$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS214915.roa File: AS214915.roa (raw, json) Hash identifier: Dg9rCnPVabJW+VFTNVUxZCQqZjceVmCfRtQTUs3hEKU= Subject key identifier: 85:31:C5:FE:95:49:B9:10:28:4A:E3:4D:CA:C0:AD:8A:43:44:CE:96 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 2B6D606A57B87A5053E60C0B47632529DFBAB40F Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS214915.roa Signing time: Thu 14 Aug 2025 15:20:44 +0000 ROA not before: Thu 14 Aug 2025 15:15:44 +0000 ROA not after: Thu 13 Aug 2026 15:20:44 +0000 asID: 214915 IP address blocks: 2a0f:6284:4300::/40 maxlen: 40 2a0f:6284:4300::/44 maxlen: 44 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 23 Aug 2025 20:50:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:6d:60:6a:57:b8:7a:50:53:e6:0c:0b:47:63:25:29:df:ba:b4:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Aug 14 15:15:44 2025 GMT Not After : Aug 13 15:20:44 2026 GMT Subject: CN=8531C5FE9549B910284AE34DCAC0AD8A4344CE96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:f3:f4:5e:01:be:3b:8a:e8:ce:a8:03:49:84: be:3c:3c:d5:4a:48:9c:de:bd:0b:51:94:8a:be:40: 04:bc:9b:f6:2a:ca:2b:32:d8:eb:15:5b:67:c6:74: a5:45:be:6f:1e:e6:26:84:55:4b:85:a4:07:6f:3f: 44:12:5e:c1:e2:23:40:a0:4d:4a:53:bc:f1:b3:42: 20:e0:25:77:96:24:bd:66:67:24:fb:f8:97:0d:60: 4c:39:49:2f:fc:2d:c2:1e:ed:da:7c:16:ae:68:6d: 05:ba:13:86:bb:c1:62:b0:15:73:2f:79:62:6f:42: da:af:04:05:09:af:10:c8:5d:64:39:b6:9d:2a:e8: c5:bc:f8:ed:58:ee:19:30:fa:c9:98:ac:e9:9f:bd: 0b:60:0e:c0:bf:b3:6a:11:fe:72:dc:fe:91:79:89: 25:de:99:19:6a:f2:27:90:2d:e7:f6:70:98:9e:84: ff:7f:c4:83:49:cc:4d:cf:58:80:3e:ad:e0:27:d1: 95:9c:3b:60:15:e2:1a:c2:fe:d2:e7:9b:da:26:2e: 2e:09:ed:23:e5:cf:8c:73:ad:99:05:e1:0f:81:4a: 64:fc:c7:8a:d8:d7:6f:e8:f8:66:f9:4a:36:76:08: 30:4f:47:2f:b8:f3:3c:6a:91:41:82:91:a5:87:62: 37:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:31:C5:FE:95:49:B9:10:28:4A:E3:4D:CA:C0:AD:8A:43:44:CE:96 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS214915.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:6284:4300::/40 Signature Algorithm: sha256WithRSAEncryption 35:89:a9:a4:bf:7b:12:6b:33:69:ca:01:cb:e5:47:a9:ce:74: 62:18:9f:3c:cd:a5:0a:e8:c2:f1:d0:b9:41:c1:25:8a:31:b5: fd:ec:f9:82:a3:d9:7b:4f:7a:49:ca:e2:0f:eb:0e:c3:01:c4: 2b:9b:d3:49:9a:13:fb:aa:63:58:21:07:5d:e8:62:17:84:09: e1:a8:ee:59:18:27:d6:49:f4:5f:ca:18:88:b2:f6:38:aa:ae: 8f:11:07:65:28:1f:8d:56:ce:34:c7:d1:2d:0e:f3:69:39:84: d9:fa:b3:8d:1a:4c:b2:cd:70:5e:7a:44:5a:69:c7:da:46:ed: bf:ae:3d:cc:ba:49:bd:3a:70:2c:26:ef:3e:d1:02:d8:8d:b7: e3:41:d3:a6:60:76:3f:3a:d2:a4:11:4f:0f:4c:32:11:87:b1: 0f:f5:64:fb:59:3c:d4:7a:27:43:f6:4d:42:f0:e9:bc:49:54: 4c:56:12:1d:ae:1c:a5:3b:6e:bc:37:75:c5:8a:45:6b:1f:1d: ff:8a:ad:cd:16:29:3b:9c:99:9e:12:ba:ce:ff:11:8b:0e:ca: 6d:4e:ac:b5:f9:a5:86:8e:e9:b7:ba:72:e8:57:30:64:06:fe: f9:d8:9a:51:f4:28:70:5f:1c:cc:7d:ff:29:d0:77:0f:ad:76: dc:83:ce:75 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUK21gale4elBT5gwLR2MlKd+6tA8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA4MTQxNTE1NDRaFw0yNjA4MTMxNTIwNDRaMDMxMTAvBgNV BAMTKDg1MzFDNUZFOTU0OUI5MTAyODRBRTM0RENBQzBBRDhBNDM0NENFOTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc8/ReAb47iujOqANJhL48PNVK SJzevQtRlIq+QAS8m/Yqyisy2OsVW2fGdKVFvm8e5iaEVUuFpAdvP0QSXsHiI0Cg TUpTvPGzQiDgJXeWJL1mZyT7+JcNYEw5SS/8LcIe7dp8Fq5obQW6E4a7wWKwFXMv eWJvQtqvBAUJrxDIXWQ5tp0q6MW8+O1Y7hkw+smYrOmfvQtgDsC/s2oR/nLc/pF5 iSXemRlq8ieQLef2cJiehP9/xINJzE3PWIA+reAn0ZWcO2AV4hrC/tLnm9omLi4J 7SPlz4xzrZkF4Q+BSmT8x4rY12/o+Gb5SjZ2CDBPRy+48zxqkUGCkaWHYjeRAgMB AAGjggHeMIIB2jAdBgNVHQ4EFgQUhTHF/pVJuRAoSuNNysCtikNEzpYwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTQ5MTUucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAq D2KEQzANBgkqhkiG9w0BAQsFAAOCAQEANYmppL97EmszacoBy+VHqc50YhifPM2l CujC8dC5QcElijG1/ez5gqPZe096ScriD+sOwwHEK5vTSZoT+6pjWCEHXehiF4QJ 4ajuWRgn1kn0X8oYiLL2OKqujxEHZSgfjVbONMfRLQ7zaTmE2fqzjRpMss1wXnpE WmnH2kbtv649zLpJvTpwLCbvPtEC2I2340HTpmB2PzrSpBFPD0wyEYexD/Vk+1k8 1HonQ/ZNQvDpvElUTFYSHa4cpTtuvDd1xYpFax8d/4qtzRYpO5yZnhK6zv8Riw7K bU6stfmlho7pt7py6FcwZAb++diaUfQocF8czH3/KdB3D6123IPOdQ== -----END CERTIFICATE-----Generated at Sat Aug 23 13:39:12 2025 by rpki-client