Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211167.roa
File: AS211167.roa (raw, json)
Hash identifier: s+3YLlDxJhx1aCsQexY3ejVJ64Ifnub/iLfSw8Ibwt4=
Subject key identifier: F1:A6:94:22:FD:84:8D:A3:CB:0E:55:38:48:E5:98:25:A2:7E:A1:1A
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 283E54B1CB5674F4B410D54005A3E685B0D8BE7F
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211167.roa
Signing time: Tue 16 Jul 2024 02:42:23 +0000
ROA not before: Tue 16 Jul 2024 02:37:23 +0000
ROA not after: Tue 15 Jul 2025 02:42:23 +0000
asID: 211167
IP address blocks: 2a0f:9400:8009::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:3e:54:b1:cb:56:74:f4:b4:10:d5:40:05:a3:e6:85:b0:d8:be:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Jul 16 02:37:23 2024 GMT
Not After : Jul 15 02:42:23 2025 GMT
Subject: CN=F1A69422FD848DA3CB0E553848E59825A27EA11A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:92:f5:33:5c:5e:e7:bc:2f:19:1f:25:f1:cf:
17:1b:44:f4:26:19:c0:fd:f3:ac:80:53:4f:a2:0e:
45:3f:4b:cb:4f:a8:17:a7:37:95:c9:97:27:a9:ea:
92:f5:f8:99:8f:99:44:1c:eb:79:cf:1e:90:86:67:
ea:15:da:3b:ac:51:59:04:ee:fa:a8:53:47:8d:6a:
87:91:ed:d9:48:53:e2:e1:26:ea:eb:c7:78:98:0b:
ac:f9:cd:34:d2:b5:2f:4c:cd:18:08:2a:cf:7d:02:
6e:9f:ec:d9:27:5a:ae:f4:50:2c:45:c1:9b:8d:e3:
27:f1:64:ea:60:3a:70:76:7b:78:55:51:be:7e:cb:
1b:4d:d9:ec:c7:8e:3a:c2:70:5c:c1:5b:54:0c:53:
ed:f9:df:44:4d:95:ad:5b:ba:d2:40:7e:57:da:51:
7e:a0:0c:ef:3d:fd:6b:94:b3:45:02:4c:e9:58:a7:
fe:d5:b8:80:fd:8e:b4:cc:88:bb:0c:ca:20:4e:57:
9d:e4:99:c1:42:ce:6f:81:14:1f:17:73:7e:44:b5:
59:dd:6d:ee:f1:9c:ca:12:be:03:ff:98:f7:54:da:
d1:58:03:64:1e:d8:62:e8:0e:a7:31:22:8d:99:0c:
11:4e:f0:ed:09:5c:bc:6f:19:35:a9:fa:94:a0:71:
6c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A6:94:22:FD:84:8D:A3:CB:0E:55:38:48:E5:98:25:A2:7E:A1:1A
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211167.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:8009::/48
Signature Algorithm: sha256WithRSAEncryption
9d:ea:83:91:e5:b6:b7:af:af:e0:47:08:0f:f8:0b:9c:93:3f:
06:f9:82:c2:69:74:f0:cb:f0:b6:c0:de:eb:5d:c5:75:7e:e8:
10:f7:4a:7b:9d:ad:35:71:21:4d:f5:bc:58:fa:40:81:0e:f9:
e2:f7:d7:68:d2:36:ec:a6:d0:75:b1:6c:74:f7:36:e6:ca:0d:
c6:90:f4:45:02:12:f7:21:7b:8f:9b:8f:93:52:ff:4f:a6:a3:
20:08:f9:16:8f:4d:0f:90:12:be:a8:4a:0b:fd:7a:bd:96:88:
eb:85:43:59:12:ff:71:61:2a:76:9c:83:9e:e1:65:aa:5a:cc:
0a:bf:ce:ef:da:a0:cb:45:3f:73:6e:3e:0f:f2:01:47:e5:78:
3d:f7:88:2f:66:41:f2:a6:23:f8:08:58:01:c2:69:9c:8b:58:
2c:7d:d6:e7:4d:98:6e:76:4e:02:78:65:12:1b:2e:21:5c:05:
12:43:aa:d6:1a:4d:fd:dc:48:64:97:8b:d9:57:ae:41:63:67:
dc:00:a2:ef:a8:6d:9d:96:d0:9e:4a:91:4f:71:54:ca:87:ab:
47:bc:ba:89:ba:d8:f0:05:21:a8:90:e7:19:42:25:9a:c6:f4:
ab:b5:91:1f:36:78:be:c5:ee:be:d0:7d:33:f2:4d:eb:21:85:
fa:3e:19:da
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUKD5UsctWdPS0ENVABaPmhbDYvn8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDA3MTYwMjM3MjNaFw0yNTA3MTUwMjQyMjNaMDMxMTAvBgNV
BAMTKEYxQTY5NDIyRkQ4NDhEQTNDQjBFNTUzODQ4RTU5ODI1QTI3RUExMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFkvUzXF7nvC8ZHyXxzxcbRPQm
GcD986yAU0+iDkU/S8tPqBenN5XJlyep6pL1+JmPmUQc63nPHpCGZ+oV2jusUVkE
7vqoU0eNaoeR7dlIU+LhJurrx3iYC6z5zTTStS9MzRgIKs99Am6f7NknWq70UCxF
wZuN4yfxZOpgOnB2e3hVUb5+yxtN2ezHjjrCcFzBW1QMU+3530RNla1butJAflfa
UX6gDO89/WuUs0UCTOlYp/7VuID9jrTMiLsMyiBOV53kmcFCzm+BFB8Xc35EtVnd
be7xnMoSvgP/mPdU2tFYA2Qe2GLoDqcxIo2ZDBFO8O0JXLxvGTWp+pSgcWxJAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQU8aaUIv2EjaPLDlU4SOWYJaJ+oRowHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxMTE2Ny5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlACACTANBgkqhkiG9w0BAQsFAAOC
AQEAneqDkeW2t6+v4EcID/gLnJM/BvmCwml08MvwtsDe613FdX7oEPdKe52tNXEh
TfW8WPpAgQ754vfXaNI27KbQdbFsdPc25soNxpD0RQIS9yF7j5uPk1L/T6ajIAj5
Fo9ND5ASvqhKC/16vZaI64VDWRL/cWEqdpyDnuFlqlrMCr/O79qgy0U/c24+D/IB
R+V4PfeIL2ZB8qYj+AhYAcJpnItYLH3W502YbnZOAnhlEhsuIVwFEkOq1hpN/dxI
ZJeL2VeuQWNn3ACi76htnZbQnkqRT3FUyoerR7y6ibrY8AUhqJDnGUIlmsb0q7WR
HzZ4vsXuvtB9M/JN6yGF+j4Z2g==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:42 2024 by rpki-client on console-ams.rpki-client.org