
Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: 7llNCVlD+RXTaSOKMV2O1nmPVdy7BnBKBisvShoFEH0=
Subject key identifier: 30:B6:62:5A:14:8B:22:37:14:9C:F5:CD:58:F5:47:EC:FD:17:D7:82
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 31BD641FEA61C1819AF9BFC8EE523179A5E760AF
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS0.roa
Signing time: Tue 05 Aug 2025 15:33:22 +0000
ROA not before: Tue 05 Aug 2025 15:28:22 +0000
ROA not after: Tue 04 Aug 2026 15:33:22 +0000
asID: 0
IP address blocks: 2a05:dfc3:f400::/40 maxlen: 40
2a06:1281:7000::/36 maxlen: 128
2a06:1281:9000::/36 maxlen: 36
2a06:1281:a000::/36 maxlen: 128
2a09:54c6:1000::/36 maxlen: 128
2a09:54c7:3000::/36 maxlen: 36
2a09:54c7:4000::/36 maxlen: 128
2a09:54c7:5000::/36 maxlen: 128
2a09:54c7:6000::/36 maxlen: 128
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:bd:64:1f:ea:61:c1:81:9a:f9:bf:c8:ee:52:31:79:a5:e7:60:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Aug 5 15:28:22 2025 GMT
Not After : Aug 4 15:33:22 2026 GMT
Subject: CN=30B6625A148B2237149CF5CD58F547ECFD17D782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:44:f4:99:2b:1a:63:c5:7d:10:07:27:2b:3b:
26:05:80:53:84:3f:71:0c:04:68:e7:79:24:e7:c6:
06:11:46:c6:46:73:77:14:e7:c2:7e:e5:b5:d7:e9:
e5:85:bf:a7:ff:f9:2b:37:ac:3b:ff:da:78:69:77:
38:2b:08:56:aa:32:f4:d3:b7:05:a4:9d:a1:3f:85:
2a:ca:d2:29:ce:e9:9c:17:a4:46:5e:97:19:b5:7e:
bb:4e:fd:29:6a:99:ef:2d:2a:ad:89:fa:95:34:4b:
02:b1:c0:e1:5e:2d:07:da:3d:a4:cf:50:a2:56:ee:
0a:92:66:17:4b:d4:85:e4:94:20:c2:b2:77:e3:7f:
b8:59:7b:ff:92:9b:5e:69:c3:15:e9:0c:0d:f2:ea:
a9:0f:92:df:4c:3f:8a:88:fe:70:ac:5b:9c:ab:aa:
cb:41:84:4b:71:56:51:93:8f:13:5c:f5:90:2b:e9:
49:62:14:4c:fe:aa:b7:34:58:2f:45:32:c2:ff:74:
94:00:2e:86:7c:1b:57:42:06:7f:3f:1c:ab:4a:cd:
c6:9c:01:35:35:af:4a:81:fe:25:74:a2:d7:56:da:
f3:77:59:69:8c:6e:85:9a:bb:fd:c7:4e:11:df:60:
cd:91:f8:c2:fb:39:6f:d7:3c:59:3a:21:f8:f8:69:
00:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:B6:62:5A:14:8B:22:37:14:9C:F5:CD:58:F5:47:EC:FD:17:D7:82
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc3:f400::/40
2a06:1281:7000::/36
2a06:1281:9000::-2a06:1281:afff:ffff:ffff:ffff:ffff:ffff
2a09:54c6:1000::/36
2a09:54c7:3000::-2a09:54c7:6fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
