$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS213864.roa File: AS213864.roa (raw, json) Hash identifier: LgHtDQKqq2wO6mT2BlxlUv1Jvfr/SnEYKR2pHFw4/vw= Subject key identifier: E6:C6:F5:A7:CC:1F:F6:AD:AC:CA:67:D1:E2:77:56:32:77:3B:26:8B Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 2114BB8082C5F3D8098410809A333D4D21BC3E5F Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS213864.roa Signing time: Wed 29 Oct 2025 13:04:30 +0000 ROA not before: Wed 29 Oct 2025 12:59:30 +0000 ROA not after: Wed 28 Oct 2026 13:04:30 +0000 asID: 213864 IP address blocks: 2a05:dfc2::/32 maxlen: 32 2a06:1284::/32 maxlen: 32 2a0f:6285::/32 maxlen: 32 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Nov 2025 03:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:14:bb:80:82:c5:f3:d8:09:84:10:80:9a:33:3d:4d:21:bc:3e:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Oct 29 12:59:30 2025 GMT Not After : Oct 28 13:04:30 2026 GMT Subject: CN=E6C6F5A7CC1FF6ADACCA67D1E2775632773B268B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:33:86:8f:ce:77:d1:a8:33:58:82:24:0c:0b: a6:23:eb:c6:3f:34:66:91:bf:90:d1:3a:ca:27:13: 7f:3b:12:b0:3f:c5:a3:5e:d8:57:01:32:94:be:be: b7:8d:45:d2:9a:4d:cd:1d:33:30:b5:18:db:cf:54: 78:0b:aa:70:db:e0:eb:be:b9:1d:09:b4:03:c3:b7: aa:fe:de:7a:dd:1c:23:93:08:e8:67:2e:9f:32:55: 01:40:bd:8e:d2:50:17:c1:4a:e0:da:e3:5f:8c:20: 6f:3f:9d:06:08:ca:d1:bc:a0:2d:6b:bc:91:fb:c4: 62:d2:5b:50:02:1f:77:53:20:b6:74:e2:fc:12:5b: fe:c3:b2:e6:4e:c8:33:6b:c5:71:01:06:0b:ce:35: d4:8a:39:8a:fa:44:d4:fb:01:d0:29:9b:ab:65:c5: 38:f9:cf:d3:78:cd:f1:a1:60:c8:50:58:5a:63:73: 8d:23:ee:a2:3d:c4:41:28:15:8d:32:41:30:d5:f3: e0:cb:8f:ff:c6:69:81:a6:59:43:dd:61:52:33:57: 75:b8:6a:68:08:4c:66:7e:06:fd:e3:3d:e3:14:35: 6a:18:04:3b:69:1e:20:0c:b5:dd:21:6f:ed:ef:42: 45:f3:9c:07:9a:ea:b2:16:d4:47:cd:dc:da:03:cd: 14:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:C6:F5:A7:CC:1F:F6:AD:AC:CA:67:D1:E2:77:56:32:77:3B:26:8B X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS213864.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc2::/32 2a06:1284::/32 2a0f:6285::/32 Signature Algorithm: sha256WithRSAEncryption 01:7c:9f:b6:61:c5:c0:b6:f7:51:87:99:bb:0a:96:73:3a:ac: 4f:83:82:96:2d:ba:dd:28:eb:10:43:50:c0:1c:33:f3:4e:7b: 0d:c1:57:96:90:14:1d:6b:0a:2c:c8:2d:cb:f3:92:f3:51:67: 4d:3f:e7:22:7e:7a:87:47:36:ee:eb:b0:b6:09:87:ac:83:70: 95:61:22:79:c7:ac:02:19:0a:e9:c6:8a:17:0e:ce:27:b6:11: 67:b9:7a:79:21:9b:26:a5:27:56:7c:f8:62:c9:b3:25:60:d9: 3f:63:10:e1:ca:9b:81:b1:0c:a4:83:e5:60:6e:15:88:27:38: aa:09:da:07:2f:08:af:bf:e6:62:50:51:2a:93:21:42:d7:8b: cb:0e:08:52:8c:b6:ec:e3:11:ad:9b:02:ce:d0:fc:e4:b8:81: 7b:9c:c6:a3:3f:67:09:7f:11:86:bd:ed:df:71:32:72:48:19: c0:38:25:8b:ff:eb:a2:b5:95:6f:43:3e:56:58:b5:ff:26:c4: 61:ca:89:e8:01:c8:a2:54:b2:62:8d:06:0b:a2:bb:f8:2f:e2: 2f:18:9d:84:e6:3c:0c:b5:a9:3b:12:94:c7:20:7e:95:17:70: 2e:11:3e:a3:5e:19:8b:4c:b1:de:99:54:32:30:45:e1:df:86: 4f:d8:ba:0c -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgIUIRS7gILF89gJhBCAmjM9TSG8Pl8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTEwMjkxMjU5MzBaFw0yNjEwMjgxMzA0MzBaMDMxMTAvBgNV BAMTKEU2QzZGNUE3Q0MxRkY2QURBQ0NBNjdEMUUyNzc1NjMyNzczQjI2OEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaM4aPznfRqDNYgiQMC6Yj68Y/ NGaRv5DROsonE387ErA/xaNe2FcBMpS+vreNRdKaTc0dMzC1GNvPVHgLqnDb4Ou+ uR0JtAPDt6r+3nrdHCOTCOhnLp8yVQFAvY7SUBfBSuDa41+MIG8/nQYIytG8oC1r vJH7xGLSW1ACH3dTILZ04vwSW/7DsuZOyDNrxXEBBgvONdSKOYr6RNT7AdApm6tl xTj5z9N4zfGhYMhQWFpjc40j7qI9xEEoFY0yQTDV8+DLj//GaYGmWUPdYVIzV3W4 amgITGZ+Bv3jPeMUNWoYBDtpHiAMtd0hb+3vQkXznAea6rIW1EfN3NoDzRQRAgMB AAGjggHrMIIB5zAdBgNVHQ4EFgQU5sb1p8wf9q2symfR4ndWMnc7JoswHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTM4NjQucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMBsEAgACMBUDBQAq Bd/CAwUAKgYShAMFACoPYoUwDQYJKoZIhvcNAQELBQADggEBAAF8n7ZhxcC291GH mbsKlnM6rE+DgpYtut0o6xBDUMAcM/NOew3BV5aQFB1rCizILcvzkvNRZ00/5yJ+ eodHNu7rsLYJh6yDcJVhInnHrAIZCunGihcOzie2EWe5enkhmyalJ1Z8+GLJsyVg 2T9jEOHKm4GxDKSD5WBuFYgnOKoJ2gcvCK+/5mJQUSqTIULXi8sOCFKMtuzjEa2b As7Q/OS4gXucxqM/Zwl/EYa97d9xMnJIGcA4JYv/66K1lW9DPlZYtf8mxGHKiegB yKJUsmKNBguiu/gv4i8YnYTmPAy1qTsSlMcgfpUXcC4RPqNeGYtMsd6ZVDIwReHf hk/Yugw= -----END CERTIFICATE-----Generated at Wed Nov 5 11:59:21 2025 by rpki-client