Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS215780.roa
File: AS215780.roa (raw, json)
Hash identifier: mZHzfpq5G6BD0/hJFdBCL7aVrdGX3WRKEV572ATI4FQ=
Subject key identifier: 12:26:25:E7:02:96:C8:D6:B9:01:D3:CC:59:29:BB:32:50:4B:69:50
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 486D4544CE6CBB73A3D67B73E0861047532CABCC
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS215780.roa
Signing time: Sat 01 Mar 2025 16:18:39 +0000
ROA not before: Sat 01 Mar 2025 16:13:39 +0000
ROA not after: Sat 28 Feb 2026 16:18:39 +0000
asID: 215780
IP address blocks: 2a0f:9400:6777::/48 maxlen: 48
2a0f:9400:6780::/42 maxlen: 42
2a0f:9400:6788::/48 maxlen: 48
2a0f:9400:6799::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:6d:45:44:ce:6c:bb:73:a3:d6:7b:73:e0:86:10:47:53:2c:ab:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Mar 1 16:13:39 2025 GMT
Not After : Feb 28 16:18:39 2026 GMT
Subject: CN=122625E70296C8D6B901D3CC5929BB32504B6950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5d:3b:92:ef:7f:5d:a0:53:13:9a:59:84:bf:
d9:c4:0f:c2:12:ba:ec:57:a6:39:12:3d:38:3a:04:
47:28:f8:c9:b0:b3:d8:01:50:61:80:b8:6f:ae:c8:
79:40:bd:91:20:5f:77:d4:03:43:0b:82:44:c9:4d:
ab:2d:43:dd:da:34:8f:ed:df:89:0e:57:f2:ad:84:
03:25:bc:38:7f:ef:62:55:b6:21:b2:21:30:35:54:
46:02:f5:b4:e7:12:b5:51:f8:69:04:9b:a2:a0:d3:
65:c3:b9:77:cc:c2:fc:65:dc:f0:d1:dc:06:c4:08:
cc:99:44:3d:0e:fb:01:e3:c2:d4:ec:3a:cc:90:9d:
8c:11:76:f0:44:44:bc:7f:c0:25:5f:3c:f9:3e:54:
0f:31:06:01:df:ae:26:1d:32:46:b6:74:05:d0:56:
96:f5:6f:0c:a4:90:2a:86:b2:d2:48:49:de:57:6e:
05:e0:84:62:0f:12:7c:83:97:ac:bd:ed:c3:ba:33:
51:bd:73:ae:c7:84:2b:62:1b:8a:c0:f9:c4:80:a2:
fd:ec:a5:fc:67:89:7e:1a:ec:8d:cf:df:7c:b1:4e:
68:c9:58:7c:ad:83:67:11:16:58:0d:17:4c:e1:52:
af:7c:11:21:e1:05:67:d6:91:ce:d5:1b:c5:d9:1c:
40:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:26:25:E7:02:96:C8:D6:B9:01:D3:CC:59:29:BB:32:50:4B:69:50
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS215780.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6777::/48
2a0f:9400:6780::/42
Signature Algorithm: sha256WithRSAEncryption
d4:65:35:de:2e:d0:57:38:97:20:38:12:f1:3d:88:da:49:70:
43:2f:19:5f:03:91:e8:3f:6a:14:02:fa:89:64:ff:20:f0:0f:
03:2b:9c:98:92:b0:5f:e7:10:b1:d4:c9:40:c5:a5:01:ba:0c:
f9:1b:cf:22:39:e7:e0:9a:18:41:91:49:7d:e8:64:01:77:b0:
a7:9a:27:fa:2c:6c:b3:6f:38:5d:c0:1b:5b:e9:37:2b:dc:db:
87:ab:db:c8:81:0a:09:d9:50:9d:38:11:2b:02:5f:c0:b9:c4:
ce:44:df:05:f5:86:d8:07:6f:c9:96:ae:c6:7f:38:b8:c7:20:
0d:ce:6b:50:5f:1d:c6:ac:33:71:0e:98:48:51:7d:8d:84:40:
5f:e8:ef:4a:ea:f2:a6:db:c8:dc:34:6f:57:b2:00:61:b1:fc:
fa:9a:4d:94:42:f2:dd:10:4e:a0:17:15:b7:7e:3f:e9:69:78:
34:f7:48:c1:3f:7b:3f:6e:21:5b:92:77:6b:8c:c0:f7:a9:23:
e5:13:74:6c:0a:26:b4:6a:24:2a:5d:f2:75:e5:c0:8e:1f:6d:
30:0d:5b:ea:5f:39:9d:9a:ca:00:74:f7:aa:37:ac:1f:53:34:
ce:80:fe:cf:d4:48:b1:80:41:ff:d8:e1:73:80:df:52:95:f7:
12:f3:2a:59
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUSG1FRM5su3Oj1ntz4IYQR1Msq8wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNTAzMDExNjEzMzlaFw0yNjAyMjgxNjE4MzlaMDMxMTAvBgNV
BAMTKDEyMjYyNUU3MDI5NkM4RDZCOTAxRDNDQzU5MjlCQjMyNTA0QjY5NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChXTuS739doFMTmlmEv9nED8IS
uuxXpjkSPTg6BEco+Mmws9gBUGGAuG+uyHlAvZEgX3fUA0MLgkTJTastQ93aNI/t
34kOV/KthAMlvDh/72JVtiGyITA1VEYC9bTnErVR+GkEm6Kg02XDuXfMwvxl3PDR
3AbECMyZRD0O+wHjwtTsOsyQnYwRdvBERLx/wCVfPPk+VA8xBgHfriYdMka2dAXQ
Vpb1bwykkCqGstJISd5XbgXghGIPEnyDl6y97cO6M1G9c67HhCtiG4rA+cSAov3s
pfxniX4a7I3P33yxTmjJWHytg2cRFlgNF0zhUq98ESHhBWfWkc7VG8XZHEClAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUEiYl5wKWyNa5AdPMWSm7MlBLaVAwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxNTc4MC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggr
BgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoPlABndwMHBioPlABngDANBgkqhkiG
9w0BAQsFAAOCAQEA1GU13i7QVziXIDgS8T2I2klwQy8ZXwOR6D9qFAL6iWT/IPAP
AyucmJKwX+cQsdTJQMWlAboM+RvPIjnn4JoYQZFJfehkAXewp5on+ixss284XcAb
W+k3K9zbh6vbyIEKCdlQnTgRKwJfwLnEzkTfBfWG2AdvyZauxn84uMcgDc5rUF8d
xqwzcQ6YSFF9jYRAX+jvSuryptvI3DRvV7IAYbH8+ppNlELy3RBOoBcVt34/6Wl4
NPdIwT97P24hW5J3a4zA96kj5RN0bAomtGokKl3ydeXAjh9tMA1b6l85nZrKAHT3
qjesH1M0zoD+z9RIsYBB/9jhc4DfUpX3EvMqWQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:11:12 2025 by rpki-client