Route Origin Authorization
$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS197691.roa
File: AS197691.roa (raw, json)
Hash identifier: ijE2WkkQCKGwNaWJpGLbJ+MqdjjhDeLSAJktQbRVdjs=
Subject key identifier: 31:69:6B:E8:6E:B2:73:2F:7A:50:FD:FD:49:5E:AF:C6:46:B9:72:C5
Certificate issuer: /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial: 318A2FCD338D5B7B3E8F6158C3B4D5188225E7A8
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS197691.roa
Signing time: Sat 24 May 2025 09:05:07 +0000
ROA not before: Sat 24 May 2025 09:00:07 +0000
ROA not after: Sat 23 May 2026 09:05:07 +0000
asID: 197691
IP address blocks: 2a0f:9400:700f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:8a:2f:cd:33:8d:5b:7b:3e:8f:61:58:c3:b4:d5:18:82:25:e7:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Validity
Not Before: May 24 09:00:07 2025 GMT
Not After : May 23 09:05:07 2026 GMT
Subject: CN=31696BE86EB2732F7A50FDFD495EAFC646B972C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:55:19:c0:37:11:aa:fd:a2:1b:00:79:41:7e:
54:d8:9b:05:6a:39:82:94:bd:a9:14:eb:06:b3:73:
bc:64:55:65:85:b4:8d:10:f0:d5:8e:91:9e:4a:c8:
d0:c8:d5:68:71:dd:fc:7f:6f:27:c8:91:3e:83:f2:
1e:6a:44:ff:f8:2c:2b:3b:21:3c:83:52:32:a3:ef:
09:4a:0b:89:c8:bf:06:25:cd:aa:d1:60:b0:29:fc:
2f:b9:67:f3:40:29:7e:df:2d:3f:a6:f6:0f:ee:d1:
83:a3:2b:2f:96:e1:7e:8f:94:f4:1f:3e:e3:6a:37:
6b:c1:e7:35:55:4f:ec:61:b1:3b:ab:57:e0:d7:1e:
91:f0:cf:7d:2f:e9:aa:b9:21:94:3c:ac:31:d8:d6:
8b:7d:de:13:ee:35:28:b2:0e:e4:55:f5:8a:a7:aa:
f8:41:95:f8:1c:c7:88:e4:b6:4f:88:56:87:bd:85:
92:aa:06:f7:55:e2:4c:d9:50:48:d8:65:c0:63:fb:
04:36:1e:c5:1c:ff:57:28:bf:65:64:17:6e:0a:a2:
dd:94:3f:85:6a:bb:14:aa:f8:d6:dd:54:04:59:0c:
54:05:86:1c:b3:3e:57:fc:b7:28:91:d3:76:aa:67:
dd:b4:25:f5:a5:d9:1d:d3:9c:55:34:ad:15:4d:6f:
38:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:69:6B:E8:6E:B2:73:2F:7A:50:FD:FD:49:5E:AF:C6:46:B9:72:C5
X509v3 Authority Key Identifier:
keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS197691.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9400:700f::/48
Signature Algorithm: sha256WithRSAEncryption
99:67:22:6e:68:88:9b:94:69:14:09:80:c4:d3:67:77:84:e8:
e4:8b:a8:2e:9d:d6:3e:ee:b0:07:19:ad:79:80:f6:af:29:f0:
a6:ed:e1:76:5b:31:fd:29:fa:69:a3:cc:a6:49:72:8a:7c:79:
68:7b:9b:dd:de:cf:54:b6:68:f7:8a:f4:c1:ad:98:aa:f5:60:
33:79:a6:ef:1c:8f:1e:b3:fe:60:b8:07:c7:3d:84:e0:16:57:
da:78:00:90:2a:da:18:95:8e:c6:4e:d9:7e:46:fd:74:73:6d:
84:02:fa:c0:72:6a:a7:2a:6d:58:2d:3f:67:e6:56:2e:ae:b7:
3f:d6:44:ff:bd:13:3d:4b:74:c8:7c:85:74:31:7b:75:b0:f7:
1d:08:0e:a4:c2:c3:3e:69:68:ce:20:18:48:00:ab:0b:4a:1e:
c9:ec:e7:da:c6:a0:f5:df:8a:29:5d:1b:50:e8:f3:85:ff:d9:
71:4b:88:e7:61:f3:66:24:8f:91:54:21:98:f5:73:3a:5c:05:
a7:57:87:0d:ea:fe:bf:4e:b7:5f:e6:e7:da:47:d4:36:39:63:
1d:ec:63:a5:9e:ac:98:a2:4c:9e:bc:d0:e8:7b:4c:b0:1e:3e:
1d:d1:ec:89:0c:0b:ea:f2:11:5d:4e:6f:8e:60:0c:be:d8:6a:
9d:35:1e:98
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUMYovzTONW3s+j2FYw7TVGIIl56gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNTA1MjQwOTAwMDdaFw0yNjA1MjMwOTA1MDdaMDMxMTAvBgNV
BAMTKDMxNjk2QkU4NkVCMjczMkY3QTUwRkRGRDQ5NUVBRkM2NDZCOTcyQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8VRnANxGq/aIbAHlBflTYmwVq
OYKUvakU6wazc7xkVWWFtI0Q8NWOkZ5KyNDI1Whx3fx/byfIkT6D8h5qRP/4LCs7
ITyDUjKj7wlKC4nIvwYlzarRYLAp/C+5Z/NAKX7fLT+m9g/u0YOjKy+W4X6PlPQf
PuNqN2vB5zVVT+xhsTurV+DXHpHwz30v6aq5IZQ8rDHY1ot93hPuNSiyDuRV9Yqn
qvhBlfgcx4jktk+IVoe9hZKqBvdV4kzZUEjYZcBj+wQ2HsUc/1cov2VkF24Kot2U
P4VquxSq+NbdVARZDFQFhhyzPlf8tyiR03aqZ920JfWl2R3TnFU0rRVNbzj1AgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUMWlr6G6ycy96UP39SV6vxka5csUwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzE5NzY5MS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPlABwDzANBgkqhkiG9w0BAQsFAAOC
AQEAmWcibmiIm5RpFAmAxNNnd4To5IuoLp3WPu6wBxmteYD2rynwpu3hdlsx/Sn6
aaPMpklyinx5aHub3d7PVLZo94r0wa2YqvVgM3mm7xyPHrP+YLgHxz2E4BZX2ngA
kCraGJWOxk7Zfkb9dHNthAL6wHJqpyptWC0/Z+ZWLq63P9ZE/70TPUt0yHyFdDF7
dbD3HQgOpMLDPmloziAYSACrC0oeyezn2sag9d+KKV0bUOjzhf/ZcUuI52HzZiSP
kVQhmPVzOlwFp1eHDer+v063X+bn2kfUNjljHexjpZ6smKJMnrzQ6HtMsB4+HdHs
iQwL6vIRXU5vjmAMvthqnTUemA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:26:32 2025 by rpki-client