Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS47272.roa
File: AS47272.roa (raw, json)
Hash identifier: TdrfxGTLN51uiLIe9FTeof01eO7DmQPx3GGoz2/QHhw=
Subject key identifier: 0F:1A:66:D9:70:7B:75:36:7E:44:CF:3E:7D:41:41:43:C6:9A:A4:53
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 6443EE5D99AA6AAD3A2764F7AAD2DEE468312665
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
Signing time: Fri 12 Jun 2026 16:52:32 +0000
ROA not before: Fri 12 Jun 2026 16:47:32 +0000
ROA not after: Fri 11 Jun 2027 16:52:32 +0000
asID: 47272
IP address blocks: 199.47.240.0/24 maxlen: 32
2a06:1281:40::/44 maxlen: 44
2a06:1281:1000::/36 maxlen: 36
2a0f:6280:a::/48 maxlen: 128
2a0f:6280:13::/48 maxlen: 128
2a0f:6280:15::/48 maxlen: 128
2a0f:6280:18::/48 maxlen: 128
2a0f:6280:1d::/48 maxlen: 128
2a0f:6280:1f::/48 maxlen: 128
2a0f:6283:1130::/44 maxlen: 44
2a0f:6283:1140::/44 maxlen: 44
2a0f:6283:1150::/44 maxlen: 44
2a0f:6284:20::/44 maxlen: 44
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 07:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:43:ee:5d:99:aa:6a:ad:3a:27:64:f7:aa:d2:de:e4:68:31:26:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Jun 12 16:47:32 2026 GMT
Not After : Jun 11 16:52:32 2027 GMT
Subject: CN=0F1A66D9707B75367E44CF3E7D414143C69AA453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c6:a1:27:d7:dc:1d:78:a4:65:80:57:1f:1b:
b3:eb:af:53:89:2b:91:ad:f9:4c:c9:6f:ce:9c:29:
fb:17:b5:bf:86:63:ce:a0:50:ef:53:2d:12:9e:20:
52:71:20:c7:3c:15:0b:b8:d8:a6:ca:71:ce:da:f2:
ab:7a:02:63:f4:80:48:64:18:94:34:af:7d:15:a3:
6a:72:d8:3f:68:c0:48:2f:1b:55:e7:4d:41:38:d6:
58:81:7f:4c:dd:31:79:05:ce:a2:12:ab:25:1a:8f:
23:f9:d0:10:54:0f:49:f6:f0:e2:97:ff:1a:5b:c1:
cf:cc:29:e6:1b:8e:cd:e2:e0:02:c1:45:d0:a3:3f:
0a:28:2c:81:e1:87:16:39:9d:87:de:c0:5c:ca:a4:
d3:a4:b9:09:83:a8:12:5b:6f:3b:da:a4:68:8d:b5:
ba:8a:7f:57:dc:ff:1c:4b:e2:49:8d:04:66:58:3d:
65:2a:9b:0f:27:67:86:28:0f:4d:38:ab:8b:91:ed:
3c:71:97:48:d3:46:1d:fb:68:e5:bd:1b:91:2d:6a:
ea:75:87:00:33:34:62:f7:db:59:64:85:cc:f6:c9:
9f:f8:e2:12:ce:ac:ab:c1:e5:c3:fa:cb:87:4e:6e:
19:86:7d:e5:2e:5d:ff:93:5b:c0:cf:eb:2c:69:9a:
5d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:1A:66:D9:70:7B:75:36:7E:44:CF:3E:7D:41:41:43:C6:9A:A4:53
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.47.240.0/24
IPv6:
2a06:1281:40::/44
2a06:1281:1000::/36
2a0f:6280:a::/48
2a0f:6280:13::/48
2a0f:6280:15::/48
2a0f:6280:18::/48
2a0f:6280:1d::/48
