Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS214199.roa
File: AS214199.roa (raw, json)
Hash identifier: SJ6QvDBFBCkEYNFFR9x4PjDleV0VkxlD/Q5eSokZEX8=
Subject key identifier: AB:1E:B4:8A:ED:41:6E:5C:49:7D:ED:F2:D0:88:8F:53:45:EF:D9:48
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 2D04E49C1CA31A4E966A29B32E54FF31FABAA4A2
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS214199.roa
Signing time: Sun 15 Sep 2024 00:22:58 +0000
ROA not before: Sun 15 Sep 2024 00:17:58 +0000
ROA not after: Sun 14 Sep 2025 00:22:58 +0000
asID: 214199
IP address blocks: 2a0f:9400:7e16::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:04:e4:9c:1c:a3:1a:4e:96:6a:29:b3:2e:54:ff:31:fa:ba:a4:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Sep 15 00:17:58 2024 GMT
Not After : Sep 14 00:22:58 2025 GMT
Subject: CN=AB1EB48AED416E5C497DEDF2D0888F5345EFD948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:01:5b:55:8f:6a:ca:56:5d:62:b2:68:63:2f:
76:59:67:99:15:01:09:87:63:67:83:38:8d:26:dc:
ff:2b:8c:aa:0b:41:3f:11:3c:2a:b6:1c:df:0d:9b:
e7:26:33:5a:28:66:2d:06:f6:c9:ba:78:ab:ed:39:
95:24:6e:db:9b:48:bd:70:16:49:64:1d:db:0f:e6:
2c:91:9c:9c:09:a2:03:dd:56:10:15:80:95:07:8e:
29:44:4e:0e:97:2f:f6:0a:f0:c5:98:db:fa:eb:bd:
1b:6a:ba:f5:d7:f4:73:f0:56:fb:f9:c3:cc:6c:55:
61:06:5e:be:c3:9b:46:c1:e6:eb:cf:6d:b4:6a:41:
fc:9a:bf:ff:ec:ea:f6:d9:03:d2:27:df:03:b4:dd:
0e:a5:dd:cb:f2:5f:ef:e3:01:a7:49:b2:7a:be:1c:
fc:7f:20:18:33:b8:97:5a:03:d5:d6:b1:da:22:a6:
17:6b:05:78:7f:c5:06:07:10:d2:3e:cd:e3:b5:a1:
2c:94:31:2b:39:1c:8f:af:29:b7:02:d0:9c:57:1a:
05:51:54:5a:4f:7f:d7:25:56:cf:b3:8f:8d:c8:f8:
77:a5:d3:fd:3f:52:c2:11:5e:5d:4a:ae:f3:38:79:
2a:b0:c2:c2:ab:6b:0e:37:6f:37:f0:24:6c:ab:84:
76:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:1E:B4:8A:ED:41:6E:5C:49:7D:ED:F2:D0:88:8F:53:45:EF:D9:48
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS214199.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:7e16::/48
Signature Algorithm: sha256WithRSAEncryption
48:02:81:cc:63:76:fc:c1:68:ef:e7:e9:1b:e7:6d:99:14:1d:
9c:84:a4:4e:91:56:10:ad:3a:8a:82:dd:72:4b:96:1d:ff:19:
0f:8e:45:72:20:e0:11:aa:2b:f2:1e:c0:6a:ca:d1:95:31:c7:
80:b0:94:9d:10:83:04:fb:31:d8:51:69:b4:7d:c1:d5:ec:7d:
db:34:f0:f0:40:88:b1:33:fc:1c:16:fd:82:90:41:10:b3:79:
19:74:05:3d:13:f0:fa:15:ed:fe:77:53:7e:25:3b:4e:1b:0d:
74:c0:5e:c3:1f:01:7e:10:4d:39:20:50:ab:30:74:44:61:c7:
b4:e7:2e:8e:f9:cd:39:70:e7:60:ac:d1:07:f0:18:4f:44:15:
5d:fd:ed:1e:35:ea:25:bc:96:4f:13:44:0a:3b:fa:b4:75:1d:
97:22:c3:33:84:16:e4:bc:f5:a4:01:91:7f:b3:2e:0d:69:4a:
50:ac:ad:8d:f0:56:be:b1:a3:c8:e5:18:ba:bf:cc:de:51:b7:
8b:b9:b0:c4:d0:bc:de:72:c5:4f:bb:e5:39:27:0a:a3:af:f2:
21:d3:bc:81:71:a2:93:31:ba:32:96:c0:4d:a5:46:88:0c:3d:
fc:39:95:d7:84:4a:ae:fa:4c:84:0e:71:da:38:56:f5:10:5d:
48:22:81:7c
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIULQTknByjGk6WaimzLlT/Mfq6pKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDA5MTUwMDE3NThaFw0yNTA5MTQwMDIyNThaMDMxMTAvBgNV
BAMTKEFCMUVCNDhBRUQ0MTZFNUM0OTdERURGMkQwODg4RjUzNDVFRkQ5NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkAVtVj2rKVl1ismhjL3ZZZ5kV
AQmHY2eDOI0m3P8rjKoLQT8RPCq2HN8Nm+cmM1ooZi0G9sm6eKvtOZUkbtubSL1w
FklkHdsP5iyRnJwJogPdVhAVgJUHjilETg6XL/YK8MWY2/rrvRtquvXX9HPwVvv5
w8xsVWEGXr7Dm0bB5uvPbbRqQfyav//s6vbZA9In3wO03Q6l3cvyX+/jAadJsnq+
HPx/IBgzuJdaA9XWsdoiphdrBXh/xQYHENI+zeO1oSyUMSs5HI+vKbcC0JxXGgVR
VFpPf9clVs+zj43I+Hel0/0/UsIRXl1KrvM4eSqwwsKraw43bzfwJGyrhHbJAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUqx60iu1BblxJfe3y0IiPU0Xv2UgwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxNDE5OS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlAB+FjANBgkqhkiG9w0BAQsFAAOC
AQEASAKBzGN2/MFo7+fpG+dtmRQdnISkTpFWEK06ioLdckuWHf8ZD45FciDgEaor
8h7AasrRlTHHgLCUnRCDBPsx2FFptH3B1ex92zTw8ECIsTP8HBb9gpBBELN5GXQF
PRPw+hXt/ndTfiU7ThsNdMBewx8BfhBNOSBQqzB0RGHHtOcujvnNOXDnYKzRB/AY
T0QVXf3tHjXqJbyWTxNECjv6tHUdlyLDM4QW5Lz1pAGRf7MuDWlKUKytjfBWvrGj
yOUYur/M3lG3i7mwxNC83nLFT7vlOScKo6/yIdO8gXGikzG6MpbATaVGiAw9/DmV
14RKrvpMhA5x2jhW9RBdSCKBfA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:34:43 2024 by rpki-client on console-fra.rpki-client.org