Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS213864.roa
File: AS213864.roa (raw, json)
Hash identifier: uaHPLIPS9XuOR8VKq6kr6tjRzigGDzH2bw6ZOmqfKIM=
Subject key identifier: 29:ED:1C:35:52:0C:10:18:9F:65:BA:A3:F9:F8:37:DF:6E:40:04:B5
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 0F5B165C7DBD803393FAD09EA2548A8306BD8888
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS213864.roa
Signing time: Thu 11 Jun 2026 15:25:50 +0000
ROA not before: Thu 11 Jun 2026 15:20:50 +0000
ROA not after: Thu 10 Jun 2027 15:25:50 +0000
asID: 213864
IP address blocks: 2a05:dfc2::/32 maxlen: 32
2a09:54c4::/32 maxlen: 32
2a09:54c5::/36 maxlen: 36
2a0f:6280:2000::/36 maxlen: 48
2a0f:6282:9000::/36 maxlen: 36
2a0f:6283:9000::/36 maxlen: 36
2a0f:6283:a000::/36 maxlen: 36
2a0f:6284:5000::/36 maxlen: 36
2a0f:6285::/32 maxlen: 32
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 22:25:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:5b:16:5c:7d:bd:80:33:93:fa:d0:9e:a2:54:8a:83:06:bd:88:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Jun 11 15:20:50 2026 GMT
Not After : Jun 10 15:25:50 2027 GMT
Subject: CN=29ED1C35520C10189F65BAA3F9F837DF6E4004B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f8:a3:a1:66:b9:a5:56:10:f4:cb:30:54:94:
d8:1a:2d:8a:6f:13:97:e1:7a:de:d4:5a:de:5a:09:
97:f2:52:db:03:bc:99:ee:dc:cd:0d:79:3a:5d:04:
51:a1:24:1b:55:ca:99:ec:0d:06:08:7a:1e:98:f6:
d2:be:df:e7:a8:8f:02:92:37:38:5a:f5:6d:d9:7a:
49:7f:58:f9:11:49:68:90:5f:d9:09:54:8f:e4:38:
ed:8a:1b:2f:fc:ab:a4:2a:05:15:90:6e:59:9f:dd:
56:60:36:01:cf:7b:b2:0c:06:cc:97:89:97:82:c2:
1b:e2:87:69:a6:c3:dd:59:1b:a3:86:28:07:43:df:
82:6c:27:6d:a0:42:14:bc:96:8e:fd:90:4d:f1:72:
90:a7:8a:32:b4:99:66:59:d5:c7:19:96:55:81:ef:
4e:b6:af:06:03:25:b8:8e:31:a0:80:1a:2f:81:6d:
7f:8f:40:fa:ab:00:2b:80:00:04:0b:a3:0c:12:c9:
8e:4e:e8:cc:73:02:b2:2e:34:ab:69:65:b4:dc:2d:
f4:bc:35:86:d9:f4:28:c8:e9:38:cd:4e:9e:f9:8a:
ca:cb:c5:22:f4:30:9f:d7:e3:48:50:89:92:64:bf:
9e:31:59:5c:13:f6:48:a4:19:2d:59:94:11:4d:d9:
45:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:ED:1C:35:52:0C:10:18:9F:65:BA:A3:F9:F8:37:DF:6E:40:04:B5
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS213864.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc2::/32
2a09:54c4::-2a09:54c5:fff:ffff:ffff:ffff:ffff:ffff
2a0f:6280:2000::/36
