Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS47272.roa
File: AS47272.roa (raw, json)
Hash identifier: 6XomxcgAELd2Drsp2GDzpLSpoHsDyQd0H68VGiw9+WQ=
Subject key identifier: D0:EE:D0:CC:91:6C:30:ED:17:42:84:49:CB:49:40:F5:E4:2E:3F:EE
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 7A6A5C858BC6E45E8AAFF4ED691EE034A273598A
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
Signing time: Tue 05 Aug 2025 18:07:04 +0000
ROA not before: Tue 05 Aug 2025 18:02:04 +0000
ROA not after: Tue 04 Aug 2026 18:07:04 +0000
asID: 47272
IP address blocks: 2a05:dfc3:f500::/40 maxlen: 48
2a05:dfc3:fd24::/48 maxlen: 48
2a06:1281:1000::/36 maxlen: 36
2a09:54c6::/36 maxlen: 36
2a0f:6280:a::/48 maxlen: 128
2a0f:6280:10::/48 maxlen: 128
2a0f:6280:11::/48 maxlen: 128
2a0f:6280:12::/48 maxlen: 128
2a0f:6280:13::/48 maxlen: 128
2a0f:6280:14::/48 maxlen: 48
2a0f:6280:15::/48 maxlen: 128
2a0f:6280:16::/48 maxlen: 128
2a0f:6280:17::/48 maxlen: 128
2a0f:6280:18::/48 maxlen: 128
2a0f:6280:19::/48 maxlen: 128
2a0f:6280:1a::/48 maxlen: 128
2a0f:6280:1b::/48 maxlen: 128
2a0f:6283:1130::/44 maxlen: 44
2a0f:6283:1140::/44 maxlen: 44
2a0f:6283:1150::/44 maxlen: 44
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 02:53:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:6a:5c:85:8b:c6:e4:5e:8a:af:f4:ed:69:1e:e0:34:a2:73:59:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Aug 5 18:02:04 2025 GMT
Not After : Aug 4 18:07:04 2026 GMT
Subject: CN=D0EED0CC916C30ED17428449CB4940F5E42E3FEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ed:f9:50:e2:f4:51:06:5c:ef:bc:9a:36:17:
62:8b:ed:5d:97:12:80:32:73:7b:2e:b9:c5:ad:df:
b5:a8:4b:3a:68:c4:9d:d5:b2:1f:d0:44:50:95:c6:
0b:72:cc:0b:65:72:64:05:c7:21:0e:a7:78:d5:32:
4f:f5:47:ec:d1:ef:1e:b2:61:95:6b:4d:4e:3b:87:
eb:50:f6:53:33:36:54:f0:24:2d:ff:a5:9a:72:a2:
1d:37:a2:58:95:c0:a2:44:a5:91:5d:61:46:9c:7e:
31:67:c0:11:18:ac:f3:03:99:4c:ba:13:1e:84:46:
f3:12:e4:14:cc:b2:38:de:ea:6f:26:ca:40:f2:54:
a4:79:ba:1b:b9:64:84:c4:53:9f:b5:e2:7f:9e:68:
66:0d:9a:2c:6c:80:8f:99:db:5b:54:21:0e:22:7c:
d3:bf:66:0c:85:72:6e:14:e2:98:00:fc:17:1f:23:
fb:87:ce:90:97:2a:25:fb:dc:92:8b:7c:e7:2a:1d:
88:c9:f8:e3:cc:1b:9d:a1:f4:1e:2d:ba:5b:6f:9f:
a8:b1:a5:96:39:70:99:3a:e5:f9:f4:12:42:c1:2b:
16:89:f5:37:6b:6a:5a:ce:e7:db:47:fa:6f:39:24:
a1:4a:9f:c3:fc:c9:e2:89:7d:78:df:cd:0f:f3:dd:
36:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:EE:D0:CC:91:6C:30:ED:17:42:84:49:CB:49:40:F5:E4:2E:3F:EE
