Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS216324.roa
File: AS216324.roa (raw, json)
Hash identifier: 1mM06v0jelIOe2ZglCqcmvb8HzB/ATSOm1XeZTWS6ds=
Subject key identifier: 81:61:A0:0C:F8:E4:80:EE:33:77:5B:B4:19:DF:9D:D8:F8:5E:AA:10
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 7EC5D473A8976020AE323119BE450A84F5B1D481
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS216324.roa
Signing time: Wed 31 Jan 2024 14:30:50 +0000
ROA not before: Wed 31 Jan 2024 14:25:50 +0000
ROA not after: Wed 29 Jan 2025 14:30:50 +0000
asID: 216324
IP address blocks: 2a0f:9400:6112::/48 maxlen: 48
2a0f:9400:6115::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:c5:d4:73:a8:97:60:20:ae:32:31:19:be:45:0a:84:f5:b1:d4:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Jan 31 14:25:50 2024 GMT
Not After : Jan 29 14:30:50 2025 GMT
Subject: CN=8161A00CF8E480EE33775BB419DF9DD8F85EAA10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:ba:36:1d:13:64:77:0e:5d:44:31:52:1c:69:
a5:1c:e3:83:9f:4b:c6:cd:07:a2:d5:3c:e6:95:36:
d2:0f:79:f9:0b:c2:f7:17:02:29:6b:a4:23:f4:3c:
00:25:f7:54:47:f2:19:39:f0:d8:4e:42:79:bd:4e:
4d:9e:a0:57:d1:d0:a4:65:81:19:ef:a0:b9:c7:dd:
d9:bc:a2:a0:df:a4:87:b1:25:31:6f:e2:fb:b0:23:
db:71:bf:58:3c:5e:6d:9c:22:82:89:03:6b:10:fe:
a6:d2:22:27:fb:05:01:bf:3f:f3:19:5e:0f:8e:5c:
66:70:ae:e8:6b:b8:63:4c:5e:1a:f1:fb:97:42:f3:
d8:84:7b:bb:8b:62:b1:73:71:17:ae:ac:6d:98:6b:
b3:45:85:81:c7:dd:16:e9:b9:eb:98:a8:7f:b1:9d:
a5:5b:94:1e:ff:a3:72:6f:0f:56:64:66:d3:35:7a:
15:1c:fb:e2:7d:9b:2b:c4:3a:cd:84:43:67:9e:e2:
6e:ac:cb:9f:a6:c0:09:91:89:c9:24:00:00:dd:00:
45:bb:46:8f:7f:7c:d2:74:56:dc:c8:44:1d:a9:b2:
0b:45:3b:69:a5:87:ff:85:88:55:9c:17:28:e0:16:
59:ff:b4:91:45:eb:74:09:5a:f8:ca:a0:ca:c3:13:
4c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:61:A0:0C:F8:E4:80:EE:33:77:5B:B4:19:DF:9D:D8:F8:5E:AA:10
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS216324.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6112::/48
2a0f:9400:6115::/48
Signature Algorithm: sha256WithRSAEncryption
d2:72:27:c7:ef:6d:81:b6:2e:a3:5f:ad:54:77:92:89:03:04:
69:48:db:d4:b7:e9:78:e8:91:3d:47:9b:48:6a:a3:a1:6d:c7:
36:aa:28:e9:82:78:5a:f6:90:a7:f3:5f:4e:eb:6c:f3:3d:43:
39:f0:2e:f6:c9:09:d5:e6:ec:67:1d:67:46:85:d5:ab:84:38:
d8:88:e3:a8:01:05:fe:05:bc:64:3a:c4:1d:09:f2:84:c0:21:
06:dd:1c:ca:ff:f6:58:d9:b5:8b:cc:eb:18:a7:f9:b6:2f:db:
26:4e:10:94:85:4f:3c:d2:4c:7c:c8:09:e8:9c:47:e2:17:a6:
d2:36:a1:04:e7:0c:db:7c:7b:8e:33:24:a4:ac:d2:2e:7a:0c:
35:86:6a:c0:e4:d4:54:d1:3a:4d:7f:25:12:85:09:52:ba:9f:
76:40:1f:e7:3e:60:79:3c:e2:3d:c2:ad:b3:f5:0a:3c:ff:a0:
b5:ca:cd:8f:d2:03:8b:d2:32:be:09:4d:80:eb:cb:5b:52:1d:
46:c2:e0:03:83:1d:f0:42:51:df:ac:bf:3e:5c:95:1c:47:68:
74:e4:05:06:0a:f4:48:fe:d9:9e:3f:ae:6b:3c:a4:7d:55:21:
62:cf:4d:f1:52:4a:7c:60:0a:bf:bd:a6:64:9e:33:25:46:f3:
6c:a2:30:e0
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUfsXUc6iXYCCuMjEZvkUKhPWx1IEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDAxMzExNDI1NTBaFw0yNTAxMjkxNDMwNTBaMDMxMTAvBgNV
BAMTKDgxNjFBMDBDRjhFNDgwRUUzMzc3NUJCNDE5REY5REQ4Rjg1RUFBMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3ujYdE2R3Dl1EMVIcaaUc44Of
S8bNB6LVPOaVNtIPefkLwvcXAilrpCP0PAAl91RH8hk58NhOQnm9Tk2eoFfR0KRl
gRnvoLnH3dm8oqDfpIexJTFv4vuwI9txv1g8Xm2cIoKJA2sQ/qbSIif7BQG/P/MZ
Xg+OXGZwruhruGNMXhrx+5dC89iEe7uLYrFzcReurG2Ya7NFhYHH3RbpueuYqH+x
naVblB7/o3JvD1ZkZtM1ehUc++J9myvEOs2EQ2ee4m6sy5+mwAmRickkAADdAEW7
Ro9/fNJ0VtzIRB2psgtFO2mlh/+FiFWcFyjgFln/tJFF63QJWvjKoMrDE0yjAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUgWGgDPjkgO4zd1u0Gd+d2PheqhAwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxNjMyNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggr
BgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoPlABhEgMHACoPlABhFTANBgkqhkiG
9w0BAQsFAAOCAQEA0nInx+9tgbYuo1+tVHeSiQMEaUjb1LfpeOiRPUebSGqjoW3H
Nqoo6YJ4WvaQp/NfTuts8z1DOfAu9skJ1ebsZx1nRoXVq4Q42IjjqAEF/gW8ZDrE
HQnyhMAhBt0cyv/2WNm1i8zrGKf5ti/bJk4QlIVPPNJMfMgJ6JxH4hem0jahBOcM
23x7jjMkpKzSLnoMNYZqwOTUVNE6TX8lEoUJUrqfdkAf5z5geTziPcKts/UKPP+g
tcrNj9IDi9IyvglNgOvLW1IdRsLgA4Md8EJR36y/PlyVHEdodOQFBgr0SP7Znj+u
azykfVUhYs9N8VJKfGAKv72mZJ4zJUbzbKIw4A==
-----END CERTIFICATE-----
Generated at Sat May 4 03:48:10 2024 by rpki-client on console-ams.rpki-client.org