Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS53667.roa
File: AS53667.roa (raw, json)
Hash identifier: 8Oo0ybgubsSgvFVDDAMbfaj9wMTvK4AXvRwKLl+C+ls=
Subject key identifier: AA:75:4D:9B:45:26:75:67:61:B8:53:04:0C:29:CC:16:22:18:28:26
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 476F161C94868F0FB8548C1744A19B90A308D5AB
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS53667.roa
Signing time: Tue 13 Jun 2023 00:52:26 +0000
ROA not before: Tue 13 Jun 2023 00:47:26 +0000
ROA not after: Tue 11 Jun 2024 00:52:26 +0000
asID: 53667
IP address blocks: 2a0f:9400:6904::/48 maxlen: 48
2a0f:9400:693d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:6f:16:1c:94:86:8f:0f:b8:54:8c:17:44:a1:9b:90:a3:08:d5:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Jun 13 00:47:26 2023 GMT
Not After : Jun 11 00:52:26 2024 GMT
Subject: CN=AA754D9B4526756761B853040C29CC1622182826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fa:43:db:5d:4e:40:fb:49:21:18:f0:05:85:
95:97:8b:3a:35:b7:f5:ba:97:c4:32:c3:31:13:53:
ab:78:68:22:11:19:89:75:ee:02:f8:1f:4f:31:05:
81:ac:51:6b:4d:07:7c:ed:cc:e3:19:e5:87:99:fa:
d1:2b:12:c1:9d:84:8a:3e:cf:5e:d2:86:d2:0d:ad:
7c:e3:b2:a4:d4:4f:df:c2:9f:af:57:d2:9d:e5:59:
30:f9:9a:43:79:59:1a:71:ff:24:08:c0:2b:22:99:
1b:ed:e2:ce:ce:e5:18:0f:d6:0f:83:ae:f1:20:17:
98:e8:1a:27:f0:4b:9d:1c:c0:f9:25:5a:bc:df:9c:
9b:74:7a:0c:f2:76:ca:67:12:e2:f4:03:e2:83:25:
96:6f:f0:83:36:91:17:be:db:34:a9:19:f9:f9:be:
1b:a3:67:af:35:41:43:51:e4:10:04:c4:77:2b:99:
62:bd:e4:09:11:fa:9a:e7:76:dc:fc:97:2f:72:b5:
36:55:c6:d1:c4:25:d2:ab:9b:02:89:4b:c5:9f:cd:
bc:03:7c:55:19:07:5c:c0:53:e7:5a:c4:4b:76:95:
71:fe:40:86:e0:ad:fa:38:2e:53:c5:81:8e:12:49:
32:91:3d:9d:bd:6b:f2:25:31:0f:a1:01:e4:95:f9:
cf:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:75:4D:9B:45:26:75:67:61:B8:53:04:0C:29:CC:16:22:18:28:26
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS53667.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6904::/48
2a0f:9400:693d::/48
Signature Algorithm: sha256WithRSAEncryption
0b:99:68:a9:23:f8:50:78:e7:07:d4:1b:f7:b8:85:60:1b:49:
42:b8:4c:d0:33:e4:08:0c:c7:b8:b4:9e:f3:17:10:39:b9:53:
80:37:f9:26:69:c9:d7:96:99:f2:57:78:7e:b3:a7:04:5e:ee:
5b:23:28:28:bb:e8:10:15:7b:05:e1:9e:da:8e:13:8b:cd:d2:
b9:7c:2f:55:c9:23:37:2a:ee:75:21:08:56:df:77:49:cc:c9:
9f:81:37:09:47:07:f2:5d:0f:bc:76:8b:78:60:81:bc:a0:89:
c7:aa:fb:b3:a9:80:30:86:db:32:38:22:fd:7b:bf:1b:74:ea:
e8:9e:e8:e1:90:c3:7b:0a:99:d4:01:f5:cf:05:49:01:e0:4f:
4a:b9:0c:a5:83:4f:4f:a2:e9:ea:28:e4:df:67:1b:9d:f6:d8:
2d:8c:ff:85:9c:34:93:fc:1f:41:31:97:cf:e0:ec:56:aa:60:
8a:d5:aa:ba:47:6f:28:51:a0:76:e1:bd:f3:db:d7:c6:57:7c:
3f:06:21:47:0c:5e:3a:cd:eb:fe:f1:61:7b:4f:c2:c7:84:47:
b4:2f:48:6d:a6:58:a1:4d:ba:42:24:2b:3f:38:2f:ee:ff:f3:
12:eb:d0:e7:35:b1:4e:21:1b:31:ca:6c:9f:77:60:be:6b:44:
fe:08:03:e2
-----BEGIN CERTIFICATE-----
MIIExzCCA6+gAwIBAgIUR28WHJSGjw+4VIwXRKGbkKMI1aswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yMzA2MTMwMDQ3MjZaFw0yNDA2MTEwMDUyMjZaMDMxMTAvBgNV
BAMTKEFBNzU0RDlCNDUyNjc1Njc2MUI4NTMwNDBDMjlDQzE2MjIxODI4MjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv+kPbXU5A+0khGPAFhZWXizo1
t/W6l8QywzETU6t4aCIRGYl17gL4H08xBYGsUWtNB3ztzOMZ5YeZ+tErEsGdhIo+
z17ShtINrXzjsqTUT9/Cn69X0p3lWTD5mkN5WRpx/yQIwCsimRvt4s7O5RgP1g+D
rvEgF5joGifwS50cwPklWrzfnJt0egzydspnEuL0A+KDJZZv8IM2kRe+2zSpGfn5
vhujZ681QUNR5BAExHcrmWK95AkR+prndtz8ly9ytTZVxtHEJdKrmwKJS8WfzbwD
fFUZB1zAU+daxEt2lXH+QIbgrfo4LlPFgY4SSTKRPZ29a/IlMQ+hAeSV+c+/AgMB
AAGjggHRMIIBzTAdBgNVHQ4EFgQUqnVNm0UmdWdhuFMEDCnMFiIYKCYwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBbBggrBgEFBQcBCwRPME0wSwYIKwYBBQUHMAuG
P3JzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzUzNjY3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsG
AQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+UAGkEAwcAKg+UAGk9MA0GCSqGSIb3
DQEBCwUAA4IBAQALmWipI/hQeOcH1Bv3uIVgG0lCuEzQM+QIDMe4tJ7zFxA5uVOA
N/kmacnXlpnyV3h+s6cEXu5bIygou+gQFXsF4Z7ajhOLzdK5fC9VySM3Ku51IQhW
33dJzMmfgTcJRwfyXQ+8dot4YIG8oInHqvuzqYAwhtsyOCL9e78bdOronujhkMN7
CpnUAfXPBUkB4E9KuQylg09PounqKOTfZxud9tgtjP+FnDST/B9BMZfP4OxWqmCK
1aq6R28oUaB24b3z29fGV3w/BiFHDF46zev+8WF7T8LHhEe0L0htplihTbpCJCs/
OC/u//MS69DnNbFOIRsxymyfd2C+a0T+CAPi
-----END CERTIFICATE-----
Generated at Sat May 4 03:56:05 2024 by rpki-client on console-fra.rpki-client.org