$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS133504.roa File: AS133504.roa (raw, json) Hash identifier: jlyk6LVMY5V1FQ5YYNHWdi6bDgUHNgoSeILJTDWE1oI= Subject key identifier: 8C:35:8D:A0:21:E1:29:DC:1A:82:87:6B:68:EA:D2:47:B4:0C:F3:CB Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 69F5A9474CDFFA996BDEF2FA2A28DF97592F6495 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS133504.roa Signing time: Wed 22 Oct 2025 08:55:57 +0000 ROA not before: Wed 22 Oct 2025 08:50:57 +0000 ROA not after: Wed 21 Oct 2026 08:55:57 +0000 asID: 133504 IP address blocks: 2a05:dfc3:f700::/40 maxlen: 48 2a05:dfc3:f750::/44 maxlen: 48 2a05:dfc3:f760::/44 maxlen: 48 2a06:1281:80::/44 maxlen: 44 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Nov 2025 03:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:f5:a9:47:4c:df:fa:99:6b:de:f2:fa:2a:28:df:97:59:2f:64:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Oct 22 08:50:57 2025 GMT Not After : Oct 21 08:55:57 2026 GMT Subject: CN=8C358DA021E129DC1A82876B68EAD247B40CF3CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:45:1e:cc:0d:f8:02:b5:f0:c2:6d:9b:37:22: d9:d5:cf:44:a6:28:ba:e6:02:12:d6:83:0d:df:da: a1:75:3c:5c:9b:b4:05:4a:65:45:77:1b:fd:57:8b: 2a:ae:b7:bd:23:8b:aa:99:aa:80:c8:24:35:37:1e: 85:0c:1a:da:4b:45:00:aa:b6:33:c2:5c:44:d1:4b: 2b:b7:52:3c:17:e8:ca:a6:34:10:8a:c4:23:be:77: 5d:44:fa:87:ca:78:82:60:4f:22:b4:9f:96:53:0d: cc:ca:0f:af:3f:61:bf:ff:90:aa:98:8c:11:90:82: 6e:8b:85:0a:19:d8:29:7b:b5:09:0f:88:6e:52:95: 64:a1:34:d5:cb:db:3b:05:aa:9a:fb:26:46:b8:24: 37:4a:b2:f9:e3:0f:e9:da:5f:a1:ba:00:e1:68:85: d2:86:af:42:92:72:c3:84:06:b9:9e:2d:14:bc:bb: 13:88:fc:00:21:36:71:06:eb:06:7c:a6:7f:3d:88: 05:74:38:fa:54:77:96:d8:bb:bd:7e:d2:bc:7a:29: 40:49:65:ff:8d:ed:53:86:2a:ff:1d:67:f7:3c:ed: 94:11:8f:75:94:31:72:2a:1b:1c:39:9c:f4:53:ee: e5:9b:d5:f2:48:a6:04:50:4f:a1:6c:32:aa:30:83: 8b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:35:8D:A0:21:E1:29:DC:1A:82:87:6B:68:EA:D2:47:B4:0C:F3:CB X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS133504.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f700::/40 2a06:1281:80::/44 Signature Algorithm: sha256WithRSAEncryption 3c:a5:b2:4b:4d:36:36:e8:6f:71:4b:c4:a3:66:47:31:9d:e4: 61:38:9b:b1:89:1a:d1:10:d4:8a:79:d0:09:61:19:13:a9:1c: 44:9f:37:58:7c:dd:e2:db:0a:87:ae:71:b7:f7:92:f6:ae:43: 77:d8:50:40:bc:75:cf:5f:df:b9:3c:80:a0:cb:75:1d:dc:44: ca:52:51:83:cb:cf:13:94:0e:ff:fb:ea:44:36:3b:a5:fe:63: 87:8f:a3:1a:00:cc:9c:34:a4:6f:ec:fe:25:3f:8e:ab:5f:20: a7:45:84:a0:2d:37:52:c8:48:d9:86:e1:c4:be:a5:0b:5e:2d: fa:d4:f6:2e:6c:36:ee:b1:3f:03:1c:89:74:93:51:70:06:ee: bc:85:7d:32:ef:88:1c:23:2d:02:c4:d0:1a:8f:4e:9f:66:24: 1d:cd:56:2b:1e:87:46:78:c4:a7:dd:a3:3f:3d:aa:99:05:32: a3:0e:e6:a2:53:66:9b:ab:dc:a4:10:e8:d8:93:c8:5f:6a:cb: 25:19:6a:5d:7e:c7:45:27:b4:9b:8f:c1:e6:f3:13:db:03:78: 08:02:4d:74:a7:ab:17:74:cc:8b:9a:3a:c8:42:77:53:2c:5e: 77:55:70:1c:36:f4:a2:9f:53:bd:2b:fc:76:9f:dc:ed:4f:d3: 6d:ef:c4:ae -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUafWpR0zf+plr3vL6Kijfl1kvZJUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTEwMjIwODUwNTdaFw0yNjEwMjEwODU1NTdaMDMxMTAvBgNV BAMTKDhDMzU4REEwMjFFMTI5REMxQTgyODc2QjY4RUFEMjQ3QjQwQ0YzQ0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDARR7MDfgCtfDCbZs3ItnVz0Sm KLrmAhLWgw3f2qF1PFybtAVKZUV3G/1Xiyqut70ji6qZqoDIJDU3HoUMGtpLRQCq tjPCXETRSyu3UjwX6MqmNBCKxCO+d11E+ofKeIJgTyK0n5ZTDczKD68/Yb//kKqY jBGQgm6LhQoZ2Cl7tQkPiG5SlWShNNXL2zsFqpr7Jka4JDdKsvnjD+naX6G6AOFo hdKGr0KScsOEBrmeLRS8uxOI/AAhNnEG6wZ8pn89iAV0OPpUd5bYu71+0rx6KUBJ Zf+N7VOGKv8dZ/c87ZQRj3WUMXIqGxw5nPRT7uWb1fJIpgRQT6FsMqowg4uPAgMB AAGjggHnMIIB4zAdBgNVHQ4EFgQUjDWNoCHhKdwagodraOrSR7QM88swHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMxMzM1MDQucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwKgYIKwYBBQUHAQcBAf8EGzAZMBcEAgACMBEDBgAq Bd/D9wMHBCoGEoEAgDANBgkqhkiG9w0BAQsFAAOCAQEAPKWyS002NuhvcUvEo2ZH MZ3kYTibsYka0RDUinnQCWEZE6kcRJ83WHzd4tsKh65xt/eS9q5Dd9hQQLx1z1/f uTyAoMt1HdxEylJRg8vPE5QO//vqRDY7pf5jh4+jGgDMnDSkb+z+JT+Oq18gp0WE oC03UshI2YbhxL6lC14t+tT2Lmw27rE/AxyJdJNRcAbuvIV9Mu+IHCMtAsTQGo9O n2YkHc1WKx6HRnjEp92jPz2qmQUyow7molNmm6vcpBDo2JPIX2rLJRlqXX7HRSe0 m4/B5vMT2wN4CAJNdKerF3TMi5o6yEJ3Uyxed1VwHDb0op9TvSv8dp/c7U/Tbe/E rg== -----END CERTIFICATE-----Generated at Wed Nov 5 11:59:25 2025 by rpki-client