Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS44908.roa
File: AS44908.roa (raw, json)
Hash identifier: ngLC/VxRzmLWJ+Mc8sXc/9KBy8oR2DIq0e1rq2K2J/U=
Subject key identifier: 8E:47:47:C9:0E:96:48:30:F8:B0:76:67:12:AD:B9:96:7B:6A:19:89
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 7F6483A711AE1DDD422817B58B255BB343F74B28
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS44908.roa
Signing time: Tue 01 Oct 2024 14:15:02 +0000
ROA not before: Tue 01 Oct 2024 14:10:02 +0000
ROA not after: Tue 30 Sep 2025 14:15:02 +0000
asID: 44908
IP address blocks: 2a0f:9400:6908::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:64:83:a7:11:ae:1d:dd:42:28:17:b5:8b:25:5b:b3:43:f7:4b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Oct 1 14:10:02 2024 GMT
Not After : Sep 30 14:15:02 2025 GMT
Subject: CN=8E4747C90E964830F8B0766712ADB9967B6A1989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a3:a1:2b:43:d4:dc:95:a9:57:ac:b7:23:a5:
71:bc:76:a9:6c:dc:31:a6:3f:94:8a:d6:61:14:26:
53:44:1c:98:fd:ed:8f:1c:1b:a2:7f:da:17:60:f1:
17:a7:42:3a:5e:67:35:f8:48:83:5f:58:ac:db:7b:
30:43:76:03:b2:67:e1:0a:4c:f0:55:02:df:3f:34:
8f:8a:d9:05:0a:e2:0c:dd:f9:69:c8:b4:02:ce:f2:
1f:3e:88:54:72:99:af:5f:8f:5d:de:3f:59:56:08:
ea:93:6e:b3:64:1f:54:f8:97:db:ca:f8:82:b3:0b:
f7:7b:cd:a4:eb:94:07:62:7e:21:d6:87:50:9a:c4:
35:40:7a:3b:15:51:54:50:83:db:d9:8d:af:ad:c6:
3d:5a:f9:6e:50:05:4c:bb:e6:d7:0e:b8:b7:8d:8a:
3e:4f:84:48:bf:a4:cc:32:e5:b1:48:98:be:9b:a7:
23:d4:4d:c4:da:7c:60:8e:8c:9f:21:b7:30:67:4c:
6f:b3:2f:d9:00:d1:bf:ff:48:73:f6:5a:ad:6a:79:
69:24:dc:5c:65:40:da:35:32:dc:3a:dd:7b:bb:3d:
d4:93:12:b2:17:99:0c:72:70:aa:0c:c5:67:7b:f7:
37:5f:71:9b:c4:2b:66:9f:52:05:fe:0c:3d:3a:f2:
51:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:47:47:C9:0E:96:48:30:F8:B0:76:67:12:AD:B9:96:7B:6A:19:89
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS44908.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6908::/48
Signature Algorithm: sha256WithRSAEncryption
12:53:73:e1:b9:44:84:93:2a:9e:9b:ad:05:3e:cd:01:d0:14:
05:50:0d:2f:ba:57:28:03:01:a0:4d:cf:5d:3f:5f:36:98:81:
09:67:1c:d2:bc:f8:ec:10:8f:3f:9b:fd:86:95:fc:e2:79:c8:
1e:2f:58:20:a2:4e:21:a3:d2:6c:27:81:8d:1f:bc:04:e8:5f:
54:29:a5:bf:fb:a4:af:17:93:05:ce:cb:f0:26:2d:7f:0f:bd:
5b:c0:e5:16:cc:13:35:8b:12:4a:05:a6:85:31:0b:c6:7d:0b:
d1:ac:77:3c:69:ec:8d:0b:f7:42:a3:a4:1c:7e:23:4d:a5:86:
e8:d4:43:ff:5d:bd:c0:00:7d:32:b0:de:6f:d2:2c:58:bc:82:
5a:2e:ab:2d:60:b4:85:8c:08:f1:d3:f5:36:80:05:38:53:43:
5f:02:37:a9:c9:9e:d1:7c:7d:e0:c3:8c:77:2a:14:a6:df:66:
66:76:33:7f:6d:00:85:fc:32:27:60:53:07:37:56:c8:61:51:
ea:40:2c:f6:e4:b2:be:4c:96:b3:e7:04:79:9e:bf:ec:61:71:
71:0c:dd:20:06:3f:2d:a6:2d:b6:9d:49:8f:f8:0b:91:1f:d1:
e2:23:f2:1e:33:d8:aa:8d:31:ad:b1:9a:97:77:b1:aa:56:ba:
a5:9d:a2:e7
-----BEGIN CERTIFICATE-----
MIIEvjCCA6agAwIBAgIUf2SDpxGuHd1CKBe1iyVbs0P3SygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDEwMDExNDEwMDJaFw0yNTA5MzAxNDE1MDJaMDMxMTAvBgNV
BAMTKDhFNDc0N0M5MEU5NjQ4MzBGOEIwNzY2NzEyQURCOTk2N0I2QTE5ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDo6ErQ9TclalXrLcjpXG8dqls
3DGmP5SK1mEUJlNEHJj97Y8cG6J/2hdg8RenQjpeZzX4SINfWKzbezBDdgOyZ+EK
TPBVAt8/NI+K2QUK4gzd+WnItALO8h8+iFRyma9fj13eP1lWCOqTbrNkH1T4l9vK
+IKzC/d7zaTrlAdifiHWh1CaxDVAejsVUVRQg9vZja+txj1a+W5QBUy75tcOuLeN
ij5PhEi/pMwy5bFImL6bpyPUTcTafGCOjJ8htzBnTG+zL9kA0b//SHP2Wq1qeWkk
3FxlQNo1Mtw63Xu7PdSTErIXmQxycKoMxWd79zdfcZvEK2afUgX+DD068lE7AgMB
AAGjggHIMIIBxDAdBgNVHQ4EFgQUjkdHyQ6WSDD4sHZnEq25lntqGYkwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBbBggrBgEFBQcBCwRPME0wSwYIKwYBBQUHMAuG
P3JzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzQ0OTA4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsG
AQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+UAGkIMA0GCSqGSIb3DQEBCwUAA4IB
AQASU3PhuUSEkyqem60FPs0B0BQFUA0vulcoAwGgTc9dP182mIEJZxzSvPjsEI8/
m/2GlfziecgeL1ggok4ho9JsJ4GNH7wE6F9UKaW/+6SvF5MFzsvwJi1/D71bwOUW
zBM1ixJKBaaFMQvGfQvRrHc8aeyNC/dCo6QcfiNNpYbo1EP/Xb3AAH0ysN5v0ixY
vIJaLqstYLSFjAjx0/U2gAU4U0NfAjepyZ7RfH3gw4x3KhSm32ZmdjN/bQCF/DIn
YFMHN1bIYVHqQCz25LK+TJaz5wR5nr/sYXFxDN0gBj8tpi22nUmP+AuRH9HiI/Ie
M9iqjTGtsZqXd7GqVrqlnaLn
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:34:43 2024 by rpki-client on console-fra.rpki-client.org