Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS215780.roa
File: AS215780.roa (raw, json)
Hash identifier: iKBpnjVBvEnFayoEFaM6r1VtDwgM0+o586mGa/6gPlY=
Subject key identifier: FF:37:39:4F:52:6E:94:2C:E9:B0:F8:E8:3C:56:54:52:58:52:1F:EA
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 3FDC0C8EFBBB773A38B3F3DCE99D3ACC41D71C90
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS215780.roa
Signing time: Sat 13 Jan 2024 19:23:42 +0000
ROA not before: Sat 13 Jan 2024 19:18:42 +0000
ROA not after: Sat 11 Jan 2025 19:23:42 +0000
asID: 215780
IP address blocks: 2a0f:9400:6777::/48 maxlen: 48
2a0f:9400:6780::/42 maxlen: 42
2a0f:9400:6788::/48 maxlen: 48
2a0f:9400:6799::/48 maxlen: 48
2a0f:9400:6901::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:dc:0c:8e:fb:bb:77:3a:38:b3:f3:dc:e9:9d:3a:cc:41:d7:1c:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Jan 13 19:18:42 2024 GMT
Not After : Jan 11 19:23:42 2025 GMT
Subject: CN=FF37394F526E942CE9B0F8E83C56545258521FEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cf:18:86:bc:b3:ce:0f:12:0a:7e:1c:d5:1f:
eb:86:65:80:f3:09:b2:19:32:c4:69:51:72:ac:6d:
f8:af:49:60:83:fd:88:b3:c1:0a:cc:0a:2c:d7:5c:
0f:bb:a6:f2:52:81:ea:27:98:60:60:48:3d:39:94:
19:cc:db:a0:b8:ea:b9:4c:41:e1:dc:5a:32:78:d7:
fe:c9:e2:f2:fa:6d:3b:c4:b6:cb:0a:7a:73:43:cf:
2f:40:2b:fb:c7:99:ce:3c:10:ba:83:52:1a:23:ff:
5d:af:02:0a:3d:16:1f:c6:85:82:dd:10:0d:df:18:
aa:f7:77:0c:d5:53:5b:c7:ef:91:7a:35:1f:a0:36:
da:c8:70:0d:5b:e1:4a:27:00:a8:40:cf:f8:5c:a9:
1b:70:14:ff:98:6a:fd:e2:21:06:05:f7:51:c8:45:
e6:2d:ce:cd:f1:a8:d2:3d:42:56:ac:58:a9:73:b4:
d7:5c:96:b8:ea:2b:d3:f7:45:f7:c0:e3:ec:84:0b:
9e:21:b1:42:8d:b9:40:39:b3:3d:8f:da:d0:35:db:
e9:12:2a:4e:89:d2:77:66:19:31:f5:22:5e:07:5c:
60:37:a5:d9:22:e6:40:86:e6:fe:3d:2b:31:42:3d:
7d:61:30:6c:c1:82:98:5c:fa:a6:ed:ee:45:01:7d:
32:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:37:39:4F:52:6E:94:2C:E9:B0:F8:E8:3C:56:54:52:58:52:1F:EA
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS215780.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6777::/48
2a0f:9400:6780::/42
2a0f:9400:6901::/48
Signature Algorithm: sha256WithRSAEncryption
55:18:52:e1:db:24:c5:cc:a8:68:71:5e:56:30:66:34:f1:6f:
cf:48:1e:57:af:9a:9c:67:60:5f:b1:59:64:57:36:57:e8:8a:
0f:17:c0:da:78:bd:6c:8f:c3:60:ac:3e:c3:86:c6:a1:4b:2f:
df:aa:77:66:c7:50:76:22:bd:04:6f:64:52:54:17:a0:25:ac:
a2:1d:2b:ad:6f:09:da:ca:08:9a:e0:d6:11:5d:ee:89:cc:7f:
42:d1:81:37:90:e8:02:20:61:f0:5c:b5:d1:31:45:c2:10:c5:
37:c6:57:a8:c5:81:a5:a2:ae:7d:1f:59:74:fd:bb:dd:17:f8:
bb:56:a7:21:85:98:42:3f:08:37:60:20:52:99:35:f2:3b:c7:
2e:c8:6d:bb:d4:52:b1:db:fc:5e:4b:12:d2:af:1a:bc:19:d1:
80:b4:13:2e:d8:56:5d:0e:1a:24:87:4b:a0:ba:6d:66:89:50:
75:f1:6d:c4:94:15:83:ef:6c:f5:d4:05:b6:5d:6a:41:db:8c:
0d:da:ab:22:16:a8:dc:b0:4c:eb:1a:a0:17:8c:9f:40:bb:51:
a2:2c:79:83:89:0f:9f:0d:fa:df:40:31:08:60:d5:80:51:a0:
0d:62:d3:f8:21:c9:e1:08:a7:56:24:28:17:8e:b5:15:c4:be:
d7:09:5c:b4
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUP9wMjvu7dzo4s/Pc6Z06zEHXHJAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDAxMTMxOTE4NDJaFw0yNTAxMTExOTIzNDJaMDMxMTAvBgNV
BAMTKEZGMzczOTRGNTI2RTk0MkNFOUIwRjhFODNDNTY1NDUyNTg1MjFGRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnzxiGvLPODxIKfhzVH+uGZYDz
CbIZMsRpUXKsbfivSWCD/YizwQrMCizXXA+7pvJSgeonmGBgSD05lBnM26C46rlM
QeHcWjJ41/7J4vL6bTvEtssKenNDzy9AK/vHmc48ELqDUhoj/12vAgo9Fh/GhYLd
EA3fGKr3dwzVU1vH75F6NR+gNtrIcA1b4UonAKhAz/hcqRtwFP+Yav3iIQYF91HI
ReYtzs3xqNI9QlasWKlztNdclrjqK9P3RffA4+yEC54hsUKNuUA5sz2P2tA12+kS
Kk6J0ndmGTH1Il4HXGA3pdki5kCG5v49KzFCPX1hMGzBgphc+qbt7kUBfTJNAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQU/zc5T1JulCzpsPjoPFZUUlhSH+owHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxNTc4MC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0Bggr
BgEFBQcBBwEB/wQlMCMwIQQCAAIwGwMHACoPlABndwMHBioPlABngAMHACoPlABp
ATANBgkqhkiG9w0BAQsFAAOCAQEAVRhS4dskxcyoaHFeVjBmNPFvz0geV6+anGdg
X7FZZFc2V+iKDxfA2ni9bI/DYKw+w4bGoUsv36p3ZsdQdiK9BG9kUlQXoCWsoh0r
rW8J2soImuDWEV3uicx/QtGBN5DoAiBh8Fy10TFFwhDFN8ZXqMWBpaKufR9ZdP27
3Rf4u1anIYWYQj8IN2AgUpk18jvHLshtu9RSsdv8XksS0q8avBnRgLQTLthWXQ4a
JIdLoLptZolQdfFtxJQVg+9s9dQFtl1qQduMDdqrIhao3LBM6xqgF4yfQLtRoix5
g4kPnw3630AxCGDVgFGgDWLT+CHJ4QinViQoF461FcS+1wlctA==
-----END CERTIFICATE-----
Generated at Sat May 4 11:05:09 2024 by rpki-client on console-ams.rpki-client.org