$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS210215.roa File: AS210215.roa (raw, json) Hash identifier: HIgsMhV54h3unzCXYDpnfhMDE5NdHPTfu6ech+8tgDE= Subject key identifier: 29:AE:51:00:D0:25:6C:64:16:FA:B1:25:B0:3B:9A:78:91:0F:AF:D4 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 4F3A1E55E5FAE0FA6D4A42DC7596579A79064681 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS210215.roa Signing time: Fri 11 Jul 2025 17:11:06 +0000 ROA not before: Fri 11 Jul 2025 17:06:06 +0000 ROA not after: Fri 10 Jul 2026 17:11:06 +0000 asID: 210215 IP address blocks: 2a0f:6283:1200::/40 maxlen: 40 2a0f:6283:1200::/44 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 24 Jul 2025 09:24:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:3a:1e:55:e5:fa:e0:fa:6d:4a:42:dc:75:96:57:9a:79:06:46:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Jul 11 17:06:06 2025 GMT Not After : Jul 10 17:11:06 2026 GMT Subject: CN=29AE5100D0256C6416FAB125B03B9A78910FAFD4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:df:68:04:56:f1:bb:20:0c:dd:f3:8d:de:cc: df:dc:89:73:31:85:09:73:89:9e:9c:bc:fe:42:47: d6:b4:15:f2:6c:a7:ce:3b:2a:4d:63:22:6c:0f:d5: d1:95:56:1c:3a:ff:0d:61:dc:9c:32:f5:1c:e7:47: e8:b9:1a:59:6d:1e:a6:6b:2b:c9:35:7b:64:ce:91: 97:2d:49:24:df:6a:15:99:65:10:6f:4f:db:45:cc: a1:15:f5:7e:e6:2c:45:11:7e:70:74:6e:06:40:1f: 63:e3:95:5c:58:49:de:cf:69:cc:76:9a:35:48:24: 53:75:19:82:9f:45:5c:ee:67:73:61:05:32:ad:c7: 09:e0:58:bc:25:83:39:68:60:19:8f:01:59:5c:4b: 21:28:16:1b:ac:6b:91:fa:b2:ce:f2:09:11:04:96: ad:6a:f7:85:c0:2d:60:00:02:c4:ff:7b:16:8f:cd: 23:14:33:3e:f3:71:02:4b:43:64:c2:3c:e9:e7:4e: 3e:54:90:f5:95:c4:3d:ef:4a:78:b1:95:e4:f1:bb: ea:b5:1b:72:e0:23:64:a2:42:5f:bb:81:47:05:9c: 00:31:55:85:15:cd:a9:c9:d9:24:9e:35:da:5e:25: 5b:17:18:ec:83:9d:46:6c:ed:22:f4:d9:c6:81:f5: 67:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:AE:51:00:D0:25:6C:64:16:FA:B1:25:B0:3B:9A:78:91:0F:AF:D4 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS210215.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:6283:1200::/40 Signature Algorithm: sha256WithRSAEncryption 23:16:49:27:aa:4f:cf:31:ea:45:1a:c8:61:cf:6a:48:53:fe: 37:d6:4f:32:57:a9:8c:fc:c7:6b:ab:5e:c7:ae:ba:ee:b9:0e: 81:bf:c4:91:51:54:3d:3f:27:0f:ed:de:bc:de:22:d8:a9:f1: 21:66:2c:91:da:8b:91:e5:54:1a:a9:1d:37:26:cf:a2:e6:60: 2e:b9:26:04:04:af:12:fb:f1:1b:0a:ae:db:ce:01:a8:0b:c1: 50:2c:6a:18:de:0b:e0:88:fb:fa:c1:05:15:6c:e8:ff:54:21: 1b:69:8d:fd:f5:fd:16:9e:4b:3c:75:91:d0:75:a8:51:0f:2b: 01:68:8e:c3:22:0f:31:5d:4b:48:95:64:db:61:9b:77:5d:9e: bf:91:ce:c6:96:fb:ab:84:08:89:4a:78:f3:a1:b0:75:6a:55: 2d:b5:b2:d0:8e:93:df:c3:51:40:38:33:5c:57:5d:0f:4c:47: 7a:10:d2:4e:8f:1b:a6:97:b4:f9:a3:87:65:d1:fe:f0:5e:15: 31:f5:75:e7:7b:31:88:44:18:7a:68:ac:e2:5b:29:12:dd:0a: 09:c3:f2:b3:3b:c3:02:3f:4f:18:91:5f:f1:98:e6:97:01:05: 9d:fe:44:ba:e0:8c:cc:df:70:47:5d:fb:ca:18:5d:29:9a:53: e1:7c:66:18 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUTzoeVeX64PptSkLcdZZXmnkGRoEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA3MTExNzA2MDZaFw0yNjA3MTAxNzExMDZaMDMxMTAvBgNV BAMTKDI5QUU1MTAwRDAyNTZDNjQxNkZBQjEyNUIwM0I5QTc4OTEwRkFGRDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDx32gEVvG7IAzd843ezN/ciXMx hQlziZ6cvP5CR9a0FfJsp847Kk1jImwP1dGVVhw6/w1h3Jwy9RznR+i5GlltHqZr K8k1e2TOkZctSSTfahWZZRBvT9tFzKEV9X7mLEURfnB0bgZAH2PjlVxYSd7Pacx2 mjVIJFN1GYKfRVzuZ3NhBTKtxwngWLwlgzloYBmPAVlcSyEoFhusa5H6ss7yCREE lq1q94XALWAAAsT/exaPzSMUMz7zcQJLQ2TCPOnnTj5UkPWVxD3vSnixleTxu+q1 G3LgI2SiQl+7gUcFnAAxVYUVzanJ2SSeNdpeJVsXGOyDnUZs7SL02caB9Wf3AgMB AAGjggHeMIIB2jAdBgNVHQ4EFgQUKa5RANAlbGQW+rElsDuaeJEPr9QwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTAyMTUucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAq D2KDEjANBgkqhkiG9w0BAQsFAAOCAQEAIxZJJ6pPzzHqRRrIYc9qSFP+N9ZPMlep jPzHa6tex6667rkOgb/EkVFUPT8nD+3evN4i2KnxIWYskdqLkeVUGqkdNybPouZg LrkmBASvEvvxGwqu284BqAvBUCxqGN4L4Ij7+sEFFWzo/1QhG2mN/fX9Fp5LPHWR 0HWoUQ8rAWiOwyIPMV1LSJVk22Gbd12ev5HOxpb7q4QIiUp486GwdWpVLbWy0I6T 38NRQDgzXFddD0xHehDSTo8bppe0+aOHZdH+8F4VMfV153sxiEQYemis4lspEt0K CcPyszvDAj9PGJFf8ZjmlwEFnf5EuuCMzN9wR137yhhdKZpT4XxmGA== -----END CERTIFICATE-----Generated at Wed Jul 23 23:28:18 2025 by rpki-client