Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS8772.roa
File: AS8772.roa (raw, json)
Hash identifier: q1BL7c3Vp6ZHYGh9ZouSOsulv2R8OZ1gAX7fwEGipgc=
Subject key identifier: 80:88:23:00:AB:FD:E7:86:97:7D:02:AD:8A:A4:01:7D:98:D9:8F:06
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 7778112005830895AEB2A599AACDAB2B4DA952E5
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS8772.roa
Signing time: Mon 21 Oct 2024 03:40:26 +0000
ROA not before: Mon 21 Oct 2024 03:35:26 +0000
ROA not after: Mon 20 Oct 2025 03:40:26 +0000
asID: 8772
IP address blocks: 2a0f:9400:6170::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:78:11:20:05:83:08:95:ae:b2:a5:99:aa:cd:ab:2b:4d:a9:52:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Oct 21 03:35:26 2024 GMT
Not After : Oct 20 03:40:26 2025 GMT
Subject: CN=80882300ABFDE786977D02AD8AA4017D98D98F06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:11:ef:9a:3a:fb:c5:e1:e3:38:41:3c:ba:66:
6e:d7:3b:c3:aa:e5:5e:6d:0d:1b:5d:10:a8:7f:9c:
56:41:c6:be:d3:ed:26:3d:fc:47:9c:c7:95:20:d6:
42:d2:86:35:ba:00:88:21:ce:98:e1:64:86:d3:4d:
68:9b:96:cf:97:04:51:2b:70:9a:4a:05:2d:1d:6b:
74:9a:02:e5:39:a1:5d:de:ce:87:03:42:b7:f8:a2:
ea:c2:9d:d8:45:7d:38:fa:20:bd:44:9f:9f:e5:f9:
15:7a:cd:ed:d2:8e:62:ec:cd:40:63:b9:bd:63:24:
5a:14:f5:80:0e:05:3b:c7:b5:88:af:02:ee:5d:ea:
f0:09:25:a1:49:92:b0:fc:86:77:36:71:79:c2:02:
e4:3a:21:5f:36:48:8d:c8:25:9d:e7:ae:87:0c:1c:
06:ad:fe:21:81:40:67:c2:00:e3:1f:ff:ae:60:3f:
91:e4:14:34:dd:68:b5:03:7f:1b:26:a6:11:b2:a0:
2b:78:b2:bc:39:a0:58:0e:9f:5b:43:a8:5c:71:5b:
cc:b8:09:44:a5:ee:5c:c7:59:61:20:a1:76:e3:2e:
28:8c:ab:38:54:9a:9f:d9:b2:7e:d5:26:33:56:5f:
19:dd:50:de:ee:fa:f9:3c:6a:e4:50:ea:a6:77:97:
c4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:88:23:00:AB:FD:E7:86:97:7D:02:AD:8A:A4:01:7D:98:D9:8F:06
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS8772.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:6170::/44
Signature Algorithm: sha256WithRSAEncryption
1c:d2:b3:d9:4f:d8:8f:c1:ef:6e:46:c6:2a:f9:a5:a2:6f:40:
47:87:da:53:d2:5a:48:7f:03:3a:07:3f:c9:d5:02:70:bc:ae:
90:54:57:da:4d:a1:d4:a4:7a:34:cb:db:a2:05:69:4a:47:e9:
9f:19:79:7c:1a:4b:b3:d9:36:86:da:60:44:52:f9:1c:74:a7:
1e:76:0c:9e:eb:84:ca:2d:00:5d:35:75:4d:73:58:a4:1f:c6:
f3:c2:8b:33:10:21:1a:03:24:f1:a9:ae:ba:bd:0b:82:db:ea:
8d:2d:5f:13:1f:f0:24:e3:4f:54:f1:04:d6:53:b8:50:06:9e:
88:38:63:91:31:02:05:de:c5:88:7b:fa:3f:8d:fa:27:60:61:
db:0a:89:c9:65:8f:e7:59:7e:b9:68:00:77:d9:4a:11:82:d3:
24:57:1d:22:30:cb:d3:99:35:28:14:68:81:66:cf:9c:69:8d:
d8:a9:bf:c2:22:41:32:23:72:3a:c0:18:30:8f:65:8d:ae:d1:
b9:fd:fd:7e:9f:d5:d5:95:ac:ff:69:c4:d0:61:af:c3:5d:e6:
ec:b7:6f:ed:a5:ca:27:2a:67:0b:5c:ad:77:da:4e:4f:d8:12:
21:7d:09:29:3c:53:dd:a0:c9:2d:7b:2c:10:8c:4a:df:e7:a2:
af:97:13:6d
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgIUd3gRIAWDCJWusqWZqs2rK02pUuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDEwMjEwMzM1MjZaFw0yNTEwMjAwMzQwMjZaMDMxMTAvBgNV
BAMTKDgwODgyMzAwQUJGREU3ODY5NzdEMDJBRDhBQTQwMTdEOThEOThGMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcEe+aOvvF4eM4QTy6Zm7XO8Oq
5V5tDRtdEKh/nFZBxr7T7SY9/Eecx5Ug1kLShjW6AIghzpjhZIbTTWibls+XBFEr
cJpKBS0da3SaAuU5oV3ezocDQrf4ourCndhFfTj6IL1En5/l+RV6ze3SjmLszUBj
ub1jJFoU9YAOBTvHtYivAu5d6vAJJaFJkrD8hnc2cXnCAuQ6IV82SI3IJZ3nrocM
HAat/iGBQGfCAOMf/65gP5HkFDTdaLUDfxsmphGyoCt4srw5oFgOn1tDqFxxW8y4
CUSl7lzHWWEgoXbjLiiMqzhUmp/Zsn7VJjNWXxndUN7u+vk8auRQ6qZ3l8QrAgMB
AAGjggHHMIIBwzAdBgNVHQ4EFgQUgIgjAKv954aXfQKtiqQBfZjZjwYwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBaBggrBgEFBQcBCwROMEwwSgYIKwYBBQUHMAuG
PnJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzg3NzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYB
BQUHAQcBAf8EEzARMA8EAgACMAkDBwQqD5QAYXAwDQYJKoZIhvcNAQELBQADggEB
ABzSs9lP2I/B725Gxir5paJvQEeH2lPSWkh/AzoHP8nVAnC8rpBUV9pNodSkejTL
26IFaUpH6Z8ZeXwaS7PZNobaYERS+Rx0px52DJ7rhMotAF01dU1zWKQfxvPCizMQ
IRoDJPGprrq9C4Lb6o0tXxMf8CTjT1TxBNZTuFAGnog4Y5ExAgXexYh7+j+N+idg
YdsKicllj+dZfrloAHfZShGC0yRXHSIwy9OZNSgUaIFmz5xpjdipv8IiQTIjcjrA
GDCPZY2u0bn9/X6f1dWVrP9pxNBhr8Nd5uy3b+2lyicqZwtcrXfaTk/YEiF9CSk8
U92gyS17LBCMSt/noq+XE20=
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:34:43 2024 by rpki-client on console-fra.rpki-client.org