Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS47272.roa
File: AS47272.roa (raw, json)
Hash identifier: CGIduWI5o0q1SxQtAH3Z32xh+knh8U8XBASwy4bhlfk=
Subject key identifier: CC:7B:30:DE:36:18:1C:91:8C:01:79:52:69:8E:3F:2E:C5:20:2C:80
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 418D2644BF01116CDA947E530602FB83ADABE7FF
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
Signing time: Tue 12 Aug 2025 02:09:35 +0000
ROA not before: Tue 12 Aug 2025 02:04:35 +0000
ROA not after: Tue 11 Aug 2026 02:09:35 +0000
asID: 47272
IP address blocks: 2a05:dfc3:f500::/40 maxlen: 48
2a05:dfc3:fd24::/48 maxlen: 48
2a06:1281:1000::/36 maxlen: 36
2a09:54c6::/36 maxlen: 36
2a0f:6280:a::/48 maxlen: 128
2a0f:6280:10::/48 maxlen: 128
2a0f:6280:11::/48 maxlen: 128
2a0f:6280:12::/48 maxlen: 128
2a0f:6280:13::/48 maxlen: 128
2a0f:6280:14::/48 maxlen: 48
2a0f:6280:15::/48 maxlen: 128
2a0f:6280:16::/48 maxlen: 128
2a0f:6280:17::/48 maxlen: 128
2a0f:6280:18::/48 maxlen: 128
2a0f:6280:19::/48 maxlen: 128
2a0f:6280:1a::/48 maxlen: 128
2a0f:6280:1b::/48 maxlen: 128
2a0f:6280:1c::/48 maxlen: 48
2a0f:6283:1130::/44 maxlen: 44
2a0f:6283:1140::/44 maxlen: 44
2a0f:6283:1150::/44 maxlen: 44
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:8d:26:44:bf:01:11:6c:da:94:7e:53:06:02:fb:83:ad:ab:e7:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Aug 12 02:04:35 2025 GMT
Not After : Aug 11 02:09:35 2026 GMT
Subject: CN=CC7B30DE36181C918C017952698E3F2EC5202C80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:11:9d:e6:0b:93:6e:ae:10:2d:33:aa:b3:0b:
01:3d:cd:28:c1:ec:78:af:9f:24:fa:2d:0b:8b:ba:
1d:ab:67:74:95:ab:68:70:0f:8a:59:ff:e7:36:04:
43:1c:a0:69:bd:24:17:70:2b:82:a8:f9:62:b0:3f:
a4:df:b7:bb:56:e4:f8:a3:b4:f7:a3:89:ea:d5:07:
23:50:a5:2f:6a:78:28:8d:4c:38:d7:27:d7:85:37:
63:ec:75:c8:03:2e:76:10:99:e8:e3:fd:d2:3d:be:
25:e3:c4:e1:4a:9a:f6:1c:9c:f1:9f:ae:3f:ab:6d:
43:8f:88:a4:48:12:99:8b:9c:fa:82:07:d3:7f:e0:
cd:26:dd:9d:35:c2:20:3b:a6:a9:e2:66:a7:c4:58:
84:32:c7:40:b0:ed:2b:4c:13:ed:2d:86:ce:5d:e2:
3a:be:7a:5c:36:13:63:86:2a:fe:03:22:ef:1d:5f:
3d:4b:02:84:11:4d:40:a2:4d:99:e7:9c:34:3f:01:
d0:17:83:a2:a5:90:15:84:36:95:d8:5c:ed:29:36:
1a:6f:34:3b:2f:de:61:22:c8:28:89:7a:e9:bc:27:
a8:d2:19:7a:a9:14:d2:3a:03:2e:a5:c5:e4:de:f0:
2d:5b:4a:f9:8a:5d:58:da:92:21:92:35:ca:fb:ac:
ab:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:7B:30:DE:36:18:1C:91:8C:01:79:52:69:8E:3F:2E:C5:20:2C:80
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc3:f500::/40
