Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: OEaj6zVaD2TS/QeYtPGx3aQBF+ekD+ajxK/6pratzP4=
Subject key identifier: EC:92:5F:A4:E1:3C:93:85:D3:47:11:C1:6B:8C:B9:DC:20:B3:2E:86
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 06755C44C86632E8EFE8D03813ACBA6CDEB7D3A2
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS40676.roa
Signing time: Thu 27 Mar 2025 05:40:56 +0000
ROA not before: Thu 27 Mar 2025 05:35:56 +0000
ROA not after: Thu 26 Mar 2026 05:40:56 +0000
asID: 40676
IP address blocks: 2a0f:9400:6950::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:75:5c:44:c8:66:32:e8:ef:e8:d0:38:13:ac:ba:6c:de:b7:d3:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Mar 27 05:35:56 2025 GMT
Not After : Mar 26 05:40:56 2026 GMT
Subject: CN=EC925FA4E13C9385D34711C16B8CB9DC20B32E86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:f1:c6:4a:3d:b3:6a:46:42:da:59:03:aa:ee:
a6:5c:b8:24:d5:fa:27:bf:47:0d:9d:ce:07:af:db:
ee:9e:7b:4f:6a:0c:11:e7:58:e1:ee:1a:69:00:14:
69:20:5f:ad:72:ea:f1:e5:80:96:e4:b6:78:5e:a9:
34:86:a9:4c:b3:e8:39:60:92:93:96:37:dd:0a:3c:
cb:2b:ac:6b:3c:7e:98:1a:be:89:6e:12:07:a0:bf:
4a:45:b2:d0:2d:b1:4b:3b:4f:c1:71:cb:de:a1:aa:
30:9f:88:74:66:a2:75:07:7b:7e:dd:37:d6:df:11:
2b:a9:57:b2:45:56:a0:a3:d0:09:21:67:fc:3d:92:
ee:92:e8:ce:50:34:1a:40:5f:44:ed:75:15:0a:56:
ab:d6:d8:d4:22:40:e7:1d:79:43:d2:e7:72:5e:53:
30:65:f1:18:18:12:65:75:8f:89:5a:4a:b9:ca:f5:
53:b9:cc:d9:de:f4:ea:4b:21:bb:da:4c:84:06:48:
a7:08:33:3c:16:52:c3:09:28:fd:c5:32:01:d3:92:
61:3a:00:a6:78:09:12:d6:eb:14:89:56:e4:8f:15:
a1:34:28:64:1d:a5:2e:d8:a5:ca:89:c3:9d:62:07:
a4:b7:91:4d:2e:39:51:0f:93:41:c3:a2:2a:11:85:
16:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:92:5F:A4:E1:3C:93:85:D3:47:11:C1:6B:8C:B9:DC:20:B3:2E:86
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6950::/44
Signature Algorithm: sha256WithRSAEncryption
54:60:f9:18:f5:ac:2d:a0:b2:83:29:cb:2e:05:5e:58:6c:b7:
55:7e:e9:03:18:5a:73:e0:54:37:59:ba:ab:ee:0c:6d:b1:4e:
e0:9b:ff:8a:24:3a:9d:d6:39:fe:6a:a0:22:b5:0e:a7:78:77:
5c:a3:3b:c8:65:46:2b:da:ce:4a:75:55:9e:2d:56:a7:ec:0c:
2c:4a:08:4e:e0:cf:bd:f4:b5:37:cf:db:8a:f8:8a:bb:24:3c:
89:80:33:3c:8d:11:c5:1e:af:f4:a8:2f:9d:8d:65:28:98:63:
3c:44:14:fc:f8:d8:02:51:6a:ea:05:06:8f:6c:da:69:08:91:
73:8c:e2:b7:0a:0c:50:12:a9:c4:43:f1:ee:db:b9:46:02:ee:
58:e9:b1:d1:89:79:5d:8f:b8:d9:d2:01:ce:2c:51:cc:c9:23:
73:c0:b8:24:73:8a:c0:0d:ce:54:03:8a:2e:03:e5:91:c6:4b:
75:2b:c4:1b:41:5a:9e:8d:d7:1f:0d:56:f6:52:23:fc:c4:70:
81:fb:66:81:2a:bc:9c:22:a8:04:5c:08:81:55:58:ee:fd:cd:
73:32:d7:94:c0:d4:de:21:4e:41:6a:11:ff:e3:a5:1a:b6:63:
32:32:e3:4c:b3:14:b0:59:91:be:a8:a4:51:d5:b1:e5:f5:39:
c9:45:36:2b
-----BEGIN CERTIFICATE-----
MIIEvjCCA6agAwIBAgIUBnVcRMhmMujv6NA4E6y6bN6306IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNTAzMjcwNTM1NTZaFw0yNjAzMjYwNTQwNTZaMDMxMTAvBgNV
BAMTKEVDOTI1RkE0RTEzQzkzODVEMzQ3MTFDMTZCOENCOURDMjBCMzJFODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDz8cZKPbNqRkLaWQOq7qZcuCTV
+ie/Rw2dzgev2+6ee09qDBHnWOHuGmkAFGkgX61y6vHlgJbktnheqTSGqUyz6Dlg
kpOWN90KPMsrrGs8fpgavoluEgegv0pFstAtsUs7T8Fxy96hqjCfiHRmonUHe37d
N9bfESupV7JFVqCj0AkhZ/w9ku6S6M5QNBpAX0TtdRUKVqvW2NQiQOcdeUPS53Je
UzBl8RgYEmV1j4laSrnK9VO5zNne9OpLIbvaTIQGSKcIMzwWUsMJKP3FMgHTkmE6
AKZ4CRLW6xSJVuSPFaE0KGQdpS7YpcqJw51iB6S3kU0uOVEPk0HDoioRhRaHAgMB
AAGjggHIMIIBxDAdBgNVHQ4EFgQU7JJfpOE8k4XTRxHBa4y53CCzLoYwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBbBggrBgEFBQcBCwRPME0wSwYIKwYBBQUHMAuG
P3JzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzQwNjc2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsG
AQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg+UAGlQMA0GCSqGSIb3DQEBCwUAA4IB
AQBUYPkY9awtoLKDKcsuBV5YbLdVfukDGFpz4FQ3Wbqr7gxtsU7gm/+KJDqd1jn+
aqAitQ6neHdcozvIZUYr2s5KdVWeLVan7AwsSghO4M+99LU3z9uK+Iq7JDyJgDM8
jRHFHq/0qC+djWUomGM8RBT8+NgCUWrqBQaPbNppCJFzjOK3CgxQEqnEQ/Hu27lG
Au5Y6bHRiXldj7jZ0gHOLFHMySNzwLgkc4rADc5UA4ouA+WRxkt1K8QbQVqejdcf
DVb2UiP8xHCB+2aBKrycIqgEXAiBVVju/c1zMteUwNTeIU5BahH/46UatmMyMuNM
sxSwWZG+qKRR1bHl9TnJRTYr
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:09:54 2025 by rpki-client