Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211144.roa
File: AS211144.roa (raw, json)
Hash identifier: 7e9Q+lpIdG/TQrVpvUhWwmeht7qlH0aVMBHE9bLbyTE=
Subject key identifier: E4:19:0A:B6:D7:D3:05:DB:A0:EC:99:E0:77:BD:65:EE:BE:89:92:D0
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 7A47B415666E441FEB691AF6B79BB1EA57641C2F
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211144.roa
Signing time: Fri 30 May 2025 03:07:29 +0000
ROA not before: Fri 30 May 2025 03:02:29 +0000
ROA not after: Fri 29 May 2026 03:07:29 +0000
asID: 211144
IP address blocks: 2a0f:9400:7000::/48 maxlen: 48
2a0f:9400:7001::/48 maxlen: 48
2a0f:9400:7002::/48 maxlen: 48
2a0f:9400:7003::/48 maxlen: 48
2a0f:9400:7004::/48 maxlen: 48
2a0f:9400:7006::/48 maxlen: 48
2a0f:9400:7007::/48 maxlen: 48
2a0f:9400:7008::/48 maxlen: 48
2a0f:9400:700a::/48 maxlen: 48
2a0f:9400:700b::/48 maxlen: 48
2a0f:9400:700c::/48 maxlen: 48
2a0f:9400:700d::/48 maxlen: 48
2a0f:9400:700e::/48 maxlen: 48
2a0f:9400:700f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:47:b4:15:66:6e:44:1f:eb:69:1a:f6:b7:9b:b1:ea:57:64:1c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: May 30 03:02:29 2025 GMT
Not After : May 29 03:07:29 2026 GMT
Subject: CN=E4190AB6D7D305DBA0EC99E077BD65EEBE8992D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:80:cd:76:50:4f:20:c3:73:88:22:17:66:ab:
f8:80:77:92:69:3b:6e:ab:75:de:67:53:e0:b3:bd:
52:af:72:74:2a:21:fa:c1:33:f1:f6:c7:2c:08:54:
e6:98:e0:91:14:7d:cc:4d:ff:b0:12:c2:3e:d8:d6:
7e:36:4d:83:80:c0:8c:d2:a2:ce:ac:40:a4:5f:62:
21:2c:2e:0f:41:57:4c:41:52:60:c8:23:37:db:fa:
23:f0:ef:4c:d3:d5:52:85:5f:eb:ba:7c:23:5b:34:
37:88:62:b5:63:2e:3f:19:4f:8f:c3:b7:e4:78:24:
23:ac:15:0e:56:bf:da:a3:0b:1c:c8:0e:26:19:36:
6c:92:dd:2c:ee:fd:cc:50:43:1f:ad:7e:82:a5:d2:
6f:3f:16:e9:06:e1:a4:1e:d3:d4:05:80:4a:3c:8e:
c4:3d:97:9b:aa:84:0c:b5:bf:f0:01:96:8f:9f:fb:
e7:c2:bb:d9:7a:00:3d:d7:c1:5c:fc:d5:af:e1:7a:
9e:c0:de:d2:f4:7e:28:ec:ba:cd:a3:1d:c2:d8:36:
73:ac:5d:2c:19:55:d0:34:cf:df:15:0f:28:ba:8a:
77:68:2d:6b:6a:bf:61:2f:74:71:7b:2c:53:45:63:
4e:f1:82:39:5b:e0:f3:44:fc:b0:5e:14:bc:be:4e:
99:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:19:0A:B6:D7:D3:05:DB:A0:EC:99:E0:77:BD:65:EE:BE:89:92:D0
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211144.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:7000::-2a0f:9400:7004:ffff:ffff:ffff:ffff:ffff
