Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS53356.roa
File: AS53356.roa (raw, json)
Hash identifier: DpxY10LVaRlV9/OcuzlsyZ9m5x+tznvRYBuGVVrz/Do=
Subject key identifier: 5E:ED:1B:E3:8F:50:18:74:9E:00:7C:19:55:90:8A:CD:E9:E7:93:BF
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 3FF0E1B9239B19B467E638338639CA2EAE3EFAD4
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS53356.roa
Signing time: Tue 22 Oct 2024 00:27:46 +0000
ROA not before: Tue 22 Oct 2024 00:22:46 +0000
ROA not after: Tue 21 Oct 2025 00:27:46 +0000
asID: 53356
IP address blocks: 45.148.76.0/22 maxlen: 22
2a0f:9400:5::/48 maxlen: 48
2a0f:9400:200::/48 maxlen: 48
2a0f:9400:fa0::/44 maxlen: 45
2a0f:9400:fb0::/44 maxlen: 44
2a0f:9400:6103::/48 maxlen: 48
2a0f:9400:6104::/48 maxlen: 48
2a0f:9400:6106::/48 maxlen: 48
2a0f:9400:6109::/48 maxlen: 48
2a0f:9400:6148::/48 maxlen: 48
2a0f:9400:614b::/48 maxlen: 48
2a0f:9400:6c00::/40 maxlen: 44
2a0f:9400:6e00::/40 maxlen: 40
2a0f:9400:7000::/40 maxlen: 48
2a0f:9400:738c::/48 maxlen: 48
2a0f:9400:7390::/44 maxlen: 48
2a0f:9400:7500::/48 maxlen: 48
2a0f:9400:770c::/48 maxlen: 48
2a0f:9400:7723::/48 maxlen: 48
2a0f:9400:7724::/48 maxlen: 48
2a0f:9400:7726::/48 maxlen: 48
2a0f:9400:7727::/48 maxlen: 48
2a0f:9400:7728::/48 maxlen: 48
2a0f:9400:772c::/48 maxlen: 48
2a0f:9400:772f::/48 maxlen: 48
2a0f:9400:8003::/48 maxlen: 48
2a0f:9400:8012::/48 maxlen: 48
2a0f:9400:8024::/48 maxlen: 48
2a0f:9400:8027::/48 maxlen: 48
2a0f:9400:802b::/48 maxlen: 48
2a0f:9400:b00b::/48 maxlen: 48
2a0f:9401::/32 maxlen: 32
2a0f:9405::/32 maxlen: 32
2a0f:9407::/32 maxlen: 32
2a0f:9407::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:f0:e1:b9:23:9b:19:b4:67:e6:38:33:86:39:ca:2e:ae:3e:fa:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Oct 22 00:22:46 2024 GMT
Not After : Oct 21 00:27:46 2025 GMT
Subject: CN=5EED1BE38F5018749E007C1955908ACDE9E793BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f3:da:de:be:3a:58:b7:08:08:31:c9:fe:32:
b9:ff:45:9e:39:9b:cd:83:34:2a:3c:6b:0b:6e:ff:
33:ac:ff:df:7d:1c:a5:05:31:78:93:ff:b1:ec:5b:
04:ca:ef:0d:29:3f:48:70:4b:91:10:fe:e2:78:17:
72:2d:30:1f:f9:99:17:5b:28:48:c7:a3:2b:ad:59:
be:8c:4d:4a:85:40:3b:ea:9d:e6:5d:64:ad:e4:11:
55:e9:4a:90:f8:fa:2b:d7:6d:af:63:70:34:20:b9:
b8:04:b9:59:3c:b8:42:57:de:ec:c1:a7:2d:83:0d:
40:27:a5:e5:85:0c:f0:48:29:ea:9a:ad:93:1b:fa:
c2:86:36:7b:c4:58:ce:60:6e:64:0a:09:91:b0:1e:
37:c3:b0:00:05:18:bc:a8:c5:0d:b8:ee:d9:60:cc:
9a:13:33:91:4b:45:39:ac:dd:e4:b2:d3:e3:6c:83:
ed:04:0d:2e:04:14:56:54:bf:c1:30:69:a0:b8:73:
9f:60:ad:dd:9f:a2:8b:d1:ec:60:fc:e4:25:e7:ed:
27:77:c2:3d:35:e4:0e:6e:29:37:fc:6c:ee:e7:f2:
8a:1d:2b:89:65:a2:52:ef:63:a7:84:f6:7a:c4:fd:
bb:50:be:6b:17:3d:91:7a:fe:a1:60:1d:4c:2c:b1:
0c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:ED:1B:E3:8F:50:18:74:9E:00:7C:19:55:90:8A:CD:E9:E7:93:BF
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS53356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.76.0/22
IPv6:
2a0f:9400:5::/48
2a0f:9400:200::/48
2a0f:9400:fa0::/43
2a0f:9400:6103::-2a0f:9400:6104:ffff:ffff:ffff:ffff:ffff
2a0f:9400:6106::/48
2a0f:9400:6109::/48
2a0f:9400:6148::/48
