Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS47272.roa
File: AS47272.roa (raw, json)
Hash identifier: BgzpTS7Vw0WDIp589yOaa2buw8dM3iszGhQho7i0B5A=
Subject key identifier: A6:61:F6:D0:97:2D:83:FB:DC:F5:A2:7C:2F:03:9F:35:B3:52:14:4A
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 114DC145FC455BBDCE9287B075388C94445AB5DD
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
Signing time: Sun 22 Feb 2026 08:00:21 +0000
ROA not before: Sun 22 Feb 2026 07:55:21 +0000
ROA not after: Sun 21 Feb 2027 08:00:21 +0000
asID: 47272
IP address blocks: 199.47.240.0/24 maxlen: 32
2a05:dfc3:fd24::/48 maxlen: 48
2a06:1281:40::/44 maxlen: 44
2a06:1281:1000::/36 maxlen: 36
2a09:54c6::/36 maxlen: 36
2a0f:6280:a::/48 maxlen: 128
2a0f:6280:10::/48 maxlen: 128
2a0f:6280:11::/48 maxlen: 128
2a0f:6280:12::/48 maxlen: 128
2a0f:6280:13::/48 maxlen: 128
2a0f:6280:14::/48 maxlen: 48
2a0f:6280:15::/48 maxlen: 128
2a0f:6280:16::/48 maxlen: 128
2a0f:6280:17::/48 maxlen: 128
2a0f:6280:18::/48 maxlen: 128
2a0f:6280:1a::/48 maxlen: 128
2a0f:6280:1b::/48 maxlen: 128
2a0f:6280:1c::/48 maxlen: 48
2a0f:6280:1d::/48 maxlen: 128
2a0f:6280:1f::/48 maxlen: 128
2a0f:6283:1130::/44 maxlen: 44
2a0f:6283:1140::/44 maxlen: 44
2a0f:6283:1150::/44 maxlen: 44
2a0f:6284:20::/44 maxlen: 44
2a0f:6284:4700::/40 maxlen: 40
2a0f:6284:9000::/36 maxlen: 36
2a0f:6287:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:20:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:4d:c1:45:fc:45:5b:bd:ce:92:87:b0:75:38:8c:94:44:5a:b5:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Feb 22 07:55:21 2026 GMT
Not After : Feb 21 08:00:21 2027 GMT
Subject: CN=A661F6D0972D83FBDCF5A27C2F039F35B352144A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:16:50:26:09:26:d7:e9:0d:83:c0:4c:e3:48:
21:bf:4b:f7:ec:f0:c0:08:c7:25:20:e8:53:85:f6:
79:a0:7e:5d:fb:7f:24:50:28:7e:b2:bf:00:52:fd:
6c:71:99:79:25:38:e5:0f:09:1c:23:f6:ce:8b:e5:
61:84:80:f3:38:6e:bc:4b:7a:f8:9d:3d:e4:1c:16:
23:05:39:1f:1e:d1:2b:7e:6f:6c:68:70:29:d3:16:
96:f4:19:79:af:64:73:0d:29:17:f4:1c:6c:79:e5:
b2:1b:22:51:7b:be:a9:81:f0:cf:29:2c:2c:81:bd:
74:e4:20:7c:d8:a4:3e:cb:51:01:21:c0:a0:ec:05:
27:ed:0e:db:b9:27:b6:1a:a6:0a:f8:db:85:bc:fb:
26:00:2f:7b:6b:35:18:4d:16:42:cb:3f:2c:4b:f0:
62:04:f5:dd:21:4a:b6:0b:e6:79:8c:ab:30:ed:6a:
f4:40:57:27:d3:b2:a7:36:98:e4:37:dc:4b:04:3a:
0b:37:cd:b3:c0:72:e7:c0:22:99:44:b7:1c:c5:96:
de:68:f0:42:3a:a8:45:84:c4:d4:46:6e:5e:04:0a:
e9:8b:1c:be:17:fc:cd:39:92:0d:2c:6c:ce:42:04:
0d:b9:01:01:b0:41:b9:df:42:c0:8f:ea:b4:d4:dd:
93:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:61:F6:D0:97:2D:83:FB:DC:F5:A2:7C:2F:03:9F:35:B3:52:14:4A
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.47.240.0/24
IPv6:
2a05:dfc3:fd24::/48
2a06:1281:40::/44
2a06:1281:1000::/36
2a09:54c6::/36
2a0f:6280:a::/48
2a0f:6280:10::-2a0f:6280:18:ffff:ffff:ffff:ffff:ffff
2a0f:6280:1a::-2a0f:6280:1d:ffff:ffff:ffff:ffff:ffff
2a0f:6280:1f::/48
2a0f:6283:1130::-2a0f:6283:115f:ffff:ffff:ffff:ffff:ffff
2a0f:6284:20::/44
2a0f:6284:4700::/40
2a0f:6284:9000::/36
2a0f:6287:1000::/36
Signature Algorithm: sha256WithRSAEncryption
36:c6:16:87:31:26:55:75:09:41:b7:2f:4a:92:3f:b3:56:1c:
82:b2:d7:fe:b7:a8:6e:6f:bf:8b:3a:10:d3:f9:23:2d:85:87:
0a:22:8d:41:52:45:dd:70:6f:7b:ff:9a:5f:2a:00:27:e2:07:
1c:32:20:1c:ec:69:e7:e4:78:1c:d4:89:64:c7:54:56:c4:92:
cb:5b:55:34:58:fe:69:90:4f:df:0c:77:0e:4e:11:a6:eb:5a:
ea:63:a1:2e:89:bc:c7:7a:99:92:bb:f5:bc:4b:55:ac:e1:45:
21:67:e1:b1:c7:0e:db:6b:53:4f:02:14:1d:57:24:1f:02:85:
58:cc:4c:09:c1:78:bc:0c:ea:15:5e:0f:62:78:f1:7f:29:89:
33:e1:00:fd:a4:9b:c2:6e:79:0b:98:90:d1:34:0d:ad:a6:c2:
03:10:65:68:55:b6:09:73:30:05:97:58:c0:28:96:e2:dd:63:
3c:b9:8d:bf:b7:bf:59:e5:4c:4e:6a:bf:47:09:85:95:06:9f:
e8:9c:0b:a8:93:72:b9:69:7a:3b:18:e1:f4:55:cd:0f:bb:4e:
b5:9f:1b:42:b3:47:07:0d:17:7a:04:d4:a4:41:11:f8:c5:e8:
9f:44:da:78:e8:a3:79:db:92:b1:f3:e2:a2:cd:77:73:a9:f4:
0c:be:00:bc
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIUEU3BRfxFW73OkoewdTiMlERatd0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjAyMjIwNzU1MjFaFw0yNzAyMjEwODAwMjFaMDMxMTAvBgNV
BAMTKEE2NjFGNkQwOTcyRDgzRkJEQ0Y1QTI3QzJGMDM5RjM1QjM1MjE0NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgFlAmCSbX6Q2DwEzjSCG/S/fs
8MAIxyUg6FOF9nmgfl37fyRQKH6yvwBS/WxxmXklOOUPCRwj9s6L5WGEgPM4brxL
evidPeQcFiMFOR8e0St+b2xocCnTFpb0GXmvZHMNKRf0HGx55bIbIlF7vqmB8M8p
LCyBvXTkIHzYpD7LUQEhwKDsBSftDtu5J7Yapgr424W8+yYAL3trNRhNFkLLPyxL
8GIE9d0hSrYL5nmMqzDtavRAVyfTsqc2mOQ33EsEOgs3zbPAcufAIplEtxzFlt5o
8EI6qEWExNRGbl4ECumLHL4X/M05kg0sbM5CBA25AQGwQbnfQsCP6rTU3ZO5AgMB
AAGjggJ5MIICdTAdBgNVHQ4EFgQUpmH20Jctg/vc9aJ8LwOfNbNSFEowHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM0NzI3Mi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjCBvAYIKwYBBQUHAQcBAf8EgawwgakwDAQCAAEwBgME
AMcv8DCBmAQCAAIwgZEDBwAqBd/D/SQDBwQqBhKBAEADBgQqBhKBEAMGBCoJVMYA
AwcAKg9igAAKMBIDBwQqD2KAABADBwAqD2KAABgwEgMHASoPYoAAGgMHASoPYoAA
HAMHACoPYoAAHzASAwcEKg9igxEwAwcFKg9igxFAAwcEKg9ihAAgAwYAKg9ihEcD
BgQqD2KEkAMGBCoPYocQMA0GCSqGSIb3DQEBCwUAA4IBAQA2xhaHMSZVdQlBty9K
kj+zVhyCstf+t6hub7+LOhDT+SMthYcKIo1BUkXdcG97/5pfKgAn4gccMiAc7Gnn
5Hgc1Ilkx1RWxJLLW1U0WP5pkE/fDHcOThGm61rqY6EuibzHepmSu/W8S1Ws4UUh
Z+Gxxw7ba1NPAhQdVyQfAoVYzEwJwXi8DOoVXg9iePF/KYkz4QD9pJvCbnkLmJDR
NA2tpsIDEGVoVbYJczAFl1jAKJbi3WM8uY2/t79Z5UxOar9HCYWVBp/onAuok3K5
aXo7GOH0Vc0Pu061nxtCs0cHDRd6BNSkQRH4xeifRNp46KN525Kx8+KizXdzqfQM
vgC8
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:12:44 2026 by rpki-client