2a0f:9400:7006::-2a0f:9400:7008:ffff:ffff:ffff:ffff:ffff
2a0f:9400:700a::-2a0f:9400:700f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a8:5d:cb:14:e5:89:4e:5f:84:c2:9f:09:df:26:ef:cf:27:0b:
40:e8:f7:1c:28:e8:5e:3e:a2:d6:54:11:4f:fb:e9:31:e4:d7:
6f:1e:02:dd:48:f7:b9:54:f1:f8:a3:6d:5f:5b:91:46:5d:a9:
12:03:42:ba:88:f3:87:43:ad:02:27:b1:ae:4d:e3:80:fa:94:
71:d1:36:5c:a8:9a:88:c6:30:9c:cf:67:22:80:72:f9:a3:ee:
ae:2a:66:eb:1d:0b:04:1f:5f:e1:27:2f:4b:f6:da:5e:17:57:
2a:a2:6e:ec:79:3f:98:db:2b:a1:10:c5:78:13:bd:9b:1d:fe:
03:4c:f8:82:77:7c:bd:fb:d9:a9:42:19:c8:20:3c:75:2d:6a:
11:3f:07:66:14:da:28:4d:39:ee:a4:63:37:3a:16:3c:63:43:
f2:47:7d:d4:56:28:2e:8d:8d:61:88:ee:a3:dc:d4:b1:12:3f:
2c:12:ac:ec:80:19:34:e3:1d:16:02:51:94:2e:fe:88:77:8b:
c1:a0:97:bb:61:73:a2:77:b2:fe:ab:fe:d1:e3:e5:6b:13:10:
14:96:cf:2c:2a:e2:d5:7a:90:7f:0a:f6:ef:0f:65:ba:91:5f:
97:61:a8:6e:2e:d7:ec:ab:e7:c0:cd:3b:65:8e:1f:fd:9d:be:
d2:94:50:e4
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUeke0FWZuRB/raRr2t5ux6ldkHC8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNTA1MzAwMzAyMjlaFw0yNjA1MjkwMzA3MjlaMDMxMTAvBgNV
BAMTKEU0MTkwQUI2RDdEMzA1REJBMEVDOTlFMDc3QkQ2NUVFQkU4OTkyRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEgM12UE8gw3OIIhdmq/iAd5Jp
O26rdd5nU+CzvVKvcnQqIfrBM/H2xywIVOaY4JEUfcxN/7ASwj7Y1n42TYOAwIzS
os6sQKRfYiEsLg9BV0xBUmDIIzfb+iPw70zT1VKFX+u6fCNbNDeIYrVjLj8ZT4/D
t+R4JCOsFQ5Wv9qjCxzIDiYZNmyS3Szu/cxQQx+tfoKl0m8/FukG4aQe09QFgEo8
jsQ9l5uqhAy1v/ABlo+f++fCu9l6AD3XwVz81a/hep7A3tL0fijsus2jHcLYNnOs
XSwZVdA0z98VDyi6indoLWtqv2EvdHF7LFNFY07xgjlb4PNE/LBeFLy+TplPAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQU5BkKttfTBdug7Jngd71l7r6JktAwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxMTE0NC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBUBggr
BgEFBQcBBwEB/wRFMEMwQQQCAAIwOzARAwYEKg+UAHADBwAqD5QAcAQwEgMHASoP
lABwBgMHACoPlABwCDASAwcBKg+UAHAKAwcEKg+UAHAAMA0GCSqGSIb3DQEBCwUA
A4IBAQCoXcsU5YlOX4TCnwnfJu/PJwtA6PccKOhePqLWVBFP++kx5NdvHgLdSPe5
VPH4o21fW5FGXakSA0K6iPOHQ60CJ7GuTeOA+pRx0TZcqJqIxjCcz2cigHL5o+6u
KmbrHQsEH1/hJy9L9tpeF1cqom7seT+Y2yuhEMV4E72bHf4DTPiCd3y9+9mpQhnI
IDx1LWoRPwdmFNooTTnupGM3OhY8Y0PyR33UVigujY1hiO6j3NSxEj8sEqzsgBk0
4x0WAlGULv6Id4vBoJe7YXOid7L+q/7R4+VrExAUls8sKuLVepB/CvbvD2W6kV+X
YahuLtfsq+fAzTtljh/9nb7SlFDk
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:04:44 2025 by rpki-client