Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211167.roa
File: AS211167.roa (raw, json)
Hash identifier: JC5vvDgf0b+KAZkb+00MWVT6cT+c3hDFTZo1SoNwXoM=
Subject key identifier: B3:A0:E2:87:AE:7F:F4:EB:21:6D:7C:9C:F2:61:F6:38:7D:3F:4A:47
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 6683B09DD3B7C8AFBE9B8AB3613EE479899EF40F
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211167.roa
Signing time: Tue 17 Jun 2025 03:14:56 +0000
ROA not before: Tue 17 Jun 2025 03:09:56 +0000
ROA not after: Tue 16 Jun 2026 03:14:56 +0000
asID: 211167
IP address blocks: 2a0f:9400:8009::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 02:35:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:83:b0:9d:d3:b7:c8:af:be:9b:8a:b3:61:3e:e4:79:89:9e:f4:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: Jun 17 03:09:56 2025 GMT
Not After : Jun 16 03:14:56 2026 GMT
Subject: CN=B3A0E287AE7FF4EB216D7C9CF261F6387D3F4A47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:34:57:70:f9:57:ee:93:8e:e9:3d:2c:a8:88:
40:19:19:81:bb:7f:e4:77:ae:c8:a7:86:a1:0e:f4:
2f:80:e6:ef:aa:1b:fc:9a:b4:23:e3:5e:0b:23:52:
29:c6:8e:34:78:05:0c:db:10:9c:04:aa:b5:42:12:
87:ba:a0:4a:54:85:b5:0c:01:5a:4d:9d:65:ba:2a:
76:93:5f:e9:5e:53:3e:64:0f:de:e9:7b:96:f1:5f:
50:7a:61:65:4d:d1:24:99:87:28:bd:40:b1:0c:cc:
ad:d8:9d:de:4b:4d:04:c9:22:b2:4a:c0:33:fa:95:
00:f6:5f:69:f4:f5:53:33:e1:00:c2:c3:4b:78:21:
2e:c6:2c:da:01:53:6b:57:fe:8a:cc:dd:44:6c:d2:
91:dc:29:44:6a:2d:4b:45:93:b3:67:4a:9e:f8:c3:
21:d4:22:b4:b9:df:f2:67:2e:97:f4:0f:57:15:a6:
9c:f5:09:e7:d8:e7:d8:75:30:0e:ec:07:ff:6c:e1:
2a:b4:8b:18:0a:16:f0:59:45:1e:13:af:01:18:28:
f0:db:c6:1f:b1:82:8d:e9:ab:ec:3f:e6:c4:b2:d4:
75:b9:dc:eb:00:12:e5:99:f4:30:d5:5d:c0:f2:1d:
48:6f:23:dd:c2:05:7d:c4:c5:f1:0f:6d:29:07:b8:
5f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A0:E2:87:AE:7F:F4:EB:21:6D:7C:9C:F2:61:F6:38:7D:3F:4A:47
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS211167.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:8009::/48
Signature Algorithm: sha256WithRSAEncryption
62:73:dc:93:ea:f8:64:99:fa:89:6a:cd:4f:61:b8:44:6c:13:
3a:4f:43:51:9b:51:73:3e:a0:a7:88:d2:62:5e:61:fe:31:b0:
56:60:36:6f:28:a7:fe:1d:f8:a6:a0:4d:f8:45:0b:76:fb:cf:
bf:df:e2:3d:b7:59:d6:ab:28:f1:c2:69:a3:cc:a0:05:45:17:
d3:68:50:57:6d:03:c4:31:7d:ae:9f:1a:9e:96:55:dd:22:8b:
5e:89:af:4e:5f:49:a1:41:ae:54:ca:88:54:fc:1f:e7:a9:8b:
04:cb:59:e8:d1:59:d6:49:f0:95:5b:8b:ed:2e:6c:1d:7d:6c:
4e:98:da:26:a8:25:e4:14:9d:d9:92:2d:e6:70:1d:80:c8:4a:
42:40:b9:13:f3:84:c5:8d:2f:ec:d1:0f:78:83:a9:bb:a0:8b:
fc:6e:3c:98:bf:81:da:30:b3:5c:bc:47:e0:6f:f4:d9:3a:c2:
f6:d5:32:1e:05:2f:d8:94:6f:dc:cb:89:4c:a9:92:06:b8:f9:
55:25:54:d9:9f:77:b6:5b:c0:34:27:aa:da:d4:10:77:6f:42:
a5:96:32:56:2c:f1:7a:80:b9:0d:0d:33:7f:03:1c:b2:76:ec:
2c:bd:7d:a4:e1:f3:2f:01:f1:30:a3:b5:21:e5:62:86:03:ad:
53:f6:79:35
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUZoOwndO3yK++m4qzYT7keYme9A8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNTA2MTcwMzA5NTZaFw0yNjA2MTYwMzE0NTZaMDMxMTAvBgNV
BAMTKEIzQTBFMjg3QUU3RkY0RUIyMTZEN0M5Q0YyNjFGNjM4N0QzRjRBNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFNFdw+Vfuk47pPSyoiEAZGYG7
f+R3rsinhqEO9C+A5u+qG/yatCPjXgsjUinGjjR4BQzbEJwEqrVCEoe6oEpUhbUM
AVpNnWW6KnaTX+leUz5kD97pe5bxX1B6YWVN0SSZhyi9QLEMzK3Ynd5LTQTJIrJK
wDP6lQD2X2n09VMz4QDCw0t4IS7GLNoBU2tX/orM3URs0pHcKURqLUtFk7NnSp74
wyHUIrS53/JnLpf0D1cVppz1CefY59h1MA7sB/9s4Sq0ixgKFvBZRR4TrwEYKPDb
xh+xgo3pq+w/5sSy1HW53OsAEuWZ9DDVXcDyHUhvI93CBX3ExfEPbSkHuF+DAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUs6Dih65/9OshbXyc8mH2OH0/SkcwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIxMTE2Ny5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlACACTANBgkqhkiG9w0BAQsFAAOC
AQEAYnPck+r4ZJn6iWrNT2G4RGwTOk9DUZtRcz6gp4jSYl5h/jGwVmA2byin/h34
pqBN+EULdvvPv9/iPbdZ1qso8cJpo8ygBUUX02hQV20DxDF9rp8anpZV3SKLXomv
Tl9JoUGuVMqIVPwf56mLBMtZ6NFZ1knwlVuL7S5sHX1sTpjaJqgl5BSd2ZIt5nAd
gMhKQkC5E/OExY0v7NEPeIOpu6CL/G48mL+B2jCzXLxH4G/02TrC9tUyHgUv2JRv
3MuJTKmSBrj5VSVU2Z93tlvANCeq2tQQd29CpZYyVizxeoC5DQ0zfwMcsnbsLL19
pOHzLwHxMKO1IeVihgOtU/Z5NQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 10:00:03 2025 by rpki-client