Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211167.roa
File: AS211167.roa (raw, json)
Hash identifier: EJozpA085UY59S+ojCUDPzLavgG5UZPUhYhwwGe5C/0=
Subject key identifier: 9C:C2:BF:7D:EC:C4:85:06:3D:B1:2D:7F:D0:DB:79:4C:4A:61:E8:83
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 686F02C38EF056391DC5DC7382252B12AAAEC372
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211167.roa
Signing time: Tue 15 Aug 2023 02:00:26 +0000
ROA not before: Tue 15 Aug 2023 01:55:26 +0000
ROA not after: Tue 13 Aug 2024 02:00:26 +0000
asID: 211167
IP address blocks: 2a0f:9400:8009::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:6f:02:c3:8e:f0:56:39:1d:c5:dc:73:82:25:2b:12:aa:ae:c3:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Aug 15 01:55:26 2023 GMT
Not After : Aug 13 02:00:26 2024 GMT
Subject: CN=9CC2BF7DECC485063DB12D7FD0DB794C4A61E883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0c:5c:84:55:16:05:7c:c6:1b:70:73:e6:aa:
ce:15:14:69:99:89:93:6b:b1:94:42:84:9b:e7:99:
85:2b:be:92:83:7e:3d:09:11:62:b9:9d:31:40:f2:
35:74:7f:09:5a:87:09:ff:97:d7:fd:4c:48:54:43:
de:dc:8d:45:dd:63:1a:69:15:02:be:7f:6e:6c:f5:
85:fe:b6:df:dd:10:13:9a:0f:96:0c:3a:76:e9:13:
88:06:c0:ae:1d:0f:4d:d1:4a:80:31:58:be:29:eb:
8c:84:93:da:b3:87:83:a3:e4:58:9f:4b:30:a4:35:
fd:ed:ac:b0:e9:72:6e:21:36:ca:ee:51:f3:24:fd:
2d:4b:d1:89:bd:1c:df:a1:b7:eb:c0:d8:c7:ad:43:
cf:02:a6:b1:0c:6d:ee:0a:3d:79:50:12:8b:50:9f:
5b:55:67:c1:a8:20:b0:78:1e:5b:44:b8:b1:04:c7:
c1:4c:2f:0b:e7:bf:89:90:0b:11:b7:da:13:7a:6e:
aa:be:7b:26:3a:38:ff:fe:42:7c:29:5b:73:08:87:
76:46:cc:76:a2:9d:10:b1:19:a5:21:c9:53:eb:d9:
1e:f9:dd:54:ae:28:41:7c:00:fe:b1:6e:b4:6b:4c:
52:cb:19:e6:a6:6c:6e:ed:f5:1b:92:d0:b0:87:90:
4a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C2:BF:7D:EC:C4:85:06:3D:B1:2D:7F:D0:DB:79:4C:4A:61:E8:83
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211167.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:8009::/48
Signature Algorithm: sha256WithRSAEncryption
5a:86:8d:d6:fa:3b:c4:63:ba:22:7c:e6:92:d3:ed:10:b7:20:
32:5d:f2:4d:54:41:64:69:67:9e:2b:3d:cc:1f:7b:13:f0:e2:
7d:46:11:13:db:20:0f:56:d8:a5:31:a6:c9:c4:79:2c:9c:6a:
6c:c8:b0:80:8d:06:20:1d:ed:47:03:b0:1f:90:46:73:e3:1a:
fe:5a:f1:c2:43:09:ee:7d:48:55:60:8c:7b:93:d6:66:e0:8c:
19:73:65:1b:87:49:d3:3c:0b:54:6f:68:3e:49:8d:ab:61:ae:
c6:02:42:43:26:5a:f1:67:d6:0c:bc:d8:31:4e:ca:87:c8:f6:
d1:fb:86:61:92:69:6c:81:80:b2:d8:11:c2:38:8b:f0:7a:44:
24:ea:07:71:8e:8a:6a:88:d2:c2:80:15:95:6d:dd:4d:7b:f5:
82:65:9c:b7:e8:c8:5b:b8:72:ba:b6:ce:4e:de:36:d0:b9:f3:
fb:1c:87:37:68:5b:3d:9c:3d:fc:cc:89:16:63:11:f2:15:b7:
f9:5e:f2:0c:09:f6:6b:1a:84:1d:06:20:57:3f:5e:09:d6:61:
68:bb:0f:5a:14:6e:ab:53:ff:cf:03:42:24:a6:2a:fd:df:8f:
a7:f6:43:cf:04:e7:c9:c5:43:fb:46:e8:61:e7:9e:64:17:26:
aa:e3:67:b4
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUaG8Cw47wVjkdxdxzgiUrEqquw3IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yMzA4MTUwMTU1MjZaFw0yNDA4MTMwMjAwMjZaMDMxMTAvBgNV
BAMTKDlDQzJCRjdERUNDNDg1MDYzREIxMkQ3RkQwREI3OTRDNEE2MUU4ODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmDFyEVRYFfMYbcHPmqs4VFGmZ
iZNrsZRChJvnmYUrvpKDfj0JEWK5nTFA8jV0fwlahwn/l9f9TEhUQ97cjUXdYxpp
FQK+f25s9YX+tt/dEBOaD5YMOnbpE4gGwK4dD03RSoAxWL4p64yEk9qzh4Oj5Fif
SzCkNf3trLDpcm4hNsruUfMk/S1L0Ym9HN+ht+vA2MetQ88CprEMbe4KPXlQEotQ
n1tVZ8GoILB4HltEuLEEx8FMLwvnv4mQCxG32hN6bqq+eyY6OP/+QnwpW3MIh3ZG
zHainRCxGaUhyVPr2R753VSuKEF8AP6xbrRrTFLLGeambG7t9RuS0LCHkEoHAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUnMK/fezEhQY9sS1/0Nt5TEph6IMwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxMTE2Ny5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlACACTANBgkqhkiG9w0BAQsFAAOC
AQEAWoaN1vo7xGO6InzmktPtELcgMl3yTVRBZGlnnis9zB97E/DifUYRE9sgD1bY
pTGmycR5LJxqbMiwgI0GIB3tRwOwH5BGc+Ma/lrxwkMJ7n1IVWCMe5PWZuCMGXNl
G4dJ0zwLVG9oPkmNq2GuxgJCQyZa8WfWDLzYMU7Kh8j20fuGYZJpbIGAstgRwjiL
8HpEJOoHcY6KaojSwoAVlW3dTXv1gmWct+jIW7hyurbOTt420Lnz+xyHN2hbPZw9
/MyJFmMR8hW3+V7yDAn2axqEHQYgVz9eCdZhaLsPWhRuq1P/zwNCJKYq/d+Pp/ZD
zwTnycVD+0boYeeeZBcmquNntA==
-----END CERTIFICATE-----
Generated at Sat May 4 11:05:09 2024 by rpki-client on console-ams.rpki-client.org