Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS47272.roa
File: AS47272.roa (raw, json)
Hash identifier: 1IpGm/TItn9F+gfDLh34wyy/1wwivjbykR0Q7/sDgpo=
Subject key identifier: 1D:33:F6:F4:F4:C7:B5:93:C6:4D:D3:90:75:EF:32:4C:3E:FE:63:A5
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 1B4CD36F6FE1E82ED3BBB9E62226DAC5570D0C36
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
Signing time: Tue 31 Mar 2026 10:39:29 +0000
ROA not before: Tue 31 Mar 2026 10:34:29 +0000
ROA not after: Tue 30 Mar 2027 10:39:29 +0000
asID: 47272
IP address blocks: 199.47.240.0/24 maxlen: 32
2a06:1281:40::/44 maxlen: 44
2a06:1281:1000::/36 maxlen: 36
2a0f:6280:a::/48 maxlen: 128
2a0f:6280:10::/48 maxlen: 128
2a0f:6280:11::/48 maxlen: 128
2a0f:6280:12::/48 maxlen: 128
2a0f:6280:13::/48 maxlen: 128
2a0f:6280:14::/48 maxlen: 48
2a0f:6280:15::/48 maxlen: 128
2a0f:6280:16::/48 maxlen: 128
2a0f:6280:17::/48 maxlen: 128
2a0f:6280:18::/48 maxlen: 128
2a0f:6280:1a::/48 maxlen: 128
2a0f:6280:1b::/48 maxlen: 128
2a0f:6280:1c::/48 maxlen: 48
2a0f:6280:1d::/48 maxlen: 128
2a0f:6280:1f::/48 maxlen: 128
2a0f:6283:1130::/44 maxlen: 44
2a0f:6283:1140::/44 maxlen: 44
2a0f:6283:1150::/44 maxlen: 44
2a0f:6284:20::/44 maxlen: 44
2a0f:6284:4700::/40 maxlen: 40
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 13:35:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:4c:d3:6f:6f:e1:e8:2e:d3:bb:b9:e6:22:26:da:c5:57:0d:0c:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Mar 31 10:34:29 2026 GMT
Not After : Mar 30 10:39:29 2027 GMT
Subject: CN=1D33F6F4F4C7B593C64DD39075EF324C3EFE63A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:be:73:79:5d:dc:3f:6e:5c:79:15:f2:10:ce:
d0:bc:9c:2d:24:ae:81:db:2e:9e:04:33:44:30:79:
97:2c:bd:d7:fc:a5:9b:77:8c:56:25:93:06:cc:3b:
2a:73:72:c9:c5:e9:65:8e:75:fe:95:38:a4:f4:01:
b7:30:12:3f:1c:dd:0b:45:c4:6c:3d:86:e4:c2:f0:
8e:11:0a:85:aa:90:b3:be:76:a9:88:7b:98:c7:e6:
68:73:b7:6c:5f:66:8e:8b:48:74:3e:a9:ae:21:72:
68:ce:be:97:a2:c1:22:7e:27:4d:6e:da:db:cd:e5:
a0:e8:d7:40:e3:13:24:9f:0d:30:8a:82:da:f0:d7:
50:4b:90:c2:30:e7:47:f3:0d:e5:ab:fa:9c:86:28:
8c:d3:6a:e0:b4:1b:dd:c2:de:73:9e:a1:ec:35:b4:
1b:b5:37:3b:5e:9f:43:75:4c:c6:00:92:2f:4a:ce:
b6:2a:22:1a:07:8b:5d:d0:de:aa:7a:83:cc:1e:67:
7d:93:3d:fa:2a:5d:59:ee:f8:fc:ce:2a:b1:c8:34:
05:34:e3:82:af:02:62:40:d6:ff:6f:d2:a6:ef:83:
9e:f8:49:d0:c4:e3:fb:b3:d4:f6:49:d8:55:aa:1d:
cc:cd:db:9f:22:eb:ad:be:57:61:6b:b9:4c:33:fe:
da:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:33:F6:F4:F4:C7:B5:93:C6:4D:D3:90:75:EF:32:4C:3E:FE:63:A5
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.47.240.0/24
