Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS207113.roa
File: AS207113.roa (raw, json)
Hash identifier: uZGBBBhYAXhMXJDD21J0T0fmPE7vbdoSnr2tfk+0ElQ=
Subject key identifier: 5A:32:EB:D5:B9:36:D0:3A:FA:6D:4F:34:83:7C:DF:7E:83:0E:2A:2C
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 113BAE1553131E5B1FC9C80A64D8226C21B12602
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS207113.roa
Signing time: Fri 15 May 2026 20:24:23 +0000
ROA not before: Fri 15 May 2026 20:19:23 +0000
ROA not after: Fri 14 May 2027 20:24:23 +0000
asID: 207113
IP address blocks: 2a06:1281::/44 maxlen: 48
2a06:1281::/48 maxlen: 48
2a06:1281:1::/48 maxlen: 48
2a0f:6284:100::/40 maxlen: 40
2a0f:6284:100::/44 maxlen: 44
2a0f:6284:100::/48 maxlen: 48
2a0f:6284:101::/48 maxlen: 48
2a0f:6284:102::/48 maxlen: 48
2a0f:6284:150::/44 maxlen: 44
2a0f:6284:150::/48 maxlen: 48
2a0f:6284:151::/48 maxlen: 48
2a0f:6284:152::/48 maxlen: 48
2a0f:6284:160::/44 maxlen: 44
2a0f:6284:160::/48 maxlen: 48
2a0f:6284:161::/48 maxlen: 48
2a0f:6284:162::/48 maxlen: 48
2a0f:6284:180::/44 maxlen: 44
2a0f:6284:180::/48 maxlen: 48
2a0f:6284:181::/48 maxlen: 48
2a0f:6284:182::/48 maxlen: 48
2a0f:6284:190::/44 maxlen: 44
2a0f:6284:190::/48 maxlen: 48
2a0f:6284:191::/48 maxlen: 48
2a0f:6284:192::/48 maxlen: 48
2a0f:6284:1a0::/44 maxlen: 44
2a0f:6284:1a0::/48 maxlen: 48
2a0f:6284:1a1::/48 maxlen: 48
2a0f:6284:1a2::/48 maxlen: 48
2a0f:6284:1c0::/48 maxlen: 48
2a0f:6284:1f0::/48 maxlen: 48
2a0f:6284:4200::/44 maxlen: 48
2a0f:6284:420f::/48 maxlen: 48
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 17:55:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:3b:ae:15:53:13:1e:5b:1f:c9:c8:0a:64:d8:22:6c:21:b1:26:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: May 15 20:19:23 2026 GMT
Not After : May 14 20:24:23 2027 GMT
Subject: CN=5A32EBD5B936D03AFA6D4F34837CDF7E830E2A2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5a:17:5e:5c:15:d9:9c:1c:a4:37:43:4f:29:
c2:ac:52:7d:be:2f:29:f8:b8:87:13:21:e9:04:5a:
77:30:87:04:74:17:85:06:d8:ce:f5:36:b0:52:77:
ac:15:41:9d:10:d1:97:46:bb:dc:01:dc:f7:db:d0:
2d:04:2a:bb:18:88:06:1c:16:bf:7a:3b:47:3a:13:
66:80:88:de:fc:6b:d8:de:07:2e:4e:87:f3:82:0c:
e5:24:ef:e1:d3:64:4f:0b:be:4e:dc:73:76:7d:35:
c3:2c:f5:8f:7c:ab:9b:d6:24:35:35:05:78:5e:f8:
8e:93:fa:86:c2:19:fa:b0:8c:85:5b:a7:7d:d1:3a:
a4:f1:af:7d:ad:e5:41:74:7b:fb:78:f6:2f:16:61:
b6:7c:cf:5a:c4:83:e2:f7:0f:bb:fc:cb:62:8f:b1:
65:af:e0:e6:b3:3d:2b:71:72:8f:3f:69:32:c6:a1:
7b:5f:54:ee:fa:d2:89:91:5d:1f:31:1d:c5:55:b6:
d5:16:7d:e8:13:c2:3b:97:b4:1a:3d:44:81:89:46:
