Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: I2lkwWt6RENf2Rgo+iaqoNP3GB4a58cZpwy7ZxK4unc=
Subject key identifier: BD:9C:12:A9:AC:B4:1C:3B:D8:57:F9:90:3C:98:29:B6:9F:D9:D1:72
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 061B12C8609C07E632684003916FE87DF7204E37
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS0.roa
Signing time: Fri 22 Aug 2025 08:00:26 +0000
ROA not before: Fri 22 Aug 2025 07:55:26 +0000
ROA not after: Fri 21 Aug 2026 08:00:26 +0000
asID: 0
IP address blocks: 2a05:dfc3:f400::/40 maxlen: 40
2a06:1281:7000::/36 maxlen: 128
2a06:1281:9000::/36 maxlen: 36
2a06:1281:a000::/36 maxlen: 128
2a09:54c6:1000::/36 maxlen: 128
2a09:54c7:3000::/36 maxlen: 36
2a09:54c7:4000::/36 maxlen: 128
2a09:54c7:5000::/36 maxlen: 128
2a09:54c7:6000::/36 maxlen: 128
2a0a:6044:7f00::/40 maxlen: 40
2a0a:6044:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 19:26:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:1b:12:c8:60:9c:07:e6:32:68:40:03:91:6f:e8:7d:f7:20:4e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Aug 22 07:55:26 2025 GMT
Not After : Aug 21 08:00:26 2026 GMT
Subject: CN=BD9C12A9ACB41C3BD857F9903C9829B69FD9D172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:03:b1:48:30:14:34:92:f6:ff:53:57:dc:59:
05:7d:0b:71:f9:ad:df:c0:f5:00:6a:4a:0b:c3:11:
2b:df:36:c3:e3:1a:b6:26:22:32:47:b6:8f:04:5c:
78:a6:b8:2a:4c:7f:5e:b7:f5:2e:63:61:c5:ee:c6:
27:50:3e:61:f2:a1:7b:1f:f3:03:d4:df:69:8f:92:
b2:68:a8:e5:07:e6:b9:aa:02:6a:ca:ef:5e:43:ae:
f0:0e:93:42:a1:7b:57:b5:f6:28:ae:82:e5:6a:9d:
d8:68:4c:04:25:13:0c:0e:40:47:86:b2:af:d2:2e:
eb:cf:14:38:52:ab:6a:50:47:e3:2b:27:93:51:67:
a1:29:74:ea:75:bf:a7:b1:61:ff:ca:79:79:a2:d7:
69:ca:34:69:9e:70:e2:05:d3:48:1f:fb:ab:fb:d4:
5e:e6:e0:b8:53:3d:9e:d5:f6:ef:14:3d:ae:97:93:
f4:2c:0b:e4:4e:09:5a:ca:6a:d9:86:fa:ea:4f:df:
5c:68:1e:39:4b:e3:01:97:d9:c7:c6:59:ad:60:c1:
be:18:d8:7d:4b:c6:0e:25:7b:d7:ef:ce:23:db:2d:
59:55:91:1b:e0:b1:8b:33:5b:a4:38:fb:24:fd:31:
8d:c3:ea:e6:1d:d9:16:58:3c:7e:80:e3:01:8e:ad:
8f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:9C:12:A9:AC:B4:1C:3B:D8:57:F9:90:3C:98:29:B6:9F:D9:D1:72
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc3:f400::/40
2a06:1281:7000::/36
2a06:1281:9000::-2a06:1281:afff:ffff:ffff:ffff:ffff:ffff
2a09:54c6:1000::/36
2a09:54c7:3000::-2a09:54c7:6fff:ffff:ffff:ffff:ffff:ffff
