Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS213001.roa
File: AS213001.roa (raw, json)
Hash identifier: FWVtE0Ld1jW9quIok+ggtaI0LLxs0oEhQnj6PcIPJs4=
Subject key identifier: DC:18:0A:2A:38:18:79:6F:16:93:9E:F8:73:DD:BB:6E:28:2E:51:05
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 4A451577422F87A5786D98310DE0E147947C8D32
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS213001.roa
Signing time: Tue 15 Aug 2023 02:00:24 +0000
ROA not before: Tue 15 Aug 2023 01:55:24 +0000
ROA not after: Tue 13 Aug 2024 02:00:24 +0000
asID: 213001
IP address blocks: 2a0f:9400:801e::/48 maxlen: 48
2a0f:9400:801f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:45:15:77:42:2f:87:a5:78:6d:98:31:0d:e0:e1:47:94:7c:8d:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Aug 15 01:55:24 2023 GMT
Not After : Aug 13 02:00:24 2024 GMT
Subject: CN=DC180A2A3818796F16939EF873DDBB6E282E5105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c3:3d:23:2b:11:cc:24:31:e2:eb:63:e7:0e:
de:79:10:63:b9:52:ae:f3:13:2e:dc:f9:33:11:ec:
d4:35:65:8c:6b:c1:37:29:8a:cf:a3:aa:06:e2:8a:
52:23:8f:c9:a6:61:aa:16:c3:59:bc:97:8a:b1:4c:
24:a8:e3:2b:93:99:a1:95:d4:67:98:d8:d7:09:84:
b0:1d:f4:4b:a9:8c:77:22:9c:20:a9:85:a6:5c:79:
c7:3b:24:02:d0:54:ad:4f:9f:4f:c0:f1:75:a5:84:
aa:20:b1:00:9f:bb:fd:b8:2b:0a:4b:15:7a:6e:1f:
b5:8e:b6:40:5b:76:b8:db:66:8e:dd:39:84:d2:27:
9f:aa:ef:ae:f3:81:95:4e:ad:bb:90:b9:6a:f8:1f:
ed:55:5b:96:d2:46:c9:5e:02:c9:64:de:42:65:46:
fd:41:b1:c7:07:bc:98:d0:7b:b7:bf:65:08:e9:ad:
cd:6d:3e:b5:19:91:cc:9c:90:c1:c2:73:1f:8d:79:
7e:76:17:54:85:26:33:9c:c3:fe:3d:88:71:c8:bf:
59:97:6b:10:67:15:75:e8:25:ff:09:bf:86:15:a0:
4c:6b:69:9e:a9:39:60:0f:1f:82:4b:4d:86:4d:88:
e6:22:1f:f2:aa:7c:f8:a7:1b:51:b1:0c:d0:69:77:
1b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:18:0A:2A:38:18:79:6F:16:93:9E:F8:73:DD:BB:6E:28:2E:51:05
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS213001.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:801e::/47
Signature Algorithm: sha256WithRSAEncryption
c1:62:a1:35:17:d6:d5:b5:f4:bb:b6:7d:b8:d4:ea:7c:ff:f1:
58:47:e9:2d:68:f6:e2:d7:bc:79:6f:70:ac:a6:10:9f:7e:bd:
03:4a:b5:e9:a2:e5:fe:3f:41:c3:58:79:b3:21:d5:3b:39:1b:
78:57:32:f7:1d:3a:bd:4c:fa:87:93:ca:94:b0:12:80:f2:1a:
49:08:70:78:f0:51:aa:7c:60:d8:5f:28:9e:2f:e5:e1:18:4b:
91:a2:e3:83:3f:1c:04:7c:5e:64:05:44:ec:30:3d:88:a9:b5:
ba:e4:16:b4:f2:f1:77:f5:8e:81:77:09:fd:1c:ed:31:c5:19:
0e:20:64:5f:30:a5:85:d4:a7:b2:0f:e9:68:84:9b:f1:6d:95:
7d:70:22:69:78:60:e1:22:e6:64:bc:e5:9c:99:a3:40:09:2b:
28:0d:84:ee:4a:27:db:3b:71:9f:50:e6:c9:c6:95:7d:dc:a7:
0e:8c:60:2b:da:3a:f9:fb:70:f9:fe:be:c8:ea:a1:c4:77:e2:
ef:06:f4:4e:c0:d2:e7:35:9f:17:12:14:ff:01:43:8f:99:86:
a3:36:59:94:59:45:e8:30:d7:f5:e4:6b:9b:72:97:1b:62:58:
0e:f7:b7:33:71:6d:8f:d5:97:53:ce:fd:02:db:69:c0:cb:38:
4e:ea:9e:9e
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUSkUVd0Ivh6V4bZgxDeDhR5R8jTIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yMzA4MTUwMTU1MjRaFw0yNDA4MTMwMjAwMjRaMDMxMTAvBgNV
BAMTKERDMTgwQTJBMzgxODc5NkYxNjkzOUVGODczRERCQjZFMjgyRTUxMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWwz0jKxHMJDHi62PnDt55EGO5
Uq7zEy7c+TMR7NQ1ZYxrwTcpis+jqgbiilIjj8mmYaoWw1m8l4qxTCSo4yuTmaGV
1GeY2NcJhLAd9EupjHcinCCphaZcecc7JALQVK1Pn0/A8XWlhKogsQCfu/24KwpL
FXpuH7WOtkBbdrjbZo7dOYTSJ5+q767zgZVOrbuQuWr4H+1VW5bSRsleAslk3kJl
Rv1BsccHvJjQe7e/ZQjprc1tPrUZkcyckMHCcx+NeX52F1SFJjOcw/49iHHIv1mX
axBnFXXoJf8Jv4YVoExraZ6pOWAPH4JLTYZNiOYiH/KqfPinG1GxDNBpdxvBAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQU3BgKKjgYeW8Wk574c927biguUQUwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxMzAwMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASoPlACAHjANBgkqhkiG9w0BAQsFAAOC
AQEAwWKhNRfW1bX0u7Z9uNTqfP/xWEfpLWj24te8eW9wrKYQn369A0q16aLl/j9B
w1h5syHVOzkbeFcy9x06vUz6h5PKlLASgPIaSQhwePBRqnxg2F8oni/l4RhLkaLj
gz8cBHxeZAVE7DA9iKm1uuQWtPLxd/WOgXcJ/RztMcUZDiBkXzClhdSnsg/paISb
8W2VfXAiaXhg4SLmZLzlnJmjQAkrKA2E7kon2ztxn1DmycaVfdynDoxgK9o6+ftw
+f6+yOqhxHfi7wb0TsDS5zWfFxIU/wFDj5mGozZZlFlF6DDX9eRrm3KXG2JYDve3
M3Ftj9WXU879AttpwMs4Tuqeng==
-----END CERTIFICATE-----
Generated at Sat May 4 11:07:18 2024 by rpki-client on console-fra.rpki-client.org