Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS214344.roa
File: AS214344.roa (raw, json)
Hash identifier: rPtbR4hPU1qSxxiRN7k384TRRPdhjVKriUJV6aXFpQs=
Subject key identifier: 76:94:02:5E:DE:4B:06:54:59:02:17:46:A8:8A:95:19:CF:27:DF:D6
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 3D437469C2A6C0C7A0C976F57D67411AD69C3DC3
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS214344.roa
Signing time: Wed 21 Aug 2024 17:52:11 +0000
ROA not before: Wed 21 Aug 2024 17:47:11 +0000
ROA not after: Wed 20 Aug 2025 17:52:11 +0000
asID: 214344
IP address blocks: 2a0f:9400:6119::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:43:74:69:c2:a6:c0:c7:a0:c9:76:f5:7d:67:41:1a:d6:9c:3d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Aug 21 17:47:11 2024 GMT
Not After : Aug 20 17:52:11 2025 GMT
Subject: CN=7694025EDE4B065459021746A88A9519CF27DFD6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:98:ed:7b:b3:6b:69:c8:d8:5d:55:73:d9:d6:
25:13:a5:3e:4a:73:2d:92:04:81:65:02:5c:6b:49:
71:92:17:f7:33:01:ae:e4:b1:78:c2:2e:36:5a:36:
42:5f:62:fc:fd:d2:df:d8:6f:1e:00:7e:0a:b3:89:
8b:a8:02:28:50:89:29:6f:50:c8:fe:46:03:b0:04:
a6:9d:70:2b:72:57:da:76:95:5d:8a:24:5d:f1:b8:
2f:17:01:b1:71:e0:af:8e:4c:b1:4e:ea:34:1f:98:
c3:5e:ca:d0:18:48:19:e0:38:60:cd:b5:2d:03:c4:
6b:90:a6:45:6b:95:a9:a0:19:0c:72:86:57:37:fc:
4b:c6:dd:29:c2:fe:f9:3c:63:e3:2a:bc:a2:e9:8d:
fa:72:00:82:b1:a4:b2:c9:b1:46:d4:19:80:2a:95:
69:4a:be:f5:2c:c2:30:65:a0:28:f8:d6:54:ff:73:
a2:f6:89:d3:7c:13:18:6d:a9:12:02:8f:d5:dc:b7:
9d:14:a8:2d:c0:d8:2c:b4:87:14:16:bc:fd:67:2a:
8b:cb:16:5b:79:7a:61:aa:65:bc:bc:21:fb:0b:ae:
67:8f:f9:d6:d5:16:e3:ef:82:65:34:c8:2f:04:5e:
76:76:3e:15:ae:a6:12:ec:b2:d4:48:36:1f:ba:26:
fa:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:94:02:5E:DE:4B:06:54:59:02:17:46:A8:8A:95:19:CF:27:DF:D6
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS214344.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6119::/48
Signature Algorithm: sha256WithRSAEncryption
01:e4:66:40:b5:ea:3d:c6:17:16:35:bf:b3:ec:c7:87:a5:43:
98:8e:cb:e2:e8:8a:3e:7c:b8:2a:38:80:4b:95:d5:76:94:50:
4f:ce:ef:6a:79:82:7a:57:e6:96:b5:66:53:46:0e:78:91:23:
99:1e:76:17:f9:f1:75:26:15:91:ed:30:e2:b4:0e:31:47:3f:
5e:9a:e7:20:17:fd:78:69:f5:79:7e:1f:a5:31:79:03:0a:00:
b5:9b:a7:7f:21:91:8b:fd:74:8e:f5:ea:2b:1d:24:be:38:65:
df:d2:a1:71:a7:25:8f:de:c7:75:ee:bb:24:ab:23:21:72:aa:
f0:ce:26:f8:88:d5:65:65:0c:20:e7:49:8c:0c:d8:6b:e0:e6:
9e:e5:1d:f7:a6:90:58:d0:c9:f0:47:dd:6e:23:1a:2a:16:d1:
5c:cb:34:0b:e7:24:4e:1a:2c:49:9b:53:90:a7:13:12:b7:a8:
26:49:88:17:f4:02:bb:da:68:e4:cb:b6:b1:43:3d:cb:dd:88:
a4:56:a3:04:b0:07:f4:96:39:a2:09:fd:76:ac:89:85:44:64:
ae:fe:34:6e:cc:7e:5a:63:a2:5c:d9:da:74:9c:9c:8d:be:6e:
78:98:37:0f:67:c9:da:a9:59:9e:b6:94:00:b6:0b:1b:3e:4f:
ab:c3:95:2c
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUPUN0acKmwMegyXb1fWdBGtacPcMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDA4MjExNzQ3MTFaFw0yNTA4MjAxNzUyMTFaMDMxMTAvBgNV
BAMTKDc2OTQwMjVFREU0QjA2NTQ1OTAyMTc0NkE4OEE5NTE5Q0YyN0RGRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgmO17s2tpyNhdVXPZ1iUTpT5K
cy2SBIFlAlxrSXGSF/czAa7ksXjCLjZaNkJfYvz90t/Ybx4AfgqziYuoAihQiSlv
UMj+RgOwBKadcCtyV9p2lV2KJF3xuC8XAbFx4K+OTLFO6jQfmMNeytAYSBngOGDN
tS0DxGuQpkVrlamgGQxyhlc3/EvG3SnC/vk8Y+MqvKLpjfpyAIKxpLLJsUbUGYAq
lWlKvvUswjBloCj41lT/c6L2idN8ExhtqRICj9Xct50UqC3A2Cy0hxQWvP1nKovL
Flt5emGqZby8IfsLrmeP+dbVFuPvgmU0yC8EXnZ2PhWuphLsstRINh+6JvrnAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUdpQCXt5LBlRZAhdGqIqVGc8n39YwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxNDM0NC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlABhGTANBgkqhkiG9w0BAQsFAAOC
AQEAAeRmQLXqPcYXFjW/s+zHh6VDmI7L4uiKPny4KjiAS5XVdpRQT87vanmCelfm
lrVmU0YOeJEjmR52F/nxdSYVke0w4rQOMUc/XprnIBf9eGn1eX4fpTF5AwoAtZun
fyGRi/10jvXqKx0kvjhl39Khcaclj97Hde67JKsjIXKq8M4m+IjVZWUMIOdJjAzY
a+DmnuUd96aQWNDJ8EfdbiMaKhbRXMs0C+ckThosSZtTkKcTEreoJkmIF/QCu9po
5Mu2sUM9y92IpFajBLAH9JY5ogn9dqyJhURkrv40bsx+WmOiXNnadJycjb5ueJg3
D2fJ2qlZnraUALYLGz5Pq8OVLA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:35:04 2024 by rpki-client on console-ams.rpki-client.org