2a0f:6280:1f::/48
2a0f:6283:1130::-2a0f:6283:115f:ffff:ffff:ffff:ffff:ffff
2a0f:6284:20::/44
Signature Algorithm: sha256WithRSAEncryption
54:f6:66:33:72:e2:22:75:4e:30:b4:f6:81:81:76:ed:32:7d:
52:c0:14:a5:12:29:4c:cf:52:62:65:d9:db:99:e8:da:1b:85:
74:ff:de:db:1a:4b:1e:8c:6b:c4:19:d4:ec:74:8e:33:4a:cc:
30:93:64:06:69:fc:1a:61:64:eb:ae:97:24:02:ab:da:1e:60:
a2:fc:71:48:89:73:71:fa:49:23:fc:10:b9:78:6d:35:c9:7a:
69:78:f7:ac:04:f3:72:75:b5:d7:88:8a:17:51:f0:1f:32:2a:
ac:b1:e0:1a:83:dc:7e:f2:6d:eb:3b:d2:17:f8:0b:10:67:14:
da:7d:91:b0:3e:e5:82:7d:36:9e:8f:7a:08:74:75:a0:9c:d5:
14:8d:38:7b:53:f3:e4:1b:40:84:d7:6f:a8:57:6b:72:82:06:
9e:2b:74:5b:2e:36:ce:97:7d:33:7c:db:cf:03:6a:b5:4c:a5:
6f:ef:8e:b6:e2:27:2a:0a:7a:51:17:8d:72:79:6b:1b:22:fc:
ba:d3:af:dc:f2:2f:4a:81:79:10:13:e2:e1:0c:2e:2e:1c:5a:
3e:13:00:f0:3c:94:cd:90:77:ab:8e:87:1c:e8:de:25:3e:20:
48:63:bf:76:cd:1e:cf:a8:12:eb:46:e3:77:38:08:d7:70:30:
24:16:3c:9e
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUZEPuXZmqaq06J2T3qtLe5GgxJmUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA2MTIxNjQ3MzJaFw0yNzA2MTExNjUyMzJaMDMxMTAvBgNV
BAMTKDBGMUE2NkQ5NzA3Qjc1MzY3RTQ0Q0YzRTdENDE0MTQzQzY5QUE0NTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3xqEn19wdeKRlgFcfG7Prr1OJ
K5Gt+UzJb86cKfsXtb+GY86gUO9TLRKeIFJxIMc8FQu42KbKcc7a8qt6AmP0gEhk
GJQ0r30Vo2py2D9owEgvG1XnTUE41liBf0zdMXkFzqISqyUajyP50BBUD0n28OKX
/xpbwc/MKeYbjs3i4ALBRdCjPwooLIHhhxY5nYfewFzKpNOkuQmDqBJbbzvapGiN
tbqKf1fc/xxL4kmNBGZYPWUqmw8nZ4YoD004q4uR7Txxl0jTRh37aOW9G5Etaup1
hwAzNGL321lkhcz2yZ/44hLOrKvB5cP6y4dObhmGfeUuXf+TW8DP6yxpml0FAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUDxpm2XB7dTZ+RM8+fUFBQ8aapFMwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM0NzI3Mi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjCBiwYIKwYBBQUHAQcBAf8EfDB6MAwEAgABMAYDBADH
L/AwagQCAAIwZAMHBCoGEoEAQAMGBCoGEoEQAwcAKg9igAAKAwcAKg9igAATAwcA
Kg9igAAVAwcAKg9igAAYAwcAKg9igAAdAwcAKg9igAAfMBIDBwQqD2KDETADBwUq
D2KDEUADBwQqD2KEACAwDQYJKoZIhvcNAQELBQADggEBAFT2ZjNy4iJ1TjC09oGB
du0yfVLAFKUSKUzPUmJl2duZ6NobhXT/3tsaSx6Ma8QZ1Ox0jjNKzDCTZAZp/Bph
ZOuulyQCq9oeYKL8cUiJc3H6SSP8ELl4bTXJeml496wE83J1tdeIihdR8B8yKqyx
4BqD3H7ybes70hf4CxBnFNp9kbA+5YJ9Np6Pegh0daCc1RSNOHtT8+QbQITXb6hX
a3KCBp4rdFsuNs6XfTN8288DarVMpW/vjrbiJyoKelEXjXJ5axsi/LrTr9zyL0qB
eRAT4uEMLi4cWj4TAPA8lM2Qd6uOhxzo3iU+IEhjv3bNHs+oEutG43c4CNdwMCQW
PJ4=
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:32:44 2026 by rpki-client