Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS214209.roa
File: AS214209.roa (raw, json)
Hash identifier: 44WxQ1YzPSgB+QOfHXUcIfEmdK7DAy9FTewcmPc4Vyw=
Subject key identifier: 45:E5:31:4D:B1:F2:C0:7D:14:BC:8F:14:D0:86:5A:A0:7F:39:3E:7D
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 097430FE94362802319A1DC47C1E300CCAA2F7F0
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS214209.roa
Signing time: Mon 11 Nov 2024 11:33:14 +0000
ROA not before: Mon 11 Nov 2024 11:28:14 +0000
ROA not after: Mon 10 Nov 2025 11:33:14 +0000
asID: 214209
IP address blocks: 2a0f:9400:7e11::/48 maxlen: 48
2a0f:9400:7e15::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:74:30:fe:94:36:28:02:31:9a:1d:c4:7c:1e:30:0c:ca:a2:f7:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Nov 11 11:28:14 2024 GMT
Not After : Nov 10 11:33:14 2025 GMT
Subject: CN=45E5314DB1F2C07D14BC8F14D0865AA07F393E7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e8:13:6b:ab:4b:b2:15:10:29:c9:4c:fd:36:
c8:04:92:68:61:6f:76:78:b9:0a:c0:a8:78:6a:1b:
79:07:f6:3b:8e:de:f3:2c:83:3d:89:4c:55:8a:a8:
f5:30:e0:8a:8c:eb:93:74:d1:56:db:1a:40:ed:2f:
d4:a6:44:82:8c:f8:6d:ac:2e:71:98:ba:df:fa:e5:
2d:a5:76:eb:5b:dd:c0:5d:89:23:1a:12:ec:97:45:
dd:1d:76:35:e1:06:37:71:42:95:45:bf:36:3c:7d:
01:b5:d6:ce:fe:45:de:82:13:95:09:e8:d2:10:7a:
74:92:5a:52:01:fd:66:bf:7a:f6:ea:ad:e8:f6:4a:
c4:f8:52:ba:ec:00:e7:ba:2d:c5:b1:5e:40:fb:ac:
79:19:30:7e:6f:f0:17:77:05:c6:a2:4f:4d:fd:23:
25:d9:2b:7f:39:ca:c3:0f:2e:83:c6:b9:51:65:34:
68:ea:ed:b2:33:37:b7:2a:85:e6:4f:4f:f2:b0:96:
33:3a:ed:c8:a8:d1:9a:27:49:b2:85:46:c3:46:5a:
12:4e:a3:ad:68:24:51:54:08:31:d2:8b:75:fe:24:
f0:71:f1:da:49:52:15:4f:1c:63:a1:16:9d:b0:8d:
ab:c6:8b:18:10:17:3c:3d:61:6c:7a:00:eb:28:ac:
4a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E5:31:4D:B1:F2:C0:7D:14:BC:8F:14:D0:86:5A:A0:7F:39:3E:7D
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS214209.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:7e11::/48
2a0f:9400:7e15::/48
Signature Algorithm: sha256WithRSAEncryption
20:bf:4a:dc:5b:74:ef:5c:6d:49:f2:86:c6:cb:47:c0:ac:12:
2a:b7:ba:3a:ac:d6:b1:28:59:cb:46:b2:3d:e0:a9:bd:27:e6:
c5:65:94:ea:4a:a1:04:19:b9:f4:59:eb:fe:74:a5:f5:65:5d:
e7:ee:68:d6:27:10:47:3f:77:25:45:04:51:38:66:84:f7:01:
36:f8:05:39:39:0e:bb:f2:02:a7:e5:04:8d:94:22:d7:65:ed:
7f:11:f4:e1:6d:31:37:ec:86:b1:08:2d:ca:94:05:57:b7:ec:
71:95:ce:40:c2:dc:bd:53:2a:5d:93:6c:35:91:4f:a7:ac:82:
cb:44:1f:6b:7c:08:2e:89:09:ea:1a:be:ad:dc:8b:d3:24:71:
a8:57:e4:50:7d:79:73:27:2a:f1:60:0f:c7:b1:6a:ec:83:83:
38:7e:1a:58:a7:cc:b3:69:66:e2:7d:97:32:cd:f4:df:e9:cb:
f5:00:ad:1a:a3:e0:45:c8:81:ed:e7:2d:9a:ed:e6:22:7b:7f:
0f:91:62:db:6c:4b:4c:35:88:12:00:31:58:c1:16:5c:d4:49:
d9:67:f7:ff:0f:84:af:8a:64:75:8c:fb:12:52:ff:09:c6:94:
d2:e2:ce:e8:7d:b3:ca:76:63:ca:3a:a0:32:ac:07:64:b1:c4:
39:9b:5e:02
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUCXQw/pQ2KAIxmh3EfB4wDMqi9/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDExMTExMTI4MTRaFw0yNTExMTAxMTMzMTRaMDMxMTAvBgNV
BAMTKDQ1RTUzMTREQjFGMkMwN0QxNEJDOEYxNEQwODY1QUEwN0YzOTNFN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm6BNrq0uyFRApyUz9NsgEkmhh
b3Z4uQrAqHhqG3kH9juO3vMsgz2JTFWKqPUw4IqM65N00VbbGkDtL9SmRIKM+G2s
LnGYut/65S2ldutb3cBdiSMaEuyXRd0ddjXhBjdxQpVFvzY8fQG11s7+Rd6CE5UJ
6NIQenSSWlIB/Wa/evbqrej2SsT4UrrsAOe6LcWxXkD7rHkZMH5v8Bd3BcaiT039
IyXZK385ysMPLoPGuVFlNGjq7bIzN7cqheZPT/KwljM67cio0ZonSbKFRsNGWhJO
o61oJFFUCDHSi3X+JPBx8dpJUhVPHGOhFp2wjavGixgQFzw9YWx6AOsorEpnAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUReUxTbHywH0UvI8U0IZaoH85Pn0wHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxNDIwOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggr
BgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoPlAB+EQMHACoPlAB+FTANBgkqhkiG
9w0BAQsFAAOCAQEAIL9K3Ft071xtSfKGxstHwKwSKre6OqzWsShZy0ayPeCpvSfm
xWWU6kqhBBm59Fnr/nSl9WVd5+5o1icQRz93JUUEUThmhPcBNvgFOTkOu/ICp+UE
jZQi12XtfxH04W0xN+yGsQgtypQFV7fscZXOQMLcvVMqXZNsNZFPp6yCy0Qfa3wI
LokJ6hq+rdyL0yRxqFfkUH15cycq8WAPx7Fq7IODOH4aWKfMs2lm4n2XMs303+nL
9QCtGqPgRciB7ectmu3mInt/D5Fi22xLTDWIEgAxWMEWXNRJ2Wf3/w+Er4pkdYz7
ElL/CcaU0uLO6H2zynZjyjqgMqwHZLHEOZteAg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:34:43 2024 by rpki-client on console-fra.rpki-client.org