$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS213576.roa File: AS213576.roa (raw, json) Hash identifier: 0pbVsRTbfZMv6iAX4gwymEawWlb0wXRk+yS/FXIB99U= Subject key identifier: 07:17:95:48:7F:49:F9:E8:E2:40:E2:33:12:03:A9:14:FE:0E:AD:92 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 5B2B9FA0303266A3AFE01CB3076E6D319E69A962 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS213576.roa Signing time: Tue 05 Aug 2025 05:55:43 +0000 ROA not before: Tue 05 Aug 2025 05:50:43 +0000 ROA not after: Tue 04 Aug 2026 05:55:43 +0000 asID: 213576 IP address blocks: 2a05:dfc3:fe00::/40 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 10 Aug 2025 10:03:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:2b:9f:a0:30:32:66:a3:af:e0:1c:b3:07:6e:6d:31:9e:69:a9:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Aug 5 05:50:43 2025 GMT Not After : Aug 4 05:55:43 2026 GMT Subject: CN=071795487F49F9E8E240E2331203A914FE0EAD92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:a0:74:f8:e2:45:07:8e:2d:94:b2:8a:5e:d0: 00:b4:4a:1e:a2:fa:ce:34:3d:26:d9:75:aa:a7:9a: ac:c9:84:19:f1:09:1d:e5:07:4b:b6:5c:79:16:e7: 7b:3b:1f:a9:3e:d9:8f:95:b4:86:e0:a8:c5:6f:74: b2:f9:54:8c:19:7f:4a:63:be:d9:aa:3e:1a:e5:0d: b8:f9:ad:73:be:ad:3b:a2:fa:55:e0:bc:c4:dd:ae: 16:8a:9e:7b:d1:6f:bd:c9:d7:2a:20:33:e1:96:56: ac:1c:c2:3f:bc:ef:a9:c3:9e:f7:80:6a:91:c9:00: 39:f9:e2:35:82:ca:1d:e7:c1:f2:4a:67:13:36:84: 71:bb:0a:66:fc:c0:34:e1:20:fa:a4:fa:73:06:a9: d6:6c:01:5f:90:1e:a6:0d:1b:9f:03:28:0e:1b:20: 5b:5b:ff:c2:e4:65:3f:e6:c8:ab:6c:a1:8b:16:02: f5:70:87:b4:fc:8a:8c:ee:d0:1d:76:7d:51:82:d6: b4:53:a4:d6:81:93:e0:80:19:94:04:85:f5:df:1c: ee:01:47:88:cb:80:a2:45:e4:48:bf:54:c0:90:4a: ca:bf:02:34:a2:c7:a2:97:f5:e2:f0:8a:99:96:63: 6c:a9:cc:13:b5:a7:d8:c0:73:ab:fe:dc:5b:bc:86: 69:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:17:95:48:7F:49:F9:E8:E2:40:E2:33:12:03:A9:14:FE:0E:AD:92 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS213576.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:fe00::/40 Signature Algorithm: sha256WithRSAEncryption 3b:bd:4d:63:22:66:80:8b:c0:27:74:24:3c:e5:1e:ee:2d:c4: 0a:33:e9:1a:99:8d:42:05:a2:5c:59:a4:de:b1:63:86:9f:ca: f8:a0:41:b6:e0:82:81:85:e8:dd:da:93:30:d6:e3:a5:47:4d: 20:8f:26:d1:9a:40:d9:c0:05:a8:06:a3:8c:b2:5c:a0:f9:42: da:d2:26:57:9c:32:01:6a:d1:88:eb:33:a5:1e:ad:59:36:f9: 00:58:26:59:00:41:8b:9c:5f:04:cf:d5:b0:c9:87:41:80:30: dc:92:eb:41:cb:46:d4:2f:a5:52:80:fe:ab:ad:a6:24:13:0a: e1:59:9a:0e:9f:df:2d:0a:21:b7:8d:d3:ed:e9:dd:57:1e:cd: 9e:04:8f:7c:2b:6b:cf:07:a9:33:aa:ac:4e:3b:2d:e0:17:2e: 32:67:dd:d1:6f:f7:c2:55:be:a5:3e:db:05:da:4b:70:e9:27: 84:af:1c:11:31:0a:7b:2a:fb:b5:ab:d3:5a:5c:15:74:1c:83: f9:32:60:13:3a:0d:f0:69:a2:fc:7c:28:a1:de:0b:50:b5:27: bc:24:d4:a5:06:ad:f8:b3:ed:00:f4:0a:a1:8e:eb:c5:66:df: 90:da:5c:fa:98:ef:55:80:0c:a3:57:57:df:2e:0e:04:36:9b: 7a:13:18:57 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUWyufoDAyZqOv4ByzB25tMZ5pqWIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA4MDUwNTUwNDNaFw0yNjA4MDQwNTU1NDNaMDMxMTAvBgNV BAMTKDA3MTc5NTQ4N0Y0OUY5RThFMjQwRTIzMzEyMDNBOTE0RkUwRUFEOTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaoHT44kUHji2Usope0AC0Sh6i +s40PSbZdaqnmqzJhBnxCR3lB0u2XHkW53s7H6k+2Y+VtIbgqMVvdLL5VIwZf0pj vtmqPhrlDbj5rXO+rTui+lXgvMTdrhaKnnvRb73J1yogM+GWVqwcwj+876nDnveA apHJADn54jWCyh3nwfJKZxM2hHG7Cmb8wDThIPqk+nMGqdZsAV+QHqYNG58DKA4b IFtb/8LkZT/myKtsoYsWAvVwh7T8iozu0B12fVGC1rRTpNaBk+CAGZQEhfXfHO4B R4jLgKJF5Ei/VMCQSsq/AjSix6KX9eLwipmWY2ypzBO1p9jAc6v+3Fu8hmkbAgMB AAGjggHeMIIB2jAdBgNVHQ4EFgQUBxeVSH9J+ejiQOIzEgOpFP4OrZIwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTM1NzYucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAq Bd/D/jANBgkqhkiG9w0BAQsFAAOCAQEAO71NYyJmgIvAJ3QkPOUe7i3ECjPpGpmN QgWiXFmk3rFjhp/K+KBBtuCCgYXo3dqTMNbjpUdNII8m0ZpA2cAFqAajjLJcoPlC 2tImV5wyAWrRiOszpR6tWTb5AFgmWQBBi5xfBM/VsMmHQYAw3JLrQctG1C+lUoD+ q62mJBMK4VmaDp/fLQoht43T7endVx7NngSPfCtrzwepM6qsTjst4BcuMmfd0W/3 wlW+pT7bBdpLcOknhK8cETEKeyr7tavTWlwVdByD+TJgEzoN8Gmi/Hwood4LULUn vCTUpQat+LPtAPQKoY7rxWbfkNpc+pjvVYAMo1dX3y4OBDabehMYVw== -----END CERTIFICATE-----Generated at Sat Aug 9 20:43:23 2025 by rpki-client