2a0f:6282:9000::/36
2a0f:6283:9000::-2a0f:6283:afff:ffff:ffff:ffff:ffff:ffff
2a0f:6284:5000::/36
2a0f:6285::/32
Signature Algorithm: sha256WithRSAEncryption
30:d8:e4:46:f6:85:35:d9:12:6e:8c:ba:df:d4:60:81:68:bf:
fa:df:52:1b:74:f5:43:c5:24:b9:2a:46:84:bd:d0:cc:cd:d5:
f8:45:c2:80:07:c4:c0:18:40:c7:02:09:a9:00:2e:03:c5:a8:
3e:d8:3c:45:71:ac:d7:ad:7a:96:6e:3f:ad:db:3f:13:69:3b:
e4:ca:d7:56:1f:b8:b2:fc:ac:8d:fa:a1:b2:e7:a3:1c:fe:2b:
7d:78:92:39:0f:c3:1a:87:9d:96:4a:84:de:d3:aa:c0:95:d3:
f4:60:50:53:07:b3:c9:ad:bd:36:cb:d8:8d:04:41:f5:ed:42:
cb:71:57:2d:6c:af:f3:6d:56:90:d5:2b:49:6f:30:ec:d7:5f:
55:57:53:06:6e:dd:79:95:06:33:ca:34:a0:af:f9:02:b7:30:
fb:43:2f:94:87:8f:dc:ed:50:ec:51:61:ad:29:56:59:5e:6c:
36:07:2c:f8:e5:d0:ea:dc:1b:a5:08:41:f2:18:ce:d1:cd:3f:
88:f0:16:ed:e5:81:d6:7e:e9:42:4d:14:f1:cc:a7:7d:13:71:
53:bb:50:b3:40:6c:1a:f8:79:1e:a9:e6:c4:40:df:11:e7:05:
ed:66:4a:84:9c:32:8f:0c:95:15:c6:8d:b5:56:ad:e0:c4:32:
7d:7f:ad:1f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIUD1sWXH29gDOT+tCeolSKgwa9iIgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA2MTExNTIwNTBaFw0yNzA2MTAxNTI1NTBaMDMxMTAvBgNV
BAMTKDI5RUQxQzM1NTIwQzEwMTg5RjY1QkFBM0Y5RjgzN0RGNkU0MDA0QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl+KOhZrmlVhD0yzBUlNgaLYpv
E5fhet7UWt5aCZfyUtsDvJnu3M0NeTpdBFGhJBtVypnsDQYIeh6Y9tK+3+eojwKS
Nzha9W3Zekl/WPkRSWiQX9kJVI/kOO2KGy/8q6QqBRWQblmf3VZgNgHPe7IMBsyX
iZeCwhvih2mmw91ZG6OGKAdD34JsJ22gQhS8lo79kE3xcpCnijK0mWZZ1ccZllWB
7062rwYDJbiOMaCAGi+BbX+PQPqrACuAAAQLowwSyY5O6MxzArIuNKtpZbTcLfS8
NYbZ9CjI6TjNTp75isrLxSL0MJ/X40hQiZJkv54xWVwT9kikGS1ZlBFN2UW9AgMB
AAGjggIfMIICGzAdBgNVHQ4EFgQUKe0cNVIMEBifZbqj+fg3325ABLUwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTM4NjQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgACMEkDBQAq
Bd/CMA8DBQIqCVTEAwYEKglUxQADBgQqD2KAIAMGBCoPYoKQMBADBgQqD2KDkAMG
BCoPYoOgAwYEKg9ihFADBQAqD2KFMA0GCSqGSIb3DQEBCwUAA4IBAQAw2ORG9oU1
2RJujLrf1GCBaL/631IbdPVDxSS5KkaEvdDMzdX4RcKAB8TAGEDHAgmpAC4Dxag+
2DxFcazXrXqWbj+t2z8TaTvkytdWH7iy/KyN+qGy56Mc/it9eJI5D8Mah52WSoTe
06rAldP0YFBTB7PJrb02y9iNBEH17ULLcVctbK/zbVaQ1StJbzDs119VV1MGbt15
lQYzyjSgr/kCtzD7Qy+Uh4/c7VDsUWGtKVZZXmw2Byz45dDq3BulCEHyGM7RzT+I
8Bbt5YHWfulCTRTxzKd9E3FTu1CzQGwa+HkeqebEQN8R5wXtZkqEnDKPDJUVxo21
Vq3gxDJ9f60f
-----END CERTIFICATE-----
Generated at Wed Jun 17 08:24:41 2026 by rpki-client