Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: t036oYGg6euYVB+fsvX9lUALvEkQma+fMfvIHUvUZOQ=
Subject key identifier: 37:C6:EB:37:AF:AC:43:EB:B1:A7:51:63:74:F8:DA:20:AC:C6:1C:52
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 6599AE158895391FFE098A17FA7CA01E1B6FE7B0
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS0.roa
Signing time: Tue 07 Oct 2025 08:00:45 +0000
ROA not before: Tue 07 Oct 2025 07:55:45 +0000
ROA not after: Tue 06 Oct 2026 08:00:45 +0000
asID: 0
IP address blocks: 2a05:dfc3:f400::/40 maxlen: 40
2a06:1281::/44 maxlen: 44
2a06:1281:10::/44 maxlen: 44
2a06:1281:7000::/36 maxlen: 128
2a06:1281:a000::/36 maxlen: 128
2a09:54c5::/32 maxlen: 32
2a09:54c6:1000::/36 maxlen: 128
2a09:54c7:3000::/36 maxlen: 36
2a09:54c7:4000::/36 maxlen: 128
2a09:54c7:5000::/36 maxlen: 128
2a09:54c7:6000::/36 maxlen: 128
2a0a:6044:7200::/40 maxlen: 40
2a0a:6044:7f00::/40 maxlen: 40
2a0a:6044:aa0d::/48 maxlen: 48
2a0a:6044:aa0e::/48 maxlen: 48
2a0a:6044:c000::/40 maxlen: 40
2a0a:6044:c120::/44 maxlen: 44
2a0a:6044:c130::/44 maxlen: 44
2a0f:6283:4000::/36 maxlen: 36
2a0f:6283:5000::/36 maxlen: 36
2a0f:6284::/34 maxlen: 34
2a0f:6284:7000::/36 maxlen: 36
2a0f:6284:a000::/36 maxlen: 36
2a0f:6284:b000::/36 maxlen: 36
2a0f:6285::/32 maxlen: 32
2a0f:6287:1000::/36 maxlen: 36
2a0f:6287:2000::/36 maxlen: 36
2a0f:6287:3000::/36 maxlen: 36
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 03:37:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:99:ae:15:88:95:39:1f:fe:09:8a:17:fa:7c:a0:1e:1b:6f:e7:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Oct 7 07:55:45 2025 GMT
Not After : Oct 6 08:00:45 2026 GMT
Subject: CN=37C6EB37AFAC43EBB1A7516374F8DA20ACC61C52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:bc:9b:50:8f:65:30:98:00:96:5f:23:fc:b9:
e1:2f:4c:f2:ef:3c:60:a1:47:33:17:41:7e:47:42:
1d:7f:29:79:80:87:ad:92:fc:40:33:d8:92:62:11:
a5:0d:99:5d:2c:f1:b8:58:10:11:cb:7f:71:a4:c1:
61:29:14:53:ed:b6:19:73:9f:ec:9c:ed:da:66:5b:
0c:ab:80:56:87:d5:c2:3a:98:49:c7:ba:9a:3f:77:
f8:0b:82:6d:ca:19:63:9a:a5:3d:48:28:be:d3:f2:
3c:d7:23:88:df:18:44:58:78:07:e0:98:bd:b3:cc:
7e:18:aa:35:7c:ab:39:d2:c8:e1:44:02:55:33:40:
e6:c7:f8:a2:ee:23:a3:5e:8c:b4:ae:58:e3:53:b6:
57:0f:d1:5e:27:5d:9d:1d:08:ea:48:6e:f0:b5:45:
e9:e3:00:f1:8a:5a:eb:97:7a:ce:64:2d:c0:73:5a:
c6:ad:ef:1f:a5:96:0e:ae:c5:cd:b7:ff:8f:c3:07:
3b:85:ca:50:dd:3e:37:5f:6d:a4:71:98:cd:37:11:
81:36:17:24:3a:b1:c9:1b:9e:95:6f:10:e2:d7:3a:
30:9e:b0:33:bb:37:60:1b:80:e2:de:ac:ed:57:85:
0d:bb:c8:39:81:0e:a6:11:40:ec:c1:92:58:10:52:
76:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C6:EB:37:AF:AC:43:EB:B1:A7:51:63:74:F8:DA:20:AC:C6:1C:52
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc3:f400::/40
2a06:1281::/43
2a06:1281:7000::/36