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc3:f500::/40
2a05:dfc3:fd24::/48
2a06:1281:1000::/36
2a09:54c6::/36
2a0f:6280:a::/48
2a0f:6280:10::-2a0f:6280:1b:ffff:ffff:ffff:ffff:ffff
2a0f:6283:1130::-2a0f:6283:115f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
28:cd:e0:d9:d6:b9:66:e5:78:27:70:06:26:24:37:a0:7d:7e:
1a:b7:8e:70:39:db:32:fd:07:52:eb:2b:65:c2:f6:f1:01:4e:
2e:47:49:eb:c2:b6:f5:6b:68:8c:98:79:dc:88:e2:83:8f:1b:
8e:c5:7e:ed:23:d7:e9:6d:8b:e7:57:11:58:6d:ef:f0:e5:f1:
c8:b1:25:48:9f:6d:b7:48:ed:1b:bb:ad:9c:36:b8:d6:6e:70:
1e:d1:6d:38:d0:ae:0f:cb:11:f6:b0:2b:bc:e5:dc:a6:eb:73:
24:73:3f:fd:30:f0:e1:ea:78:a5:da:4d:20:ec:1e:58:95:3e:
9d:75:5b:72:90:34:fe:15:2b:68:39:43:02:b2:7f:2f:98:9b:
b7:61:bc:34:30:31:e2:2e:a2:52:fa:df:0a:22:5c:93:bd:fe:
e2:2e:82:9d:46:0e:74:7a:04:6b:1f:86:08:3b:17:79:c9:35:
be:c0:78:86:aa:15:85:b9:47:1c:c6:d1:61:eb:89:25:d7:d9:
0b:4f:4e:c8:c8:a6:15:c9:c5:79:4d:73:0a:90:0d:c8:af:fe:
7b:09:7e:b7:b4:1d:d2:d4:47:75:55:5d:84:b0:22:a4:d6:4e:
ce:9a:1d:40:63:28:f9:4c:e5:74:13:71:0f:1a:69:49:e8:8f:
4c:3b:d5:d0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUempchYvG5F6Kr/TtaR7gNKJzWYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA4MDUxODAyMDRaFw0yNjA4MDQxODA3MDRaMDMxMTAvBgNV
BAMTKEQwRUVEMENDOTE2QzMwRUQxNzQyODQ0OUNCNDk0MEY1RTQyRTNGRUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb7flQ4vRRBlzvvJo2F2KL7V2X
EoAyc3suucWt37WoSzpoxJ3Vsh/QRFCVxgtyzAtlcmQFxyEOp3jVMk/1R+zR7x6y
YZVrTU47h+tQ9lMzNlTwJC3/pZpyoh03oliVwKJEpZFdYUacfjFnwBEYrPMDmUy6
Ex6ERvMS5BTMsjje6m8mykDyVKR5uhu5ZITEU5+14n+eaGYNmixsgI+Z21tUIQ4i
fNO/ZgyFcm4U4pgA/BcfI/uHzpCXKiX73JKLfOcqHYjJ+OPMG52h9B4tultvn6ix
pZY5cJk65fn0EkLBKxaJ9TdralrO59tH+m85JKFKn8P8yeKJfXjfzQ/z3TZdAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQU0O7QzJFsMO0XQoRJy0lA9eQuP+4wHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM0NzI3Mi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjBrBggrBgEFBQcBBwEB/wRcMFowWAQCAAIwUgMGACoF
38P1AwcAKgXfw/0kAwYEKgYSgRADBgQqCVTGAAMHACoPYoAACjASAwcEKg9igAAQ
AwcCKg9igAAYMBIDBwQqD2KDETADBwUqD2KDEUAwDQYJKoZIhvcNAQELBQADggEB
ACjN4NnWuWbleCdwBiYkN6B9fhq3jnA52zL9B1LrK2XC9vEBTi5HSevCtvVraIyY
edyI4oOPG47Ffu0j1+lti+dXEVht7/Dl8cixJUifbbdI7Ru7rZw2uNZucB7RbTjQ
rg/LEfawK7zl3KbrcyRzP/0w8OHqeKXaTSDsHliVPp11W3KQNP4VK2g5QwKyfy+Y
m7dhvDQwMeIuolL63woiXJO9/uIugp1GDnR6BGsfhgg7F3nJNb7AeIaqFYW5RxzG
0WHriSXX2QtPTsjIphXJxXlNcwqQDciv/nsJfre0HdLUR3VVXYSwIqTWTs6aHUBj
KPlM5XQTcQ8aaUnoj0w71dA=
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:13:59 2025 by rpki-client