IPv6:
2a06:1281:40::/44
2a06:1281:1000::/36
2a0f:6280:a::/48
2a0f:6280:10::-2a0f:6280:18:ffff:ffff:ffff:ffff:ffff
2a0f:6280:1a::-2a0f:6280:1d:ffff:ffff:ffff:ffff:ffff
2a0f:6280:1f::/48
2a0f:6283:1130::-2a0f:6283:115f:ffff:ffff:ffff:ffff:ffff
2a0f:6284:20::/44
2a0f:6284:4700::/40
Signature Algorithm: sha256WithRSAEncryption
8e:37:f0:bb:01:99:8b:da:24:b0:1a:11:0f:e1:1a:4a:06:7b:
03:a3:d8:00:a7:97:e5:2a:86:ef:d6:c0:ca:37:27:14:d7:36:
ed:db:1e:3d:51:b2:b2:a5:2d:ff:e4:7a:5f:38:9c:b1:d0:39:
b6:96:12:1c:a0:a1:0c:b2:06:ce:68:2d:ab:83:6b:66:c9:e0:
71:ef:8d:33:dc:93:76:c7:3b:c7:75:14:0f:de:e6:a7:ef:27:
fd:24:bb:5c:7d:c0:8f:99:66:c6:5d:7b:18:5e:74:d5:ca:e4:
57:2b:83:8c:0d:ba:86:94:95:fb:de:52:bf:e0:0f:a9:43:16:
7b:1a:33:14:f9:93:36:9b:27:34:2f:35:51:87:08:1a:86:73:
66:33:a6:02:57:ad:de:74:38:08:32:86:1b:af:92:12:9d:9f:
96:7f:5d:52:5d:7e:0b:56:0d:36:fa:ac:a4:d6:5e:c2:0d:7c:
43:af:20:59:58:d3:72:59:2e:0e:33:16:19:20:10:f9:4d:e1:
0b:02:1f:68:e0:32:20:a0:61:61:50:e3:93:b8:3a:57:43:4b:
1b:92:33:df:7d:3b:0e:bc:4c:57:2c:bb:16:34:4e:4b:05:1f:
04:1a:66:bb:d9:5a:ce:e7:96:3d:a2:5c:c9:8a:37:bd:d4:2a:
8a:f4:6f:88
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIUG0zTb2/h6C7Tu7nmIibaxVcNDDYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjAzMzExMDM0MjlaFw0yNzAzMzAxMDM5MjlaMDMxMTAvBgNV
BAMTKDFEMzNGNkY0RjRDN0I1OTNDNjRERDM5MDc1RUYzMjRDM0VGRTYzQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8vnN5Xdw/blx5FfIQztC8nC0k
roHbLp4EM0QweZcsvdf8pZt3jFYlkwbMOypzcsnF6WWOdf6VOKT0AbcwEj8c3QtF
xGw9huTC8I4RCoWqkLO+dqmIe5jH5mhzt2xfZo6LSHQ+qa4hcmjOvpeiwSJ+J01u
2tvN5aDo10DjEySfDTCKgtrw11BLkMIw50fzDeWr+pyGKIzTauC0G93C3nOeoew1
tBu1Nzten0N1TMYAki9KzrYqIhoHi13Q3qp6g8weZ32TPfoqXVnu+PzOKrHINAU0
44KvAmJA1v9v0qbvg574SdDE4/uz1PZJ2FWqHczN258i662+V2FruUwz/tolAgMB
AAGjggJWMIICUjAdBgNVHQ4EFgQUHTP29PTHtZPGTdOQde8yTD7+Y6UwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM0NzI3Mi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjCBmQYIKwYBBQUHAQcBAf8EgYkwgYYwDAQCAAEwBgME
AMcv8DB2BAIAAjBwAwcEKgYSgQBAAwYEKgYSgRADBwAqD2KAAAowEgMHBCoPYoAA
EAMHACoPYoAAGDASAwcBKg9igAAaAwcBKg9igAAcAwcAKg9igAAfMBIDBwQqD2KD
ETADBwUqD2KDEUADBwQqD2KEACADBgAqD2KERzANBgkqhkiG9w0BAQsFAAOCAQEA
jjfwuwGZi9oksBoRD+EaSgZ7A6PYAKeX5SqG79bAyjcnFNc27dsePVGysqUt/+R6
XzicsdA5tpYSHKChDLIGzmgtq4NrZsngce+NM9yTdsc7x3UUD97mp+8n/SS7XH3A
j5lmxl17GF501crkVyuDjA26hpSV+95Sv+APqUMWexozFPmTNpsnNC81UYcIGoZz
ZjOmAlet3nQ4CDKGG6+SEp2fln9dUl1+C1YNNvqspNZewg18Q68gWVjTclkuDjMW
GSAQ+U3hCwIfaOAyIKBhYVDjk7g6V0NLG5Iz3307DrxMVyy7FjROSwUfBBpmu9la
zueWPaJcyYo3vdQqivRviA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:38:05 2026 by rpki-client