM4FfH11SOiKxnUXoggQmaH4XXWVyQC
J7eZ05ob8Bz3CWMkD9tLrRK2ARuWcojRt5A8tPtNHSevBcswPU9GqumCER9Zl12v
gE2TDGmM1MXoifunl2ndQeLL9u07pHclGvLFxjoXpnxyPPo1DaO4bsru8DbTXAlM
04ENJB5wMNvY/2HWeAQ7bZBI3Q==
-----END CERTIFICATE-----
Generated at Sat May 4 11:07:18 2024 by rpki-client on console-fra.rpki-client.org