Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS8772.roa
File: AS8772.roa (raw, json)
Hash identifier: FubA8dkPMIp6d4tGTq6LeVItaTUTgwUxIOhTEBsFPnQ=
Subject key identifier: 63:29:32:5D:78:41:27:34:40:11:74:8F:01:7C:32:4C:80:B1:9B:B1
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 6E23A28045C5373F7956A3BE5C144FF1AFFDEA60
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS8772.roa
Signing time: Mon 11 Sep 2023 08:13:46 +0000
ROA not before: Mon 11 Sep 2023 08:08:46 +0000
ROA not after: Mon 09 Sep 2024 08:13:46 +0000
asID: 8772
IP address blocks: 2a0f:9400:6170::/44 maxlen: 44
2a0f:9400:7320::/44 maxlen: 44
2a0f:9400:7340::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:23:a2:80:45:c5:37:3f:79:56:a3:be:5c:14:4f:f1:af:fd:ea:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Sep 11 08:08:46 2023 GMT
Not After : Sep 9 08:13:46 2024 GMT
Subject: CN=6329325D784127344011748F017C324C80B19BB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c0:22:e5:94:06:72:79:55:9a:0a:3a:a2:de:
87:5a:d2:29:fe:93:51:d0:6e:2f:ad:08:95:af:88:
ed:9f:d3:32:78:a6:3e:16:36:61:f3:90:df:16:4b:
47:64:6e:1f:1b:7e:3e:f9:c8:52:1d:49:38:42:cd:
f4:7a:93:8d:37:fd:2f:83:e5:0e:05:34:8e:b7:da:
ff:78:9e:ed:a4:4d:b5:d6:1d:03:b7:d9:5d:e5:01:
ea:64:db:18:cb:13:94:0b:f1:47:a1:80:42:f2:48:
89:1e:72:fa:06:f2:15:1a:92:6a:65:54:d9:bc:ee:
a3:f4:30:d2:3b:bd:88:1c:c9:4f:ca:46:4d:91:0e:
b5:de:7d:c1:36:d1:75:f0:da:9f:da:d5:e7:0e:83:
03:de:b0:03:7d:ad:e6:88:a7:84:b2:18:53:55:3f:
d1:38:9b:ca:64:90:a9:da:63:e7:f5:01:09:97:70:
78:37:70:95:7e:62:84:75:19:be:71:00:0d:49:7b:
46:0f:69:fb:d2:81:c7:f6:36:2f:ce:aa:0c:b4:10:
b4:04:30:6b:c7:f4:23:41:55:34:4d:9d:1d:f6:7d:
94:be:05:bb:83:b6:2e:2e:bf:b3:0a:6a:71:75:58:
84:c8:fa:b8:7d:a5:44:01:27:7b:6e:7f:9f:ed:a8:
28:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:29:32:5D:78:41:27:34:40:11:74:8F:01:7C:32:4C:80:B1:9B:B1
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS8772.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6170::/44
2a0f:9400:7320::/44
2a0f:9400:7340::/44
Signature Algorithm: sha256WithRSAEncryption
35:0e:95:19:30:4f:32:df:01:a1:7d:90:2a:29:a5:b4:9a:b5:
05:1a:bd:ab:1d:f1:e1:82:d2:6a:e1:0f:a0:65:80:a6:a7:1a:
0c:84:d3:80:36:e2:90:89:c7:fc:62:01:99:5c:a2:21:f4:c8:
c5:27:ce:e5:32:e5:4c:4f:a0:8f:d8:46:21:e7:84:a9:0c:da:
5a:c1:f2:11:57:c5:f3:60:f5:a5:8b:77:43:09:23:cc:38:18:
94:86:8e:31:c7:b4:d0:6a:ee:01:40:09:09:43:8b:b5:6b:1a:
d4:e7:bd:4a:ab:60:17:91:60:72:00:a0:5c:6e:3e:a3:40:39:
1e:d9:2c:16:bf:78:5b:3c:2c:3c:9e:f0:4a:c6:41:10:28:2b:
30:e4:1e:d3:0e:c2:c7:94:db:3d:05:47:04:75:d0:4e:4d:b5:
8a:2d:bf:f2:c8:d4:2a:14:40:bf:07:f1:98:5c:92:12:7c:41:
56:b5:75:be:87:73:91:b9:38:20:06:0c:c5:56:c6:ab:6e:3c:
72:1b:e2:2b:ae:3a:ed:97:49:1e:46:4e:34:28:63:f2:19:4f:
fd:da:08:8f:c3:1a:91:e6:93:2c:a5:f3:e1:67:82:ea:e4:9f:
67:cc:9a:68:51:65:47:a6:51:e7:fd:22:3d:cf:a2:57:34:9d:
1a:81:df:5d
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIUbiOigEXFNz95VqO+XBRP8a/96mAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yMzA5MTEwODA4NDZaFw0yNDA5MDkwODEzNDZaMDMxMTAvBgNV
BAMTKDYzMjkzMjVENzg0MTI3MzQ0MDExNzQ4RjAxN0MzMjRDODBCMTlCQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9wCLllAZyeVWaCjqi3oda0in+
k1HQbi+tCJWviO2f0zJ4pj4WNmHzkN8WS0dkbh8bfj75yFIdSThCzfR6k403/S+D
5Q4FNI632v94nu2kTbXWHQO32V3lAepk2xjLE5QL8UehgELySIkecvoG8hUakmpl
VNm87qP0MNI7vYgcyU/KRk2RDrXefcE20XXw2p/a1ecOgwPesAN9reaIp4SyGFNV
P9E4m8pkkKnaY+f1AQmXcHg3cJV+YoR1Gb5xAA1Je0YPafvSgcf2Ni/Oqgy0ELQE
MGvH9CNBVTRNnR32fZS+BbuDti4uv7MKanF1WITI+rh9pUQBJ3tuf5/tqCjzAgMB
AAGjggHZMIIB1TAdBgNVHQ4EFgQUYykyXXhBJzRAEXSPAXwyTICxm7EwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBaBggrBgEFBQcBCwROMEwwSgYIKwYBBQUHMAuG
PnJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzg3NzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwNAYIKwYB
BQUHAQcBAf8EJTAjMCEEAgACMBsDBwQqD5QAYXADBwQqD5QAcyADBwQqD5QAc0Aw
DQYJKoZIhvcNAQELBQADggEBADUOlRkwTzLfAaF9kCoppbSatQUavasd8eGC0mrh
D6BlgKanGgyE04A24pCJx/xiAZlcoiH0yMUnzuUy5UxPoI/YRiHnhKkM2lrB8hFX
xfNg9aWLd0MJI8w4GJSGjjHHtNBq7gFACQlDi7VrGtTnvUqrYBeRYHIAoFxuPqNA
OR7ZLBa/eFs8LDye8ErGQRAoKzDkHtMOwseU2z0FRwR10E5NtYotv/LI1CoUQL8H
8ZhckhJ8QVa1db6Hc5G5OCAGDMVWxqtuPHIb4iuuOu2XSR5GTjQoY/IZT/3aCI/D
GpHmkyyl8+Fngurkn2fMmmhRZUemUef9Ij3Polc0nRqB310=
-----END CERTIFICATE-----
Generated at Sat May 4 03:56:05 2024 by rpki-client on console-fra.rpki-client.org