Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS8100.roa
File: AS8100.roa (raw, json)
Hash identifier: gnSppP35EGBnN6/4xxxxkX+9zkUpfesqIY8+iFqzYv8=
Subject key identifier: EA:45:6C:5E:48:FA:3E:A6:C4:6D:6D:FE:C0:8B:5B:F9:97:04:77:DB
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 1EB6C25D57D575C06A1A3548AB32CBFFDC00EC71
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS8100.roa
Signing time: Sat 17 May 2025 12:20:37 +0000
ROA not before: Sat 17 May 2025 12:15:37 +0000
ROA not after: Sat 16 May 2026 12:20:37 +0000
asID: 8100
IP address blocks: 2a0f:9400:693f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:b6:c2:5d:57:d5:75:c0:6a:1a:35:48:ab:32:cb:ff:dc:00:ec:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: May 17 12:15:37 2025 GMT
Not After : May 16 12:20:37 2026 GMT
Subject: CN=EA456C5E48FA3EA6C46D6DFEC08B5BF9970477DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c4:53:96:f6:ea:05:3c:70:c4:21:38:14:55:
db:f2:bc:45:48:73:fc:cf:96:eb:ff:d2:ce:d0:ac:
b8:80:f7:ea:08:67:03:8b:b0:91:94:21:8c:69:87:
fa:34:b7:24:54:79:d0:a9:0d:92:69:3e:02:85:f2:
32:23:d2:61:57:8b:6d:a0:b2:4c:96:88:48:ed:4f:
7d:9e:b4:22:65:42:b4:f9:81:10:37:07:fb:6a:c2:
ca:74:14:5b:a7:a2:aa:91:02:25:59:5b:a3:3b:db:
f4:2b:80:9d:78:88:52:1f:80:6b:8d:0b:2c:98:c5:
42:23:03:cb:81:9a:d4:69:91:d1:b9:bc:0b:bf:8d:
69:af:46:08:68:df:d3:26:3b:b3:40:06:b0:52:fa:
43:99:c7:e0:e2:f7:ef:45:bf:76:33:51:dd:e8:a6:
39:74:e0:df:91:d4:19:38:15:15:e0:3b:9b:a6:9e:
00:60:10:e7:bd:2f:dd:10:d3:0a:83:43:b2:64:fd:
06:1f:49:f2:16:a5:a9:f8:1e:e4:08:17:ce:e0:5a:
65:e7:9a:69:e8:91:6a:e1:55:e8:a5:b1:2b:17:bb:
1f:87:08:8e:a5:fb:4f:4d:27:eb:66:ca:10:62:46:
d4:a9:98:ec:56:0b:b6:7d:43:37:fd:8f:74:e6:33:
2a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:45:6C:5E:48:FA:3E:A6:C4:6D:6D:FE:C0:8B:5B:F9:97:04:77:DB
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS8100.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:693f::/48
Signature Algorithm: sha256WithRSAEncryption
02:0f:49:bc:39:4e:3b:dd:46:61:87:9d:17:f9:17:f0:66:eb:
2c:0f:55:d9:46:a0:28:e2:64:b4:b5:f7:1f:39:a6:72:97:c8:
d5:b1:b0:87:ce:90:ca:a9:b8:5f:e5:50:71:01:ad:9d:1b:32:
59:e5:ac:20:6b:42:71:44:54:08:4a:e1:ef:f9:15:95:fb:ce:
84:68:9f:c7:28:16:2e:17:47:43:54:ea:04:b1:10:8e:a4:52:
83:8a:63:ac:33:ba:70:29:71:ab:a8:83:91:c7:bf:0e:94:33:
85:11:85:76:36:68:7d:24:71:75:1d:20:69:20:62:96:e4:78:
03:1f:43:bc:9a:41:c8:75:ac:84:b9:b5:5e:76:29:40:ff:f2:
50:81:c7:d6:e1:66:17:10:41:e4:c3:cf:b2:11:d0:ed:4b:42:
03:50:f4:c3:fb:25:6f:fc:6c:2b:00:39:8e:98:97:41:8b:82:
9f:9f:f1:db:f7:4b:24:63:0f:95:92:a8:58:4b:2b:52:b9:f7:
6f:43:1c:7f:43:7c:28:8a:a4:c1:be:35:6a:4d:6a:2a:70:cb:
e4:84:f9:9c:4f:65:c2:06:56:14:df:34:1e:a0:bc:5b:71:ec:
88:d6:75:b9:33:f6:7c:86:29:5b:d3:a5:d3:dd:4e:af:d9:0f:
74:dd:78:32
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgIUHrbCXVfVdcBqGjVIqzLL/9wA7HEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNTA1MTcxMjE1MzdaFw0yNjA1MTYxMjIwMzdaMDMxMTAvBgNV
BAMTKEVBNDU2QzVFNDhGQTNFQTZDNDZENkRGRUMwOEI1QkY5OTcwNDc3REIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnxFOW9uoFPHDEITgUVdvyvEVI
c/zPluv/0s7QrLiA9+oIZwOLsJGUIYxph/o0tyRUedCpDZJpPgKF8jIj0mFXi22g
skyWiEjtT32etCJlQrT5gRA3B/tqwsp0FFunoqqRAiVZW6M72/QrgJ14iFIfgGuN
CyyYxUIjA8uBmtRpkdG5vAu/jWmvRgho39MmO7NABrBS+kOZx+Di9+9Fv3YzUd3o
pjl04N+R1Bk4FRXgO5umngBgEOe9L90Q0wqDQ7Jk/QYfSfIWpan4HuQIF87gWmXn
mmnokWrhVeilsSsXux+HCI6l+09NJ+tmyhBiRtSpmOxWC7Z9Qzf9j3TmMyrjAgMB
AAGjggHHMIIBwzAdBgNVHQ4EFgQU6kVsXkj6PqbEbW3+wItb+ZcEd9swHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBaBggrBgEFBQcBCwROMEwwSgYIKwYBBQUHMAuG
PnJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzgxMDAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYB
BQUHAQcBAf8EEzARMA8EAgACMAkDBwAqD5QAaT8wDQYJKoZIhvcNAQELBQADggEB
AAIPSbw5TjvdRmGHnRf5F/Bm6ywPVdlGoCjiZLS19x85pnKXyNWxsIfOkMqpuF/l
UHEBrZ0bMlnlrCBrQnFEVAhK4e/5FZX7zoRon8coFi4XR0NU6gSxEI6kUoOKY6wz
unApcauog5HHvw6UM4URhXY2aH0kcXUdIGkgYpbkeAMfQ7yaQch1rIS5tV52KUD/
8lCBx9bhZhcQQeTDz7IR0O1LQgNQ9MP7JW/8bCsAOY6Yl0GLgp+f8dv3SyRjD5WS
qFhLK1K5929DHH9DfCiKpMG+NWpNaipwy+SE+ZxPZcIGVhTfNB6gvFtx7IjWdbkz
9nyGKVvTpdPdTq/ZD3TdeDI=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:14:19 2025 by rpki-client