05:02:00:25:06:30:6d:2d:6b:b0:ad:e5:56:30:ef:4c:82:19:
f8:cd:5f:2e:db:7c:22:e0:21:ca:47:57:21:06:60:c1:df:65:
ba:16:f4:ba:88:b3:a4:90:81:af:67:88:d8:86:d4:41:bc:93:
9c:c4:df:f5:b6:43:f2:b1:52:2e:26:70:f6:a2:1b:55:75:a2:
13:c2:b5:60:c0:cf:51:3b:d6:dd:78:40:b0:06:24:ed:d7:54:
0c:a2:2d:1f:ad:20:6d:15:c9:ac:c1:18:81:a6:3b:1f:6b:7f:
d7:69:df:af:87:82:4d:93:3d:7f:c7:ef:bd:6e:cf:c5:38:af:
42:4f:33:c5:f4:fe:e5:ed:51:20:37:a1:c2:12:c4:b2:b9:ff:
87:a9:e2:33:4a:53:01:64:10:07:2b:bc:13:1e:a3:4c:02:1d:
e7:ab:cf:e6:f0:c5:78:76:17:5a:26:6c:89:ad:56:73:20:7c:
1e:32:83:23:bf:0b:83:c6:9d:70:ae:c5:5c:ee:bb:5e:6a:97:
17:c4:0d:dd:ee:bb:c0:a0:4c:71:9d:98:2e:63:f3:f9:bf:12:
47:bc:18:df:ec:d9:74:c1:ef:81:fa:01:b6:59:89:ad:19:b1:
64:8e:8e:92:29:01:28:72:a9:0a:1e:11:f9:ac:cc:b1:18:46:
bd:b0:36:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUMb1kH+phwYGa+b/I7lIxeaXnYK8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA4MDUxNTI4MjJaFw0yNjA4MDQxNTMzMjJaMDMxMTAvBgNV
BAMTKDMwQjY2MjVBMTQ4QjIyMzcxNDlDRjVDRDU4RjU0N0VDRkQxN0Q3ODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYRPSZKxpjxX0QBycrOyYFgFOE
P3EMBGjneSTnxgYRRsZGc3cU58J+5bXX6eWFv6f/+Ss3rDv/2nhpdzgrCFaqMvTT
twWknaE/hSrK0inO6ZwXpEZelxm1frtO/Slqme8tKq2J+pU0SwKxwOFeLQfaPaTP
UKJW7gqSZhdL1IXklCDCsnfjf7hZe/+Sm15pwxXpDA3y6qkPkt9MP4qI/nCsW5yr
qstBhEtxVlGTjxNc9ZAr6UliFEz+qrc0WC9FMsL/dJQALoZ8G1dCBn8/HKtKzcac
ATU1r0qB/iV0otdW2vN3WWmMboWau/3HThHfYM2R+ML7OW/XPFk6Ifj4aQDzAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUMLZiWhSLIjcUnPXNWPVH7P0X14IwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyMEoGCCsGAQUFBwELBD4wPDA6BggrBgEFBQcwC4YucnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAAjA8AwYAKgXfw/QD
BgQqBhKBcDAQAwYEKgYSgZADBgQqBhKBoAMGBCoJVMYQMBADBgQqCVTHMAMGBCoJ
VMdgMA0GCSqGSIb3DQEBCwUAA4IBAQAFAgAlBjBtLWuwreVWMO9Mghn4zV8u23wi
4CHKR1chBmDB32W6FvS6iLOkkIGvZ4jYhtRBvJOcxN/1tkPysVIuJnD2ohtVdaIT
wrVgwM9RO9bdeECwBiTt11QMoi0frSBtFcmswRiBpjsfa3/Xad+vh4JNkz1/x++9
bs/FOK9CTzPF9P7l7VEgN6HCEsSyuf+HqeIzSlMBZBAHK7wTHqNMAh3nq8/m8MV4
dhdaJmyJrVZzIHweMoMjvwuDxp1wrsVc7rteapcXxA3d7rvAoExxnZguY/P5vxJH
vBjf7Nl0we+B+gG2WYmtGbFkjo6SKQEocqkKHhH5rMyxGEa9sDbo
-----END CERTIFICATE-----
Generated at Tue Aug 5 20:05:50 2025 by rpki-client