2a06:1281:a000::/36
2a09:54c5::/32
2a09:54c6:1000::/36
2a09:54c7:3000::-2a09:54c7:6fff:ffff:ffff:ffff:ffff:ffff
2a0a:6044:7200::/40
2a0a:6044:7f00::/40
2a0a:6044:aa0d::-2a0a:6044:aa0e:ffff:ffff:ffff:ffff:ffff
2a0a:6044:c000::/40
2a0a:6044:c120::/43
2a0f:6283:4000::/35
2a0f:6284::/34
2a0f:6284:7000::/36
2a0f:6284:a000::/35
2a0f:6285::/32
2a0f:6287:1000::-2a0f:6287:3fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1a:29:00:b2:5e:37:f1:30:22:4a:cb:8f:af:03:e3:57:ce:ae:
3c:f9:34:02:26:a8:55:7a:59:cb:64:21:ab:5b:55:9d:25:62:
02:ca:88:5a:0f:2b:b1:51:64:45:51:ee:1a:c2:90:9d:b6:a1:
90:16:f7:fe:31:8d:9e:a9:45:6c:1d:57:5e:22:15:ec:76:fc:
76:7c:8e:91:72:bf:59:39:e0:e6:b0:3d:6a:c8:88:a3:84:18:
1c:2c:aa:70:10:33:80:ae:d0:64:74:62:de:c3:43:b6:5d:93:
3c:ef:d9:b2:ae:97:87:62:8f:f2:8f:59:49:75:e0:16:59:e6:
00:3d:e2:85:41:5a:e8:7f:4f:e8:45:08:30:c6:0f:87:b7:b6:
01:4e:fb:11:29:93:27:c1:6a:7d:05:21:c7:ae:25:13:6a:1e:
e3:ab:32:2e:f0:da:61:23:b4:1c:97:dd:76:4d:9a:d1:ce:98:
da:5d:88:86:25:42:3c:cf:7e:7d:c8:cb:0a:e5:68:a5:f2:07:
d0:f2:53:18:5f:f2:02:8b:7f:14:81:a3:be:35:75:46:3a:d7:
47:94:ed:8d:05:22:10:cc:75:88:ba:ec:9c:a0:b5:62:15:d8:
2e:ed:b2:66:c9:b6:32:0d:f5:8e:2b:c2:f2:4f:6a:0b:5a:bc:
8b:0d:e2:33
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIUZZmuFYiVOR/+CYoX+nygHhtv57AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTEwMDcwNzU1NDVaFw0yNjEwMDYwODAwNDVaMDMxMTAvBgNV
BAMTKDM3QzZFQjM3QUZBQzQzRUJCMUE3NTE2Mzc0RjhEQTIwQUNDNjFDNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRvJtQj2UwmACWXyP8ueEvTPLv
PGChRzMXQX5HQh1/KXmAh62S/EAz2JJiEaUNmV0s8bhYEBHLf3GkwWEpFFPtthlz
n+yc7dpmWwyrgFaH1cI6mEnHupo/d/gLgm3KGWOapT1IKL7T8jzXI4jfGERYeAfg
mL2zzH4YqjV8qznSyOFEAlUzQObH+KLuI6NejLSuWONTtlcP0V4nXZ0dCOpIbvC1
RenjAPGKWuuXes5kLcBzWsat7x+llg6uxc23/4/DBzuFylDdPjdfbaRxmM03EYE2
FyQ6sckbnpVvEOLXOjCesDO7N2AbgOLerO1XhQ27yDmBDqYRQOzBklgQUnZZAgMB
AAGjggKGMIICgjAdBgNVHQ4EFgQUN8brN6+sQ+uxp1FjdPjaIKzGHFIwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyMEoGCCsGAQUFBwELBD4wPDA6BggrBgEFBQcwC4YucnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAIwgbADBgAq
Bd/D9AMHBSoGEoEAAAMGBCoGEoFwAwYEKgYSgaADBQAqCVTFAwYEKglUxhAwEAMG
BCoJVMcwAwYEKglUx2ADBgAqCmBEcgMGACoKYER/MBIDBwAqCmBEqg0DBwAqCmBE
qg4DBgAqCmBEwAMHBSoKYETBIAMGBSoPYoNAAwYGKg9ihAADBgQqD2KEcAMGBSoP
YoSgAwUAKg9ihTAQAwYEKg9ihxADBgYqD2KHADANBgkqhkiG9w0BAQsFAAOCAQEA
GikAsl438TAiSsuPrwPjV86uPPk0AiaoVXpZy2Qhq1tVnSViAsqIWg8rsVFkRVHu
GsKQnbahkBb3/jGNnqlFbB1XXiIV7Hb8dnyOkXK/WTng5rA9asiIo4QYHCyqcBAz
gK7QZHRi3sNDtl2TPO/Zsq6Xh2KP8o9ZSXXgFlnmAD3ihUFa6H9P6EUIMMYPh7e2
AU77ESmTJ8FqfQUhx64lE2oe46syLvDaYSO0HJfddk2a0c6Y2l2IhiVCPM9+fcjL
CuVopfIH0PJTGF/yAot/FIGjvjV1RjrXR5TtjQUiEMx1iLrsnKC1YhXYLu2yZsm2
Mg31jivC8k9qC1q8iw3iMw==
-----END CERTIFICATE-----
Generated at Wed Oct 8 14:02:13 2025 by rpki-client