$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS31898.roa File: AS31898.roa (raw, json) Hash identifier: YbLilnzSw3WOl5DEl56kGhHsfn2kbpxq19vnmjcZXPE= Subject key identifier: F8:E6:ED:2D:8E:2A:B8:F8:8E:5D:00:A2:C3:A9:82:F2:24:50:C4:77 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 7F3D1C92232CB6C004D03F28FE4DE86C3068F01B Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS31898.roa Signing time: Wed 22 Oct 2025 11:15:26 +0000 ROA not before: Wed 22 Oct 2025 11:10:26 +0000 ROA not after: Wed 21 Oct 2026 11:15:26 +0000 asID: 31898 IP address blocks: 2a05:dfc3:f6ce::/48 maxlen: 48 2a05:dfc3:f760::/44 maxlen: 48 2a0a:6044:6d00::/48 maxlen: 48 2a0f:6284:4c10::/44 maxlen: 48 2a0f:6284:4c20::/44 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 16:43:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:3d:1c:92:23:2c:b6:c0:04:d0:3f:28:fe:4d:e8:6c:30:68:f0:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Oct 22 11:10:26 2025 GMT Not After : Oct 21 11:15:26 2026 GMT Subject: CN=F8E6ED2D8E2AB8F88E5D00A2C3A982F22450C477 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:04:f4:15:20:6c:fb:7c:b2:1c:04:9f:fe:05: 71:6a:4f:34:e4:cc:ab:0e:5d:86:64:a1:40:47:e0: 5d:35:dc:aa:24:55:fd:b9:95:36:12:3b:63:d3:c8: d4:c8:e7:15:6c:fc:30:6f:19:5b:57:fa:99:ed:1e: 27:34:77:ee:cb:6c:07:38:68:b2:07:96:a5:f4:0c: 09:0d:64:8e:4d:b0:f8:ff:02:83:46:81:6f:19:09: ab:c0:d3:c7:04:a5:bb:af:4a:a7:c6:8f:c3:6f:b4: 93:29:70:16:0b:4d:fc:dd:d0:37:50:ca:b5:7f:0e: 52:35:f9:93:25:50:2c:c4:6e:92:c8:d2:a0:c2:d5: 0d:61:88:f8:07:e2:9b:b9:e6:b0:fe:7e:c8:86:5e: e5:d6:17:52:8f:1b:90:05:f3:25:19:47:ff:e5:49: 1d:ba:4c:7f:42:82:4a:73:65:48:4e:1f:f3:d0:fb: ea:7a:14:c7:01:aa:1a:4f:99:3c:51:09:cd:f9:28: d3:36:5d:4f:25:7b:ae:a0:a0:c4:85:97:b3:e8:d6: 1f:cc:ff:f7:ee:e7:fa:b3:e7:40:4f:9c:59:2d:a5: 01:70:21:4a:37:2e:5d:e0:44:45:f9:aa:6f:e9:b9: 7a:f2:42:c8:80:d5:89:c6:0e:cf:76:f0:fd:be:eb: fa:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:E6:ED:2D:8E:2A:B8:F8:8E:5D:00:A2:C3:A9:82:F2:24:50:C4:77 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS31898.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f6ce::/48 2a05:dfc3:f760::/44 2a0a:6044:6d00::/48 2a0f:6284:4c10::-2a0f:6284:4c2f:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 77:f7:ce:10:9c:5c:1e:fc:1b:39:ae:af:f2:2a:b2:ef:1f:51: 18:0d:e4:70:52:5b:ba:9f:af:db:c7:c9:47:98:6b:8d:20:df: d5:4f:11:e3:c9:52:ca:ed:66:85:04:ec:a5:48:5d:97:da:f2: f7:33:40:7d:53:1b:cd:ef:5c:3f:e6:eb:c5:09:44:4d:39:d4: f4:c8:65:08:44:4a:87:9b:8d:0f:bb:13:bb:84:9b:07:74:05: 47:30:67:e7:d2:04:a0:fb:b4:38:d6:c9:f9:60:2c:77:4c:b3: 37:01:a3:47:26:2b:e2:64:1a:e7:51:4d:76:2b:9e:e0:f1:ab: 98:f6:f6:6e:86:0d:ad:01:b4:a5:e9:0d:37:a3:ff:ec:10:69: df:a2:60:5f:eb:0a:fb:86:33:be:ef:c7:3a:c8:4e:09:01:cf: dc:e1:4b:0f:6c:92:78:d7:b5:15:91:ee:32:16:42:ed:f9:e0: e4:d5:d4:5d:1c:84:26:f7:81:91:54:11:b9:66:ca:b9:f0:a6: b3:6d:e8:c2:a0:00:30:9d:02:aa:45:4f:4c:fe:17:ba:d4:c3: 2d:7f:96:63:fc:7f:b2:b4:ab:8c:38:2a:c5:58:40:16:fd:4d: 4b:4b:9d:32:52:84:f4:71:e6:07:ce:3d:75:48:af:4f:f8:89: 0a:d0:e8:29 -----BEGIN CERTIFICATE----- MIIE+jCCA+KgAwIBAgIUfz0ckiMstsAE0D8o/k3obDBo8BswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTEwMjIxMTEwMjZaFw0yNjEwMjExMTE1MjZaMDMxMTAvBgNV BAMTKEY4RTZFRDJEOEUyQUI4Rjg4RTVEMDBBMkMzQTk4MkYyMjQ1MEM0NzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7BPQVIGz7fLIcBJ/+BXFqTzTk zKsOXYZkoUBH4F013KokVf25lTYSO2PTyNTI5xVs/DBvGVtX+pntHic0d+7LbAc4 aLIHlqX0DAkNZI5NsPj/AoNGgW8ZCavA08cEpbuvSqfGj8NvtJMpcBYLTfzd0DdQ yrV/DlI1+ZMlUCzEbpLI0qDC1Q1hiPgH4pu55rD+fsiGXuXWF1KPG5AF8yUZR//l SR26TH9CgkpzZUhOH/PQ++p6FMcBqhpPmTxRCc35KNM2XU8le66goMSFl7Po1h/M //fu5/qz50BPnFktpQFwIUo3Ll3gREX5qm/puXryQsiA1YnGDs928P2+6/pvAgMB AAGjggIEMIICADAdBgNVHQ4EFgQU+ObtLY4quPiOXQCiw6mC8iRQxHcwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMzMTg5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjBIBggrBgEFBQcBBwEB/wQ5MDcwNQQCAAIwLwMHACoF 38P2zgMHBCoF38P3YAMHACoKYERtADASAwcEKg9ihEwQAwcEKg9ihEwgMA0GCSqG SIb3DQEBCwUAA4IBAQB3984QnFwe/Bs5rq/yKrLvH1EYDeRwUlu6n6/bx8lHmGuN IN/VTxHjyVLK7WaFBOylSF2X2vL3M0B9UxvN71w/5uvFCURNOdT0yGUIREqHm40P uxO7hJsHdAVHMGfn0gSg+7Q41sn5YCx3TLM3AaNHJiviZBrnUU12K57g8auY9vZu hg2tAbSl6Q03o//sEGnfomBf6wr7hjO+78c6yE4JAc/c4UsPbJJ417UVke4yFkLt +eDk1dRdHIQm94GRVBG5Zsq58KazbejCoAAwnQKqRU9M/he61MMtf5Zj/H+ytKuM OCrFWEAW/U1LS50yUoT0ceYHzj11SK9P+IkK0Ogp -----END CERTIFICATE-----Generated at Wed Nov 5 08:31:42 2025 by rpki-client