Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS213001.roa
File: AS213001.roa (raw, json)
Hash identifier: SGE7X3J063CfiPya5ZUfxeuUtBnkBmJTS1WBOdYlibo=
Subject key identifier: 9F:D3:7D:90:23:59:1F:9F:66:67:14:BB:BB:FF:C4:F7:59:EF:0B:AE
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 7C1AB096CDEE908168F4C146027AFA4259F8D24A
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS213001.roa
Signing time: Tue 16 Jul 2024 02:42:23 +0000
ROA not before: Tue 16 Jul 2024 02:37:23 +0000
ROA not after: Tue 15 Jul 2025 02:42:23 +0000
asID: 213001
IP address blocks: 2a0f:9400:801e::/48 maxlen: 48
2a0f:9400:801f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:1a:b0:96:cd:ee:90:81:68:f4:c1:46:02:7a:fa:42:59:f8:d2:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Jul 16 02:37:23 2024 GMT
Not After : Jul 15 02:42:23 2025 GMT
Subject: CN=9FD37D9023591F9F666714BBBBFFC4F759EF0BAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:cf:dd:97:26:3f:98:ef:f6:1f:ff:f2:14:7a:
6d:06:1e:f3:59:f9:83:84:ea:ef:d5:2c:87:33:21:
19:eb:0e:21:ee:a5:c6:cf:ee:da:41:73:2a:1e:83:
4b:81:81:d5:12:6b:58:ed:6b:44:fe:83:8e:18:7e:
62:a2:c8:ca:f7:d0:c1:3b:e0:9f:e5:7f:77:35:c8:
76:6e:93:4d:98:b7:ee:fd:68:d7:51:81:3a:e1:a1:
81:7b:99:a6:03:1a:cc:73:d0:7b:7c:d3:90:91:37:
d5:4a:12:c8:20:a8:57:02:e2:a4:fa:94:8f:17:63:
d4:e7:42:28:be:cc:38:07:86:a1:c6:4d:fe:8a:3f:
ad:96:c8:fc:24:e1:be:11:c4:0a:3e:db:06:90:83:
e2:4c:3b:c9:ea:e3:22:ab:96:cc:1b:76:cc:fe:9f:
c6:1c:29:04:98:f9:06:27:49:1a:6c:2a:5f:e0:3c:
37:60:ff:e5:ff:b7:98:4c:c4:46:76:53:95:0c:cc:
bb:22:56:d1:48:84:bf:ce:af:da:8c:6c:fa:f5:9d:
f0:9d:7f:63:fa:72:27:6a:75:c4:b7:04:52:80:a7:
ef:bb:6b:7e:82:7e:d4:dc:51:1d:06:a7:3a:32:b2:
8b:51:fa:74:5f:ea:d0:e7:f6:25:c6:79:71:c1:4a:
29:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D3:7D:90:23:59:1F:9F:66:67:14:BB:BB:FF:C4:F7:59:EF:0B:AE
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS213001.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:801e::/47
Signature Algorithm: sha256WithRSAEncryption
9c:fa:c8:55:c9:5e:3d:eb:4c:92:9a:fd:ad:42:e4:a7:49:1f:
84:cf:02:ba:80:cf:9e:da:04:d2:fd:f4:97:d4:b8:0a:20:0f:
5e:85:d0:c5:48:76:00:4e:4a:c9:53:93:23:77:ce:9d:99:51:
f2:63:51:0c:c4:02:00:78:70:0d:44:1c:b8:7f:5c:4c:e9:74:
5f:da:84:a6:0d:3e:43:60:d3:4c:0e:b0:58:2d:67:47:aa:d6:
22:6c:6f:1a:91:50:b9:14:ce:81:17:05:4d:69:58:9a:58:06:
c7:af:52:7c:36:ff:fe:36:56:8b:64:fa:9c:77:62:60:c1:7c:
b3:03:87:bd:e8:5b:28:9e:53:00:bd:74:97:75:30:fe:20:00:
f1:b6:1a:c1:b3:91:81:cc:36:0e:3a:8a:eb:39:10:9a:b0:eb:
33:65:70:9a:8f:3d:ba:55:1d:32:0d:c7:c1:ba:44:1b:ac:f1:
dc:42:d9:66:20:f4:4e:e0:37:63:fb:6b:46:0f:f6:bb:3a:dd:
fb:f9:1f:fa:9a:44:db:09:cc:a8:24:d4:0d:ea:60:b3:04:c3:
54:59:6f:cb:9c:b2:8b:c2:2e:a9:9a:f7:62:62:d1:22:1e:85:
ad:33:e2:35:56:eb:0a:17:5f:0b:30:4b:5e:9a:3a:b5:50:aa:
36:db:5e:34
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUfBqwls3ukIFo9MFGAnr6Qln40kowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDA3MTYwMjM3MjNaFw0yNTA3MTUwMjQyMjNaMDMxMTAvBgNV
BAMTKDlGRDM3RDkwMjM1OTFGOUY2NjY3MTRCQkJCRkZDNEY3NTlFRjBCQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfz92XJj+Y7/Yf//IUem0GHvNZ
+YOE6u/VLIczIRnrDiHupcbP7tpBcyoeg0uBgdUSa1jta0T+g44YfmKiyMr30ME7
4J/lf3c1yHZuk02Yt+79aNdRgTrhoYF7maYDGsxz0Ht805CRN9VKEsggqFcC4qT6
lI8XY9TnQii+zDgHhqHGTf6KP62WyPwk4b4RxAo+2waQg+JMO8nq4yKrlswbdsz+
n8YcKQSY+QYnSRpsKl/gPDdg/+X/t5hMxEZ2U5UMzLsiVtFIhL/Or9qMbPr1nfCd
f2P6cidqdcS3BFKAp++7a36CftTcUR0GpzoysotR+nRf6tDn9iXGeXHBSinDAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUn9N9kCNZH59mZxS7u//E91nvC64wHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxMzAwMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASoPlACAHjANBgkqhkiG9w0BAQsFAAOC
AQEAnPrIVclePetMkpr9rULkp0kfhM8CuoDPntoE0v30l9S4CiAPXoXQxUh2AE5K
yVOTI3fOnZlR8mNRDMQCAHhwDUQcuH9cTOl0X9qEpg0+Q2DTTA6wWC1nR6rWImxv
GpFQuRTOgRcFTWlYmlgGx69SfDb//jZWi2T6nHdiYMF8swOHvehbKJ5TAL10l3Uw
/iAA8bYawbORgcw2DjqK6zkQmrDrM2Vwmo89ulUdMg3HwbpEG6zx3ELZZiD0TuA3
Y/trRg/2uzrd+/kf+ppE2wnMqCTUDepgswTDVFlvy5yyi8IuqZr3YmLRIh6FrTPi
NVbrChdfCzBLXpo6tVCqNtteNA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:42 2024 by rpki-client on console-ams.rpki-client.org