Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS47272.roa
File: AS47272.roa (raw, json)
Hash identifier: UqRon2RFc/H98ZCPuGPaBhsuUBfajdvcTQ5mDNkllI8=
Subject key identifier: A3:69:F0:40:85:B6:FE:FC:73:16:67:62:EF:8A:CE:E4:64:9F:1E:B2
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 4A7C3E275F9B308A21DE2DD5C296385E6CC25130
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
Signing time: Sat 14 Mar 2026 08:00:49 +0000
ROA not before: Sat 14 Mar 2026 07:55:49 +0000
ROA not after: Sat 13 Mar 2027 08:00:49 +0000
asID: 47272
IP address blocks: 199.47.240.0/24 maxlen: 32
2a06:1281:40::/44 maxlen: 44
2a06:1281:1000::/36 maxlen: 36
2a09:54c6::/36 maxlen: 36
2a0f:6280:a::/48 maxlen: 128
2a0f:6280:10::/48 maxlen: 128
2a0f:6280:11::/48 maxlen: 128
2a0f:6280:12::/48 maxlen: 128
2a0f:6280:13::/48 maxlen: 128
2a0f:6280:14::/48 maxlen: 48
2a0f:6280:15::/48 maxlen: 128
2a0f:6280:16::/48 maxlen: 128
2a0f:6280:17::/48 maxlen: 128
2a0f:6280:18::/48 maxlen: 128
2a0f:6280:1a::/48 maxlen: 128
2a0f:6280:1b::/48 maxlen: 128
2a0f:6280:1c::/48 maxlen: 48
2a0f:6280:1d::/48 maxlen: 128
2a0f:6280:1f::/48 maxlen: 128
2a0f:6283:1130::/44 maxlen: 44
2a0f:6283:1140::/44 maxlen: 44
2a0f:6283:1150::/44 maxlen: 44
2a0f:6284:20::/44 maxlen: 44
2a0f:6284:4700::/40 maxlen: 40
2a0f:6287:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:11:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:7c:3e:27:5f:9b:30:8a:21:de:2d:d5:c2:96:38:5e:6c:c2:51:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Mar 14 07:55:49 2026 GMT
Not After : Mar 13 08:00:49 2027 GMT
Subject: CN=A369F04085B6FEFC73166762EF8ACEE4649F1EB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fa:7f:50:77:70:44:ce:6e:73:93:67:6b:44:
26:78:80:dd:cd:0a:ca:de:cd:de:eb:b7:ac:89:00:
ac:c3:89:cf:0a:45:60:a5:90:ff:aa:29:da:08:b8:
9c:02:1f:8b:e7:fd:9a:77:9b:30:40:5b:fc:fd:b2:
1a:00:82:73:d1:bf:8c:11:91:00:22:d1:7d:55:95:
97:1e:f9:ec:c5:ae:f6:86:cd:8b:30:e2:36:79:2a:
e8:55:26:b8:75:dc:06:55:e6:41:1a:34:08:0b:de:
05:ff:96:9f:af:66:fe:be:aa:6c:14:1b:e6:3a:7f:
bf:ea:2a:5d:fa:91:03:76:87:1b:a9:2e:70:4d:4b:
bb:96:a9:52:12:eb:d7:0d:52:8b:99:20:af:97:c5:
8a:f0:90:9b:3c:1f:f2:30:b5:0f:17:be:4e:27:a5:
90:f5:24:a8:92:2d:ff:93:59:63:a4:20:08:47:bd:
94:1b:c3:45:fd:06:45:22:37:7c:17:eb:a7:52:72:
27:2b:88:11:3b:0a:84:42:f1:87:92:39:7e:1c:58:
d8:fa:be:2c:7d:34:51:f7:a7:58:b7:87:1f:7f:76:
4f:21:39:eb:d9:1b:29:f4:b3:b9:51:00:3a:13:ce:
8e:84:c3:74:71:2c:53:c3:8f:da:f4:e6:9b:f0:9a:
da:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:69:F0:40:85:B6:FE:FC:73:16:67:62:EF:8A:CE:E4:64:9F:1E:B2
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.47.240.0/24
IPv6:
2a06:1281:40::/44