2a0f:9400:614b::/48
2a0f:9400:6c00::/40
2a0f:9400:6e00::/40
2a0f:9400:7000::/40
2a0f:9400:738c::/48
2a0f:9400:7390::/44
2a0f:9400:7500::/48
2a0f:9400:770c::/48
2a0f:9400:7723::-2a0f:9400:7724:ffff:ffff:ffff:ffff:ffff
2a0f:9400:7726::-2a0f:9400:7728:ffff:ffff:ffff:ffff:ffff
2a0f:9400:772c::/48
2a0f:9400:772f::/48
2a0f:9400:8003::/48
2a0f:9400:8012::/48
2a0f:9400:8024::/48
2a0f:9400:8027::/48
2a0f:9400:802b::/48
2a0f:9400:b00b::/48
2a0f:9401::/32
2a0f:9405::/32
2a0f:9407::/32
Signature Algorithm: sha256WithRSAEncryption
ac:28:df:15:e9:0b:2e:57:28:f9:04:7c:c9:6b:5f:82:35:ea:
80:0f:f8:5e:a7:3a:7b:8a:47:ae:14:55:28:ce:85:bc:85:7c:
96:26:00:1d:0c:81:09:e3:47:dd:17:56:dd:2a:9c:a8:a6:0f:
3e:82:f3:fd:68:bf:19:37:a9:87:d4:e3:f1:2e:5b:d3:f4:9b:
72:7a:7a:19:11:be:8e:15:f9:0f:f3:e6:25:e6:7a:be:cb:1f:
02:d3:ae:c9:5c:0d:b7:1a:57:77:34:ba:78:f7:e8:81:71:78:
d5:36:12:aa:e1:71:03:52:84:a3:de:ea:b2:48:eb:c6:23:18:
04:45:c6:29:77:29:2b:73:6d:87:1c:fd:8c:ad:ec:a1:86:6a:
0b:c8:0e:8f:7a:98:aa:b8:e2:be:55:55:5f:3e:82:8b:af:77:
79:72:d6:8c:23:2e:5a:5d:a1:e7:b9:4f:47:c0:e8:7f:ca:2a:
6d:6d:83:be:ca:bd:6c:40:66:47:5e:88:31:ca:a6:55:cc:82:
cd:ad:c2:f8:a4:82:25:28:5f:89:b9:3d:f7:fe:20:68:4a:ca:
d0:34:f6:e5:3f:15:5c:7f:51:c3:bd:a7:1c:3a:12:e6:94:de:
1b:1c:0a:5e:86:e1:71:fd:5f:ef:cc:24:cb:39:c0:9a:06:c1:
a8:90:7d:ec
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgIUP/DhuSObGbRn5jgzhjnKLq4++tQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDEwMjIwMDIyNDZaFw0yNTEwMjEwMDI3NDZaMDMxMTAvBgNV
BAMTKDVFRUQxQkUzOEY1MDE4NzQ5RTAwN0MxOTU1OTA4QUNERTlFNzkzQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT89revjpYtwgIMcn+Mrn/RZ45
m82DNCo8awtu/zOs/999HKUFMXiT/7HsWwTK7w0pP0hwS5EQ/uJ4F3ItMB/5mRdb
KEjHoyutWb6MTUqFQDvqneZdZK3kEVXpSpD4+ivXba9jcDQgubgEuVk8uEJX3uzB
py2DDUAnpeWFDPBIKeqarZMb+sKGNnvEWM5gbmQKCZGwHjfDsAAFGLyoxQ247tlg
zJoTM5FLRTms3eSy0+Nsg+0EDS4EFFZUv8EwaaC4c59grd2foovR7GD85CXn7Sd3
wj015A5uKTf8bO7n8oodK4llolLvY6eE9nrE/btQvmsXPZF6/qFgHUwssQzjAgMB
AAGjggLrMIIC5zAdBgNVHQ4EFgQUXu0b449QGHSeAHwZVZCKzennk78wHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBbBggrBgEFBQcBCwRPME0wSwYIKwYBBQUHMAuG
P3JzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzUzMzU2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBQwYI
KwYBBQUHAQcBAf8EggEyMIIBLjAMBAIAATAGAwQCLZRMMIIBHAQCAAIwggEUAwcA
Kg+UAAAFAwcAKg+UAAIAAwcFKg+UAA+gMBIDBwAqD5QAYQMDBwAqD5QAYQQDBwAq
D5QAYQYDBwAqD5QAYQkDBwAqD5QAYUgDBwAqD5QAYUsDBgAqD5QAbAMGACoPlABu
AwYAKg+UAHADBwAqD5QAc4wDBwQqD5QAc5ADBwAqD5QAdQADBwAqD5QAdwwwEgMH
ACoPlAB3IwMHACoPlAB3JDASAwcBKg+UAHcmAwcAKg+UAHcoAwcAKg+UAHcsAwcA
Kg+UAHcvAwcAKg+UAIADAwcAKg+UAIASAwcAKg+UAIAkAwcAKg+UAIAnAwcAKg+U
AIArAwcAKg+UALALAwUAKg+UAQMFACoPlAUDBQAqD5QHMA0GCSqGSIb3DQEBCwUA
A4IBAQCsKN8V6QsuVyj5BHzJa1+CNeqAD/hepzp7ikeuFFUozoW8hXyWJgAdDIEJ
40fdF1bdKpyopg8+gvP9aL8ZN6mH1OPxLlvT9JtyenoZEb6OFfkP8+Yl5nq+yx8C
067JXA23Gld3NLp49+iBcXjVNhKq4XEDUoSj3uqySOvGIxgERcYpdykrc22HHP2M
reyhhmoLyA6PepiquOK+VVVfPoKLr3d5ctaMIy5aXaHnuU9HwOh/yiptbYO+yr1s
QGZHXogxyqZVzILNrcL4pIIlKF+JuT33/iBoSsrQNPblPxVcf1HDvaccOhLmlN4b
HApehuFx/V/vzCTLOcCaBsGokH3s
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:34:43 2024 by rpki-client on console-fra.rpki-client.org