2a0a:6044:7f00::/40
2a0a:6044:c000::/40
Signature Algorithm: sha256WithRSAEncryption
66:f3:cd:d8:16:ac:5b:bd:1b:15:09:3c:18:08:0a:9e:e2:ef:
ae:40:46:a6:26:d1:b2:3d:e3:eb:59:39:05:90:d0:cd:da:46:
cf:c1:f4:ad:d3:1e:11:38:aa:4d:cb:9e:96:28:e3:69:8e:60:
60:ac:56:52:08:56:6a:50:5c:17:96:36:0b:08:d7:66:a9:b5:
57:40:9f:36:a2:f3:be:0b:da:fa:31:0a:64:15:06:7a:c7:e3:
1c:29:ba:4c:55:c7:1d:94:6a:27:fa:46:2b:f2:cc:7d:06:2c:
03:ab:74:e7:2e:2f:e8:f3:b8:41:64:40:b0:ff:d0:0f:0f:b6:
ed:66:50:28:a9:24:72:24:6f:1b:5e:f4:f8:9e:a6:2e:f0:7d:
83:c0:de:a1:9b:b4:36:88:57:33:d7:c5:bf:bc:d9:64:66:af:
fb:c5:df:9e:fe:32:d0:2d:b6:c5:28:76:e5:0f:fd:3e:3e:87:
03:f0:ea:a6:08:29:8e:4c:48:5e:19:24:4a:f4:b5:50:a1:ab:
72:20:a5:1f:be:90:03:f2:b9:30:2e:e0:89:40:b6:8f:a2:33:
2d:18:0f:bb:3e:3d:b5:63:dd:07:63:bb:04:7c:c7:c3:71:5d:
c0:07:f8:21:42:ab:6d:2f:21:2b:90:6f:ce:e9:d9:fd:9b:ed:
7e:a0:54:b9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUBhsSyGCcB+YyaEADkW/offcgTjcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA4MjIwNzU1MjZaFw0yNjA4MjEwODAwMjZaMDMxMTAvBgNV
BAMTKEJEOUMxMkE5QUNCNDFDM0JEODU3Rjk5MDNDOTgyOUI2OUZEOUQxNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWA7FIMBQ0kvb/U1fcWQV9C3H5
rd/A9QBqSgvDESvfNsPjGrYmIjJHto8EXHimuCpMf1639S5jYcXuxidQPmHyoXsf
8wPU32mPkrJoqOUH5rmqAmrK715DrvAOk0Khe1e19iiuguVqndhoTAQlEwwOQEeG
sq/SLuvPFDhSq2pQR+MrJ5NRZ6EpdOp1v6exYf/KeXmi12nKNGmecOIF00gf+6v7
1F7m4LhTPZ7V9u8UPa6Xk/QsC+ROCVrKatmG+upP31xoHjlL4wGX2cfGWa1gwb4Y
2H1Lxg4le9fvziPbLVlVkRvgsYszW6Q4+yT9MY3D6uYd2RZYPH6A4wGOrY8DAgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUvZwSqay0HDvYV/mQPJgptp/Z0XIwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyMEoGCCsGAQUFBwELBD4wPDA6BggrBgEFBQcwC4YucnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAwYAKgXfw/QD
BgQqBhKBcDAQAwYEKgYSgZADBgQqBhKBoAMGBCoJVMYQMBADBgQqCVTHMAMGBCoJ
VMdgAwYAKgpgRH8DBgAqCmBEwDANBgkqhkiG9w0BAQsFAAOCAQEAZvPN2BasW70b
FQk8GAgKnuLvrkBGpibRsj3j61k5BZDQzdpGz8H0rdMeETiqTcuelijjaY5gYKxW
UghWalBcF5Y2CwjXZqm1V0CfNqLzvgva+jEKZBUGesfjHCm6TFXHHZRqJ/pGK/LM
fQYsA6t05y4v6PO4QWRAsP/QDw+27WZQKKkkciRvG170+J6mLvB9g8DeoZu0NohX
M9fFv7zZZGav+8Xfnv4y0C22xSh25Q/9Pj6HA/DqpggpjkxIXhkkSvS1UKGrciCl
H76QA/K5MC7giUC2j6IzLRgPuz49tWPdB2O7BHzHw3FdwAf4IUKrbS8hK5BvzunZ
/ZvtfqBUuQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:09:38 2025 by rpki-client