Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS215532.roa
File: AS215532.roa (raw, json)
Hash identifier: Ta9/PKi8BFxLPfW/7iRv6GzdBtKiq6URwFqyQRpJTFU=
Subject key identifier: C9:75:2D:ED:0D:2F:FB:6C:A0:82:CF:91:A7:66:61:8E:74:B0:15:33
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 2863D46B9FBA72517154EC24F0034B3B9C901424
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS215532.roa
Signing time: Tue 11 Feb 2025 20:12:40 +0000
ROA not before: Tue 11 Feb 2025 20:07:40 +0000
ROA not after: Tue 10 Feb 2026 20:12:40 +0000
asID: 215532
IP address blocks: 2a0f:9400:6160::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:63:d4:6b:9f:ba:72:51:71:54:ec:24:f0:03:4b:3b:9c:90:14:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Feb 11 20:07:40 2025 GMT
Not After : Feb 10 20:12:40 2026 GMT
Subject: CN=C9752DED0D2FFB6CA082CF91A766618E74B01533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e6:b7:5c:31:36:41:92:fc:31:c6:f4:af:ce:
5e:d9:16:95:1c:73:9c:7f:d3:a3:0b:39:95:5c:c3:
18:83:a6:14:d6:e6:70:7b:f1:36:1d:ed:a0:b1:f5:
92:2d:47:67:f2:5f:37:76:e8:03:f1:e8:58:a2:69:
2c:da:76:98:ec:c9:ed:85:af:be:60:c7:03:52:4a:
39:86:2a:d3:51:66:db:1d:10:61:2b:15:e2:37:cd:
25:58:a7:4e:47:a1:17:e7:ec:69:c6:24:b7:b6:0b:
e5:87:dd:39:55:ea:47:ef:91:d4:93:4a:d5:47:80:
4d:6a:2b:8a:b9:c3:76:24:52:84:07:96:5b:b1:be:
51:e5:fe:2c:ad:c6:28:28:51:2b:fd:c3:bc:f9:bd:
d3:7e:4a:f8:67:06:79:1d:d2:33:0c:5f:bc:84:65:
67:38:88:09:74:f3:f0:0a:b1:29:94:20:8c:41:2a:
8f:47:56:86:87:40:a1:76:84:17:13:cd:b3:d6:3f:
95:65:cb:5d:dd:80:ea:66:8c:83:a9:87:ab:1f:de:
b3:d4:d3:79:71:66:66:44:80:35:5c:c2:26:e4:5c:
13:4a:3c:2a:15:40:a5:d2:f7:80:a1:b8:4e:a9:3e:
73:f4:63:e8:1f:80:85:58:20:03:b9:8b:7e:f3:2e:
e0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:75:2D:ED:0D:2F:FB:6C:A0:82:CF:91:A7:66:61:8E:74:B0:15:33
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS215532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6160::/48
Signature Algorithm: sha256WithRSAEncryption
7b:09:89:14:4e:db:e8:7e:96:78:f7:6e:66:fa:a3:05:cd:02:
cf:e3:36:3c:f5:3f:20:70:78:d2:dd:a5:7a:55:fb:74:05:b1:
22:8f:68:b3:30:1e:1a:d1:05:21:a4:38:a0:d9:69:07:72:17:
70:88:4f:26:e7:da:02:1e:0f:fa:58:16:f7:ee:dc:98:18:e1:
50:85:2c:83:60:d1:bf:93:ba:c8:0c:53:1c:28:a0:d3:42:81:
2a:18:c3:c7:e5:83:28:78:ab:40:0c:b4:1b:f4:47:63:ad:3b:
9f:82:12:8a:eb:43:98:88:b8:e2:f9:e6:04:d9:f1:05:8b:24:
5f:3f:c5:d4:8c:78:32:6c:27:7b:b0:d1:42:34:da:4e:1e:88:
80:1b:8b:dc:81:46:5f:f3:6d:4b:77:c1:9f:7f:78:a9:97:da:
6e:c8:cd:17:6a:57:7a:ca:be:c2:cf:55:59:5f:46:40:56:49:
50:36:02:6d:3c:21:f4:ae:df:7e:ee:68:e5:f6:d1:26:f1:0e:
78:31:09:ae:5b:cc:0e:38:da:8f:c3:ea:e0:13:21:a8:e1:3c:
0c:6b:22:28:66:97:31:3a:7f:93:8f:3c:af:54:ac:f0:03:18:
b9:22:1d:ed:2a:bb:a5:f6:9c:eb:2e:08:22:d3:9b:a8:f7:cf:
15:c0:a1:93
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUKGPUa5+6clFxVOwk8ANLO5yQFCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNTAyMTEyMDA3NDBaFw0yNjAyMTAyMDEyNDBaMDMxMTAvBgNV
BAMTKEM5NzUyREVEMEQyRkZCNkNBMDgyQ0Y5MUE3NjY2MThFNzRCMDE1MzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU5rdcMTZBkvwxxvSvzl7ZFpUc
c5x/06MLOZVcwxiDphTW5nB78TYd7aCx9ZItR2fyXzd26APx6FiiaSzadpjsye2F
r75gxwNSSjmGKtNRZtsdEGErFeI3zSVYp05HoRfn7GnGJLe2C+WH3TlV6kfvkdST
StVHgE1qK4q5w3YkUoQHlluxvlHl/iytxigoUSv9w7z5vdN+SvhnBnkd0jMMX7yE
ZWc4iAl08/AKsSmUIIxBKo9HVoaHQKF2hBcTzbPWP5Vly13dgOpmjIOph6sf3rPU
03lxZmZEgDVcwibkXBNKPCoVQKXS94ChuE6pPnP0Y+gfgIVYIAO5i37zLuBvAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUyXUt7Q0v+2yggs+Rp2ZhjnSwFTMwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxNTUzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlABhYDANBgkqhkiG9w0BAQsFAAOC
AQEAewmJFE7b6H6WePduZvqjBc0Cz+M2PPU/IHB40t2lelX7dAWxIo9oszAeGtEF
IaQ4oNlpB3IXcIhPJufaAh4P+lgW9+7cmBjhUIUsg2DRv5O6yAxTHCig00KBKhjD
x+WDKHirQAy0G/RHY607n4ISiutDmIi44vnmBNnxBYskXz/F1Ix4Mmwne7DRQjTa
Th6IgBuL3IFGX/NtS3fBn394qZfabsjNF2pXesq+ws9VWV9GQFZJUDYCbTwh9K7f
fu5o5fbRJvEOeDEJrlvMDjjaj8Pq4BMhqOE8DGsiKGaXMTp/k488r1Ss8AMYuSId
7Sq7pfac6y4IItObqPfPFcChkw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:07:09 2025 by rpki-client