$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS214757.roa File: AS214757.roa (raw, json) Hash identifier: 5WoCJ4nhOIU2PeMcvV0+Uo2ns8OFNYn1/RRusOHVva8= Subject key identifier: D0:40:E4:61:30:30:1D:5C:84:0E:B3:8C:5A:A1:BA:66:2E:68:C7:A5 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 2B70D453B7E6B431478D16EF88992A090119F042 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS214757.roa Signing time: Tue 09 Jun 2026 10:42:08 +0000 ROA not before: Tue 09 Jun 2026 10:37:08 +0000 ROA not after: Tue 08 Jun 2027 10:42:08 +0000 asID: 214757 IP address blocks: 2a05:dfc3:f800::/40 maxlen: 48 2a0a:6044:a100::/40 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Jun 2026 17:55:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:70:d4:53:b7:e6:b4:31:47:8d:16:ef:88:99:2a:09:01:19:f0:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Jun 9 10:37:08 2026 GMT Not After : Jun 8 10:42:08 2027 GMT Subject: CN=D040E46130301D5C840EB38C5AA1BA662E68C7A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:0d:12:3f:2f:45:92:f3:6f:28:1a:3e:d7:0e: 6e:42:8e:6c:cb:1f:1e:ed:24:64:d8:d3:db:8a:ab: 6c:96:ff:09:4a:61:3d:09:01:a8:ce:10:6b:aa:7c: 3a:04:94:25:91:c3:da:2b:df:ba:e5:fb:51:a0:7c: cc:d5:1c:ba:5e:9a:55:93:da:cb:c4:71:91:1f:12: fe:db:bd:21:5d:b5:e4:f8:28:91:b9:ab:02:b4:05: f1:75:58:e0:90:10:4a:0c:4b:ad:01:4c:0d:ba:91: bb:eb:ed:21:60:5d:27:68:68:b3:4a:55:e6:ad:bc: 33:8e:c5:0b:7c:43:9f:7f:01:12:c6:b4:fa:03:07: 76:7f:37:d0:cc:ac:81:31:fa:5e:b9:b2:40:37:63: da:5f:6f:93:13:c3:00:19:9e:2e:3f:5e:48:20:48: 54:61:0f:f5:78:d7:8e:a6:be:d6:64:df:64:88:14: ee:37:87:31:bb:c3:04:b1:a0:fe:7d:5f:7a:cb:8f: a4:1b:c9:18:f4:70:cf:57:5e:93:12:af:40:16:1e: 7c:59:e8:bf:6c:0d:97:ea:c4:68:6e:2e:7f:7f:94: 9f:f1:93:db:5a:bb:1d:42:5c:43:95:a4:ed:be:da: b9:a2:43:2f:c7:28:53:ff:8b:b3:de:6c:af:4d:0b: 4b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:40:E4:61:30:30:1D:5C:84:0E:B3:8C:5A:A1:BA:66:2E:68:C7:A5 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS214757.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f800::/40 2a0a:6044:a100::/40 Signature Algorithm: sha256WithRSAEncryption 0a:23:87:ff:c7:51:0e:63:3c:f7:d0:bc:f1:dc:42:e8:22:f0: 82:a2:49:32:d4:2e:36:65:fc:09:98:60:3c:63:47:2e:90:3f: f5:f3:f5:42:d3:59:f1:db:f0:6a:38:94:fa:c4:08:1c:6b:db: f2:4b:06:a1:68:80:bf:f5:c9:f1:52:00:35:03:ed:3c:e4:94: c5:df:1d:37:f4:42:90:e7:26:18:2b:a5:b0:4d:83:77:d7:32: e2:5c:f4:c9:b6:0b:fa:08:56:19:02:76:1b:81:f4:81:2b:42: 0a:3d:2f:d4:55:4b:21:b4:c6:ab:7c:cf:65:de:95:05:36:d0: ef:be:26:4e:cf:d5:5c:af:3e:06:fa:36:1d:21:90:36:ad:ef: 21:1b:1d:bb:29:3d:dc:ec:b6:4a:8a:43:ef:06:b9:5b:c4:30: 5b:90:be:d4:07:a4:be:6f:0b:6f:8a:cf:02:63:ed:e5:a8:40: 73:40:20:95:c8:e3:a6:78:15:d7:f8:7c:e4:5c:0b:49:4b:17: a3:ad:28:31:8d:27:d9:5b:ca:b0:6b:59:df:26:71:4b:d4:0a: 5a:fc:00:12:b1:81:e2:5b:f7:97:4a:fe:34:cc:85:e5:bc:8f: 0a:88:18:77:78:db:a4:2c:c2:43:b6:b0:71:59:a1:dc:b1:87: 34:94:9f:fa -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUK3DUU7fmtDFHjRbviJkqCQEZ8EIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNjA2MDkxMDM3MDhaFw0yNzA2MDgxMDQyMDhaMDMxMTAvBgNV BAMTKEQwNDBFNDYxMzAzMDFENUM4NDBFQjM4QzVBQTFCQTY2MkU2OEM3QTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3DRI/L0WS828oGj7XDm5CjmzL Hx7tJGTY09uKq2yW/wlKYT0JAajOEGuqfDoElCWRw9or37rl+1GgfMzVHLpemlWT 2svEcZEfEv7bvSFdteT4KJG5qwK0BfF1WOCQEEoMS60BTA26kbvr7SFgXSdoaLNK VeatvDOOxQt8Q59/ARLGtPoDB3Z/N9DMrIEx+l65skA3Y9pfb5MTwwAZni4/Xkgg SFRhD/V4146mvtZk32SIFO43hzG7wwSxoP59X3rLj6QbyRj0cM9XXpMSr0AWHnxZ 6L9sDZfqxGhuLn9/lJ/xk9taux1CXEOVpO2+2rmiQy/HKFP/i7PebK9NC0uPAgMB AAGjggHmMIIB4jAdBgNVHQ4EFgQU0EDkYTAwHVyEDrOMWqG6Zi5ox6UwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTQ3NTcucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwKQYIKwYBBQUHAQcBAf8EGjAYMBYEAgACMBADBgAq Bd/D+AMGACoKYEShMA0GCSqGSIb3DQEBCwUAA4IBAQAKI4f/x1EOYzz30Lzx3ELo IvCCokky1C42ZfwJmGA8Y0cukD/18/VC01nx2/BqOJT6xAgca9vySwahaIC/9cnx UgA1A+085JTF3x039EKQ5yYYK6WwTYN31zLiXPTJtgv6CFYZAnYbgfSBK0IKPS/U VUshtMarfM9l3pUFNtDvviZOz9Vcrz4G+jYdIZA2re8hGx27KT3c7LZKikPvBrlb xDBbkL7UB6S+bwtvis8CY+3lqEBzQCCVyOOmeBXX+HzkXAtJSxejrSgxjSfZW8qw a1nfJnFL1Apa/AASsYHiW/eXSv40zIXlvI8KiBh3eNukLMJDtrBxWaHcsYc0lJ/6 -----END CERTIFICATE-----Generated at Sat Jun 13 09:10:27 2026 by rpki-client