29:f7:e8:7f:29:b0:b7:85:7d:ee:db:a6:f8:da:83:
21:1a:ac:40:c7:e3:93:c8:f0:d4:10:e8:94:6e:67:
55:d8:df:18:58:54:c3:96:a1:1d:ca:6b:55:a1:e7:
3e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:32:EB:D5:B9:36:D0:3A:FA:6D:4F:34:83:7C:DF:7E:83:0E:2A:2C
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS207113.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1281::/44
2a0f:6284:100::/40
2a0f:6284:4200::/44
Signature Algorithm: sha256WithRSAEncryption
42:e2:29:9d:71:a6:5d:98:04:32:ca:51:a3:b2:f2:dc:e3:a5:
99:cf:51:c1:54:75:88:26:c3:c7:9e:be:34:be:f2:a5:62:2c:
e4:4d:78:4c:03:fa:e1:1e:a2:cc:8d:7a:ae:02:f4:67:c4:c0:
85:96:eb:88:5b:55:02:59:23:85:b5:a4:79:b2:b6:7c:2d:cb:
35:99:a1:51:e6:5f:fd:c5:8d:f6:7e:34:55:93:25:f6:3a:3f:
ab:79:5d:c8:3e:64:62:3f:46:f1:a2:7c:76:39:8b:ff:f4:61:
5e:02:e4:0a:e6:84:77:51:4c:7c:ae:9c:ad:19:80:3e:bf:39:
f5:93:8f:bd:6f:01:ca:4e:4d:22:43:a4:76:1f:7c:4c:b4:d1:
d5:a4:11:57:5e:0d:43:01:d3:e5:99:46:e2:3a:af:42:de:4c:
20:23:dd:90:db:03:c2:5c:42:fb:83:27:d6:07:24:df:be:f6:
96:3f:49:36:28:09:39:a8:87:f1:38:34:c4:53:dd:89:2c:35:
96:08:51:98:81:a4:b7:d0:f1:39:a2:25:c5:3f:fd:77:19:9f:
2f:6b:c1:74:01:ad:d9:23:c2:be:15:ca:37:3f:91:cc:6d:8f:
46:da:46:d9:71:1d:88:66:c7:81:f3:98:dd:fd:ae:64:00:22:
25:a3:0f:4d
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUETuuFVMTHlsfycgKZNgibCGxJgIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA1MTUyMDE5MjNaFw0yNzA1MTQyMDI0MjNaMDMxMTAvBgNV
BAMTKDVBMzJFQkQ1QjkzNkQwM0FGQTZENEYzNDgzN0NERjdFODMwRTJBMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVWhdeXBXZnBykN0NPKcKsUn2+
Lyn4uIcTIekEWncwhwR0F4UG2M71NrBSd6wVQZ0Q0ZdGu9wB3Pfb0C0EKrsYiAYc
Fr96O0c6E2aAiN78a9jeBy5Oh/OCDOUk7+HTZE8Lvk7cc3Z9NcMs9Y98q5vWJDU1
BXhe+I6T+obCGfqwjIVbp33ROqTxr32t5UF0e/t49i8WYbZ8z1rEg+L3D7v8y2KP
sWWv4OazPStxco8/aTLGoXtfVO760omRXR8xHcVVttUWfegTwjuXtBo9RIGJRin3
6H8psLeFfe7bpvjagyEarEDH45PI8NQQ6JRuZ1XY3xhYVMOWoR3Ka1Wh5z6LAgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQUWjLr1bk20Dr6bU80g3zffoMOKiwwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDcxMTMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgACMBoDBwQq
BhKBAAADBgAqD2KEAQMHBCoPYoRCADANBgkqhkiG9w0BAQsFAAOCAQEAQuIpnXGm
XZgEMspRo7Ly3OOlmc9RwVR1iCbDx56+NL7ypWIs5E14TAP64R6izI16rgL0Z8TA
hZbriFtVAlkjhbWkebK2fC3LNZmhUeZf/cWN9n40VZMl9jo/q3ldyD5kYj9G8aJ8
djmL//RhXgLkCuaEd1FMfK6crRmAPr859ZOPvW8Byk5NIkOkdh98TLTR1aQRV14N
QwHT5ZlG4jqvQt5MICPdkNsDwlxC+4Mn1gck3772lj9JNigJOaiH8Tg0xFPdiSw1
lghRmIGkt9DxOaIlxT/9dxmfL2vBdAGt2SPCvhXKNz+RzG2PRtpG2XEdiGbHgfOY
3f2uZAAiJaMPTQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:20 2026 by rpki-client