2a05:dfc3:fd24::/48
2a06:1281:1000::/36
2a09:54c6::/36
2a0f:6280:a::/48
2a0f:6280:10::-2a0f:6280:1c:ffff:ffff:ffff:ffff:ffff
2a0f:6283:1130::-2a0f:6283:115f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
19:37:42:0b:31:db:68:45:bb:41:aa:2a:49:ce:91:f4:c0:06:
2b:9b:6c:d2:5e:f4:d3:ff:a6:66:ca:14:78:d4:46:2d:19:f8:
3c:17:55:b5:84:02:c7:f4:be:84:d7:45:e7:4b:4b:bb:2e:cd:
94:80:5f:cb:62:e0:bf:db:07:99:57:58:5a:f8:0d:9c:17:73:
a0:d2:2e:b8:88:73:4a:d9:50:7a:bb:a6:22:4c:35:f5:fc:0a:
0b:0c:fc:fb:21:74:f8:21:f5:9f:7f:b5:96:d5:54:1e:f4:f2:
87:03:d9:f5:65:c0:14:95:d6:a6:d2:ca:39:0e:61:4f:9b:fe:
22:6c:f6:2c:7d:4c:f7:ea:e8:d9:98:bf:bd:fc:5e:a7:69:26:
a4:9f:40:57:5c:69:61:b2:b4:5c:2a:ce:7a:cb:e8:85:c2:53:
c8:6d:7e:14:4a:46:ac:d8:e8:11:d9:7d:03:52:23:70:fc:4e:
48:42:ae:61:4c:84:f2:93:c8:72:e8:d3:6d:ed:ca:e1:1b:d6:
9f:48:4a:93:e1:e4:4a:52:4d:f3:ef:d3:9b:f2:e4:3f:2a:14:
d6:db:89:e0:f3:ce:b2:f5:27:17:a4:ef:2d:87:54:7b:3b:d6:
82:1c:ec:d9:d2:be:f7:13:00:20:e1:a9:d5:a3:3a:cb:72:ad:
87:28:30:63
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUQY0mRL8BEWzalH5TBgL7g62r5/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA4MTIwMjA0MzVaFw0yNjA4MTEwMjA5MzVaMDMxMTAvBgNV
BAMTKENDN0IzMERFMzYxODFDOTE4QzAxNzk1MjY5OEUzRjJFQzUyMDJDODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/EZ3mC5NurhAtM6qzCwE9zSjB
7HivnyT6LQuLuh2rZ3SVq2hwD4pZ/+c2BEMcoGm9JBdwK4Ko+WKwP6Tft7tW5Pij
tPejierVByNQpS9qeCiNTDjXJ9eFN2PsdcgDLnYQmejj/dI9viXjxOFKmvYcnPGf
rj+rbUOPiKRIEpmLnPqCB9N/4M0m3Z01wiA7pqniZqfEWIQyx0Cw7StME+0ths5d
4jq+elw2E2OGKv4DIu8dXz1LAoQRTUCiTZnnnDQ/AdAXg6KlkBWENpXYXO0pNhpv
NDsv3mEiyCiJeum8J6jSGXqpFNI6Ay6lxeTe8C1bSvmKXVjakiGSNcr7rKvtAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUzHsw3jYYHJGMAXlSaY4/LsUgLIAwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM0NzI3Mi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjBrBggrBgEFBQcBBwEB/wRcMFowWAQCAAIwUgMGACoF
38P1AwcAKgXfw/0kAwYEKgYSgRADBgQqCVTGAAMHACoPYoAACjASAwcEKg9igAAQ
AwcAKg9igAAcMBIDBwQqD2KDETADBwUqD2KDEUAwDQYJKoZIhvcNAQELBQADggEB
ABk3Qgsx22hFu0GqKknOkfTABiubbNJe9NP/pmbKFHjURi0Z+DwXVbWEAsf0voTX
RedLS7suzZSAX8ti4L/bB5lXWFr4DZwXc6DSLriIc0rZUHq7piJMNfX8CgsM/Psh
dPgh9Z9/tZbVVB708ocD2fVlwBSV1qbSyjkOYU+b/iJs9ix9TPfq6NmYv738Xqdp
JqSfQFdcaWGytFwqznrL6IXCU8htfhRKRqzY6BHZfQNSI3D8TkhCrmFMhPKTyHLo
023tyuEb1p9ISpPh5EpSTfPv05vy5D8qFNbbieDzzrL1Jxek7y2HVHs71oIc7NnS
vvcTACDhqdWjOstyrYcoMGM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:01:17 2025 by rpki-client