2a06:1281:1000::/36
2a09:54c6::/36
2a0f:6280:a::/48
2a0f:6280:10::-2a0f:6280:18:ffff:ffff:ffff:ffff:ffff
2a0f:6280:1a::-2a0f:6280:1d:ffff:ffff:ffff:ffff:ffff
2a0f:6280:1f::/48
2a0f:6283:1130::-2a0f:6283:115f:ffff:ffff:ffff:ffff:ffff
2a0f:6284:20::/44
2a0f:6284:4700::/40
2a0f:6287:1000::/36
Signature Algorithm: sha256WithRSAEncryption
39:3f:05:3c:29:6a:3d:c7:d7:3d:cd:52:cd:02:38:b0:8e:9c:
a0:fa:d7:ea:65:91:41:57:c5:17:8b:1d:b8:9e:6c:b2:70:ad:
e4:9a:b3:a2:eb:69:b4:01:a4:d2:da:75:41:b8:6d:dd:07:e2:
5f:07:5e:c9:34:f0:3a:e3:24:3c:a3:e2:8d:06:d1:3f:2f:e6:
1e:19:5f:25:38:82:59:29:5a:e2:fb:d5:98:fb:c5:e9:31:c9:
1c:6c:8b:46:dc:85:0b:ac:ba:1e:99:64:01:f8:c5:6b:93:42:
62:a8:38:c7:2d:56:26:5f:ba:bd:c1:4a:b3:8a:ad:71:5f:b1:
ca:33:61:44:f8:ec:4f:f3:48:47:81:48:d4:75:6e:f2:27:bb:
41:b6:a9:55:98:82:d2:c1:5b:6e:fd:79:9b:3e:e4:1f:d0:6f:
18:f5:d5:bd:d1:38:72:4d:0d:cb:54:b8:42:9c:72:4d:45:eb:
3e:2e:80:9a:5c:88:2e:ad:e2:5b:3e:2e:2e:a6:1e:e8:15:97:
af:1c:c6:08:c0:5c:f3:f0:e2:d9:a5:3b:e4:5d:6f:b6:03:3d:
9e:40:8d:47:96:81:8c:4d:14:02:22:ca:39:6c:29:8a:87:de:
28:c3:99:09:7c:bf:64:3c:bc:dd:83:79:4e:4d:5e:c4:6b:8f:
50:84:9a:6a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSnw+J1+bMIoh3i3VwpY4XmzCUTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjAzMTQwNzU1NDlaFw0yNzAzMTMwODAwNDlaMDMxMTAvBgNV
BAMTKEEzNjlGMDQwODVCNkZFRkM3MzE2Njc2MkVGOEFDRUU0NjQ5RjFFQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf+n9Qd3BEzm5zk2drRCZ4gN3N
Csrezd7rt6yJAKzDic8KRWClkP+qKdoIuJwCH4vn/Zp3mzBAW/z9shoAgnPRv4wR
kQAi0X1VlZce+ezFrvaGzYsw4jZ5KuhVJrh13AZV5kEaNAgL3gX/lp+vZv6+qmwU
G+Y6f7/qKl36kQN2hxupLnBNS7uWqVIS69cNUouZIK+XxYrwkJs8H/IwtQ8Xvk4n
pZD1JKiSLf+TWWOkIAhHvZQbw0X9BkUiN3wX66dScicriBE7CoRC8YeSOX4cWNj6
vix9NFH3p1i3hx9/dk8hOevZGyn0s7lRADoTzo6Ew3RxLFPDj9r05pvwmtrBAgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUo2nwQIW2/vxzFmdi74rO5GSfHrIwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM0NzI3Mi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjCBqwYIKwYBBQUHAQcBAf8EgZswgZgwDAQCAAEwBgME
AMcv8DCBhwQCAAIwgYADBwQqBhKBAEADBgQqBhKBEAMGBCoJVMYAAwcAKg9igAAK
MBIDBwQqD2KAABADBwAqD2KAABgwEgMHASoPYoAAGgMHASoPYoAAHAMHACoPYoAA
HzASAwcEKg9igxEwAwcFKg9igxFAAwcEKg9ihAAgAwYAKg9ihEcDBgQqD2KHEDAN
BgkqhkiG9w0BAQsFAAOCAQEAOT8FPClqPcfXPc1SzQI4sI6coPrX6mWRQVfFF4sd
uJ5ssnCt5JqzoutptAGk0tp1Qbht3QfiXwdeyTTwOuMkPKPijQbRPy/mHhlfJTiC
WSla4vvVmPvF6THJHGyLRtyFC6y6HplkAfjFa5NCYqg4xy1WJl+6vcFKs4qtcV+x
yjNhRPjsT/NIR4FI1HVu8ie7QbapVZiC0sFbbv15mz7kH9BvGPXVvdE4ck0Ny1S4
QpxyTUXrPi6AmlyILq3iWz4uLqYe6BWXrxzGCMBc8/Di2aU75F1vtgM9nkCNR5aB
jE0UAiLKOWwpiofeKMOZCXy/ZDy83YN5Tk1exGuPUISaag==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:30:23 2026 by rpki-client