Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211167.roa
File: AS211167.roa (raw, json)
Hash identifier: VfI+kWCzcbKQsWiiOZuQkYSOkcEqGTi4dUuIg5sgGm4=
Subject key identifier: B1:A4:E5:D0:38:FA:5F:9F:FD:1C:62:0A:EB:24:F9:24:E7:C8:80:64
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 2E0E7D72FE435ACEA9B7EC90B07710942ED54D45
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211167.roa
Signing time: Tue 19 May 2026 04:03:22 +0000
ROA not before: Tue 19 May 2026 03:58:22 +0000
ROA not after: Tue 18 May 2027 04:03:22 +0000
asID: 211167
IP address blocks: 2a0f:9400:8009::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 20 May 2026 07:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:0e:7d:72:fe:43:5a:ce:a9:b7:ec:90:b0:77:10:94:2e:d5:4d:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: May 19 03:58:22 2026 GMT
Not After : May 18 04:03:22 2027 GMT
Subject: CN=B1A4E5D038FA5F9FFD1C620AEB24F924E7C88064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:35:94:72:74:80:d1:fa:1c:e3:b1:38:f3:5e:
c5:a8:79:a9:63:d0:47:90:0c:71:20:27:31:19:68:
23:6a:fb:f8:ea:a4:b4:fa:19:1c:d2:27:85:18:e9:
dd:f1:f2:f8:0e:41:f7:1c:fd:c7:8c:6a:6d:e0:11:
52:c9:a5:08:0a:77:62:0a:91:21:7c:ad:02:e4:19:
b8:82:c2:ab:9f:40:22:be:4d:7e:43:06:4d:ed:c2:
c6:89:90:01:2d:3e:73:e8:71:a7:1e:68:aa:2c:f2:
e3:cb:44:4b:de:05:79:52:45:36:9b:70:8c:a9:90:
f6:42:ed:d3:08:dd:3b:9e:8f:a6:7e:fc:77:4e:81:
c1:29:c9:6b:00:a9:83:50:b1:bc:a6:78:3e:33:c0:
e6:31:98:df:59:ec:34:ad:8e:57:39:f9:9b:93:ab:
1e:db:52:90:91:e5:80:6f:e6:51:2d:97:62:9d:c8:
d5:f0:b9:81:07:a8:7c:1c:e7:db:f5:95:7a:ca:d9:
32:28:e8:be:7d:c4:c2:57:b3:57:5b:a4:5b:70:56:
d4:c4:4d:59:0f:f1:a4:38:b2:32:65:91:68:c3:fb:
b5:1a:47:55:2b:c2:23:03:d3:a8:cb:b7:06:f4:ba:
49:f4:46:17:e3:5d:c2:d0:9f:3d:b6:35:97:1f:19:
de:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A4:E5:D0:38:FA:5F:9F:FD:1C:62:0A:EB:24:F9:24:E7:C8:80:64
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211167.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:8009::/48
Signature Algorithm: sha256WithRSAEncryption
4d:07:f7:fc:74:cb:62:e6:08:bd:a1:1c:72:c9:7c:3c:1b:2b:
cb:c4:af:4d:ef:ef:63:b3:28:2b:7a:fe:bf:34:43:85:87:29:
27:ff:54:80:e8:bc:08:e0:71:27:de:d4:8f:7f:f2:95:50:b4:
df:52:9d:7d:77:c4:63:82:e4:4d:41:68:db:b5:1a:a3:42:1e:
6c:53:e2:d9:4b:d8:dc:34:47:4e:82:24:49:70:12:33:7b:73:
35:53:c4:82:e8:44:80:6e:d4:0b:75:b6:78:16:bd:36:f9:d5:
7b:41:8f:01:5f:d3:77:37:50:d4:97:7a:69:eb:ea:c7:db:e1:
9b:b9:23:80:9b:ae:b7:84:af:b1:28:da:13:ff:a0:99:25:31:
fa:47:2f:34:62:95:19:d7:44:a9:63:6e:d0:92:82:7c:97:d6:
18:88:49:0a:87:a6:5b:9a:cd:60:b7:7e:76:69:b4:80:4c:e1:
38:9a:b6:5c:c9:a6:58:c3:c8:ee:52:f6:80:fd:54:5d:84:0e:
9f:66:bd:3f:74:50:40:4e:a9:61:53:fb:0f:c4:8d:47:15:22:
41:14:f8:e8:fb:d0:c4:c6:cb:e4:ca:78:cc:85:a4:9e:f0:41:
4f:56:32:7a:4e:c6:f3:fc:5e:67:eb:4f:97:c3:47:ca:c1:ce:
ee:2a:39:0c
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIULg59cv5DWs6pt+yQsHcQlC7VTUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNjA1MTkwMzU4MjJaFw0yNzA1MTgwNDAzMjJaMDMxMTAvBgNV
BAMTKEIxQTRFNUQwMzhGQTVGOUZGRDFDNjIwQUVCMjRGOTI0RTdDODgwNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoNZRydIDR+hzjsTjzXsWoealj
0EeQDHEgJzEZaCNq+/jqpLT6GRzSJ4UY6d3x8vgOQfcc/ceMam3gEVLJpQgKd2IK
kSF8rQLkGbiCwqufQCK+TX5DBk3twsaJkAEtPnPocaceaKos8uPLREveBXlSRTab
cIypkPZC7dMI3Tuej6Z+/HdOgcEpyWsAqYNQsbymeD4zwOYxmN9Z7DStjlc5+ZuT
qx7bUpCR5YBv5lEtl2KdyNXwuYEHqHwc59v1lXrK2TIo6L59xMJXs1dbpFtwVtTE
TVkP8aQ4sjJlkWjD+7UaR1UrwiMD06jLtwb0ukn0RhfjXcLQnz22NZcfGd7fAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUsaTl0Dj6X5/9HGIK6yT5JOfIgGQwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxMTE2Ny5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlACACTANBgkqhkiG9w0BAQsFAAOC
AQEATQf3/HTLYuYIvaEccsl8PBsry8SvTe/vY7MoK3r+vzRDhYcpJ/9UgOi8COBx
J97Uj3/ylVC031KdfXfEY4LkTUFo27Uao0IebFPi2UvY3DRHToIkSXASM3tzNVPE
guhEgG7UC3W2eBa9NvnVe0GPAV/TdzdQ1Jd6aevqx9vhm7kjgJuut4SvsSjaE/+g
mSUx+kcvNGKVGddEqWNu0JKCfJfWGIhJCoemW5rNYLd+dmm0gEzhOJq2XMmmWMPI
7lL2gP1UXYQOn2a9P3RQQE6pYVP7D8SNRxUiQRT46PvQxMbL5Mp4zIWknvBBT1Yy
ek7G8/xeZ+tPl8NHysHO7io5DA==
-----END CERTIFICATE-----
Generated at Tue May 19 15:15:44 2026 by rpki-client