Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS215532.roa
File: AS215532.roa (raw, json)
Hash identifier: L9ucRyXLLiyTWA96geQ07Dw1KlxKJqrod3lYl+MKrgo=
Subject key identifier: 46:2C:94:4E:18:FB:9E:BB:AE:CF:E5:A4:79:EB:61:14:1D:CF:79:7D
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 18EB264E5F79F9C32406C4B0063839ABCE5DD74E
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS215532.roa
Signing time: Tue 12 Mar 2024 19:28:32 +0000
ROA not before: Tue 12 Mar 2024 19:23:32 +0000
ROA not after: Tue 11 Mar 2025 19:28:32 +0000
asID: 215532
IP address blocks: 2a0f:9400:6160::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:eb:26:4e:5f:79:f9:c3:24:06:c4:b0:06:38:39:ab:ce:5d:d7:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Mar 12 19:23:32 2024 GMT
Not After : Mar 11 19:28:32 2025 GMT
Subject: CN=462C944E18FB9EBBAECFE5A479EB61141DCF797D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:51:35:4b:28:79:3f:a7:ae:8b:27:3e:48:de:
59:9d:62:2a:6f:ee:9f:31:ad:16:ed:df:57:be:77:
da:5b:90:99:bd:fe:2e:af:73:02:12:bb:cf:9f:1e:
7b:64:46:c4:32:5d:47:72:4b:70:ce:8a:93:cf:07:
c6:da:a8:23:e1:d4:f2:52:58:82:3d:b8:f5:f4:a1:
d4:60:d5:f9:6a:d1:a1:04:de:fe:1d:68:86:df:02:
68:8b:24:f4:fb:0a:b6:0f:c0:43:92:f7:d7:d5:8a:
b9:e0:8e:8b:b6:bc:cb:5e:35:d9:8f:29:d0:5d:31:
a2:76:66:2c:94:68:be:71:25:30:2a:2d:79:60:b5:
5c:2d:ee:12:fc:e6:8c:d8:27:b3:a0:57:f3:d6:d0:
13:2b:a1:50:83:c0:fc:6b:33:17:56:59:4d:2a:94:
8f:5c:dc:c0:07:12:5e:69:42:44:dc:e3:cd:10:3c:
12:99:12:3a:a0:87:0d:80:aa:e6:7a:76:eb:b5:3e:
6f:32:aa:4f:c3:67:0c:85:ac:71:f1:dd:0a:87:6f:
13:7a:26:f9:ca:b4:6d:6e:48:c3:11:79:89:a6:61:
95:3c:d8:5f:36:63:e2:1e:85:0c:42:75:9d:77:ce:
96:80:68:0c:43:6b:d6:6b:2e:c3:cb:86:ab:b9:36:
ef:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:2C:94:4E:18:FB:9E:BB:AE:CF:E5:A4:79:EB:61:14:1D:CF:79:7D
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS215532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6160::/48
Signature Algorithm: sha256WithRSAEncryption
4c:b1:87:96:12:83:94:ff:90:96:52:8a:f9:66:c1:b6:22:38:
8a:33:02:36:d9:0d:50:15:33:c0:63:f4:e6:49:23:4f:7d:d5:
2e:cc:f1:e0:7b:71:81:93:a4:31:24:54:82:ad:75:dc:bc:77:
97:01:0b:14:47:dd:a7:db:26:3a:ce:39:39:21:c0:a8:1e:da:
48:c2:94:9e:d6:d4:a8:80:76:cb:85:5e:6a:8d:47:40:6a:b9:
c8:52:ea:b2:61:ed:db:74:6d:a9:09:d3:f7:68:55:39:ec:08:
41:bf:d0:e0:6b:a0:fa:df:77:5c:dc:7c:3d:f2:37:8b:0d:49:
1f:f7:ad:0f:5e:8a:19:ac:84:36:f1:39:78:45:7e:0d:33:6a:
ee:80:0f:2b:d9:a5:25:cf:96:64:2c:89:78:ba:fb:8f:8c:5c:
3c:b0:b2:ef:0c:ad:1d:52:eb:71:9e:3c:61:7a:74:76:22:1f:
34:e1:2f:39:6b:be:65:b0:b2:32:a8:2a:94:d0:4d:70:8c:1a:
e5:0e:47:48:36:49:4b:5b:03:6c:11:82:3c:6d:43:41:65:9b:
87:37:42:7b:54:f7:10:a4:de:1b:1c:8a:48:0e:95:1e:ef:3d:
9a:19:ac:8f:e4:bd:7b:c3:81:82:1e:fa:6f:44:d8:bb:cf:e9:
90:f0:34:e7
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUGOsmTl95+cMkBsSwBjg5q85d104wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDAzMTIxOTIzMzJaFw0yNTAzMTExOTI4MzJaMDMxMTAvBgNV
BAMTKDQ2MkM5NDRFMThGQjlFQkJBRUNGRTVBNDc5RUI2MTE0MURDRjc5N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbUTVLKHk/p66LJz5I3lmdYipv
7p8xrRbt31e+d9pbkJm9/i6vcwISu8+fHntkRsQyXUdyS3DOipPPB8baqCPh1PJS
WII9uPX0odRg1flq0aEE3v4daIbfAmiLJPT7CrYPwEOS99fVirngjou2vMteNdmP
KdBdMaJ2ZiyUaL5xJTAqLXlgtVwt7hL85ozYJ7OgV/PW0BMroVCDwPxrMxdWWU0q
lI9c3MAHEl5pQkTc480QPBKZEjqghw2AquZ6duu1Pm8yqk/DZwyFrHHx3QqHbxN6
JvnKtG1uSMMReYmmYZU82F82Y+IehQxCdZ13zpaAaAxDa9ZrLsPLhqu5Nu/7AgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQURiyUThj7nruuz+WkeethFB3PeX0wHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxNTUzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlABhYDANBgkqhkiG9w0BAQsFAAOC
AQEATLGHlhKDlP+QllKK+WbBtiI4ijMCNtkNUBUzwGP05kkjT33VLszx4HtxgZOk
MSRUgq113Lx3lwELFEfdp9smOs45OSHAqB7aSMKUntbUqIB2y4Veao1HQGq5yFLq
smHt23RtqQnT92hVOewIQb/Q4Gug+t93XNx8PfI3iw1JH/etD16KGayENvE5eEV+
DTNq7oAPK9mlJc+WZCyJeLr7j4xcPLCy7wytHVLrcZ48YXp0diIfNOEvOWu+ZbCy
MqgqlNBNcIwa5Q5HSDZJS1sDbBGCPG1DQWWbhzdCe1T3EKTeGxyKSA6VHu89mhms
j+S9e8OBgh76b0TYu8/pkPA05w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:34:43 2024 by rpki-client on console-fra.rpki-client.org