Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS213092.roa
File: AS213092.roa (raw, json)
Hash identifier: V2q5FZYSRrYmDr7gY14raBYASCYLoet3BJ6y5a7UdYY=
Subject key identifier: BC:42:54:E2:96:CF:63:51:BC:D4:78:A5:D2:28:F3:46:6F:67:4E:88
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 3AF646900874CE4D433515561D7E8C51A702BF76
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS213092.roa
Signing time: Thu 29 Aug 2024 19:20:27 +0000
ROA not before: Thu 29 Aug 2024 19:15:27 +0000
ROA not after: Thu 28 Aug 2025 19:20:27 +0000
asID: 213092
IP address blocks: 2a0f:9400:6145::/48 maxlen: 48
2a0f:9400:7370::/44 maxlen: 48
2a0f:9400:7370::/48 maxlen: 48
2a0f:9400:7379::/48 maxlen: 48
2a0f:9400:737a::/48 maxlen: 48
2a0f:9400:737c::/48 maxlen: 48
2a0f:9400:737d::/48 maxlen: 48
2a0f:9400:8023::/48 maxlen: 48
2a0f:9400:8026::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:f6:46:90:08:74:ce:4d:43:35:15:56:1d:7e:8c:51:a7:02:bf:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Aug 29 19:15:27 2024 GMT
Not After : Aug 28 19:20:27 2025 GMT
Subject: CN=BC4254E296CF6351BCD478A5D228F3466F674E88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:45:31:40:09:c7:8a:bf:f0:4e:c4:b0:0d:7d:
51:f3:d0:6a:d0:f8:59:6d:80:6a:fa:b0:64:9b:78:
9a:1d:f7:f4:e4:27:c8:d2:89:6b:d1:08:15:b5:43:
0d:ce:a8:5c:7e:e2:9b:34:fe:1f:60:30:96:13:75:
60:63:d6:df:19:91:13:63:15:59:20:69:8c:9e:90:
9f:63:01:45:31:8c:f2:f7:d9:6b:60:31:2b:19:6d:
00:97:3b:4f:68:c8:0c:10:4c:75:3d:86:3c:8d:b4:
75:f5:df:b7:a9:11:52:0c:e1:3e:e7:ec:08:76:24:
97:e4:ed:7c:bb:13:41:71:73:e5:24:8f:b1:2f:b5:
70:a3:ef:bf:b6:09:a2:80:84:cf:49:d1:2a:92:55:
18:5c:5d:6e:0a:6f:f7:aa:15:4e:5d:06:22:4c:ac:
84:65:85:70:67:a0:1a:e8:06:b6:25:86:10:9a:cb:
c1:49:ca:f0:57:74:0b:e6:79:e5:3c:3f:06:d4:b9:
78:92:ea:0e:5e:13:47:36:64:4c:3e:68:90:c0:39:
5e:86:79:00:a8:51:72:c1:6c:09:a4:61:4d:88:77:
29:25:0c:9b:85:f3:ba:48:6e:0b:c2:cb:41:3e:0b:
d2:66:8a:f4:45:52:c6:a0:39:cb:9f:90:ff:6c:c3:
2c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:42:54:E2:96:CF:63:51:BC:D4:78:A5:D2:28:F3:46:6F:67:4E:88
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS213092.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6145::/48
2a0f:9400:7370::/44
2a0f:9400:8023::/48
2a0f:9400:8026::/48
Signature Algorithm: sha256WithRSAEncryption
69:96:16:a9:0c:fd:01:63:f4:87:84:84:bb:e0:14:9c:b2:1b:
e2:fa:ff:03:00:b5:0d:50:50:d9:15:31:bf:a8:87:8e:15:7d:
f2:9c:8a:fe:04:96:db:19:97:fc:e6:7f:1b:63:11:59:6c:aa:
c4:97:6d:05:11:fb:d7:d8:37:87:dd:e8:fb:34:fb:ba:9b:6c:
98:ef:0e:aa:d5:f7:17:57:92:ea:a8:e1:b4:15:60:8e:b2:47:
87:91:d7:21:9a:e3:dd:1f:b4:11:d9:4a:e9:62:e8:e0:a2:56:
3a:36:99:35:45:17:cd:1f:4d:03:ca:2e:69:4b:26:fb:7b:89:
fc:e0:a4:63:63:1e:5e:36:81:25:b8:8c:39:18:19:a7:56:79:
c5:aa:36:0a:d0:04:20:25:35:a3:56:b0:3b:d8:de:cd:d8:33:
4e:13:df:ec:1e:9f:52:b9:1d:a9:01:e6:d2:64:34:ce:bf:6b:
02:37:18:74:d9:8e:a7:52:08:ed:7a:72:df:a4:70:36:7c:d9:
af:be:a5:48:61:8c:34:57:f4:be:d2:ef:b7:84:2c:46:47:ee:
8d:52:b2:ed:13:21:cb:fe:ab:77:b0:1b:da:15:a4:b9:54:7c:
8c:b2:7e:63:2f:92:d9:8e:fc:8e:5a:13:a1:7f:32:f5:fc:93:
66:48:92:f0
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgIUOvZGkAh0zk1DNRVWHX6MUacCv3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDA4MjkxOTE1MjdaFw0yNTA4MjgxOTIwMjdaMDMxMTAvBgNV
BAMTKEJDNDI1NEUyOTZDRjYzNTFCQ0Q0NzhBNUQyMjhGMzQ2NkY2NzRFODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJRTFACceKv/BOxLANfVHz0GrQ
+FltgGr6sGSbeJod9/TkJ8jSiWvRCBW1Qw3OqFx+4ps0/h9gMJYTdWBj1t8ZkRNj
FVkgaYyekJ9jAUUxjPL32WtgMSsZbQCXO09oyAwQTHU9hjyNtHX137epEVIM4T7n
7Ah2JJfk7Xy7E0Fxc+Ukj7EvtXCj77+2CaKAhM9J0SqSVRhcXW4Kb/eqFU5dBiJM
rIRlhXBnoBroBrYlhhCay8FJyvBXdAvmeeU8PwbUuXiS6g5eE0c2ZEw+aJDAOV6G
eQCoUXLBbAmkYU2IdyklDJuF87pIbgvCy0E+C9JmivRFUsagOcufkP9swywzAgMB
AAGjggHkMIIB4DAdBgNVHQ4EFgQUvEJU4pbPY1G81Hil0ijzRm9nTogwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxMzA5Mi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9Bggr
BgEFBQcBBwEB/wQuMCwwKgQCAAIwJAMHACoPlABhRQMHBCoPlABzcAMHACoPlACA
IwMHACoPlACAJjANBgkqhkiG9w0BAQsFAAOCAQEAaZYWqQz9AWP0h4SEu+AUnLIb
4vr/AwC1DVBQ2RUxv6iHjhV98pyK/gSW2xmX/OZ/G2MRWWyqxJdtBRH719g3h93o
+zT7uptsmO8OqtX3F1eS6qjhtBVgjrJHh5HXIZrj3R+0EdlK6WLo4KJWOjaZNUUX
zR9NA8ouaUsm+3uJ/OCkY2MeXjaBJbiMORgZp1Z5xao2CtAEICU1o1awO9jezdgz
ThPf7B6fUrkdqQHm0mQ0zr9rAjcYdNmOp1II7Xpy36RwNnzZr76lSGGMNFf0vtLv
t4QsRkfujVKy7RMhy/6rd7Ab2hWkuVR8jLJ+Yy+S2Y78jloToX8y9fyTZkiS8A==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:35:04 2024 by rpki-client on console-ams.rpki-client.org