Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: xWXq+N0zj4d/C2hR9fGh/DBpC89tbSLZXdY/iRVYbjY=
Subject key identifier: FB:74:FF:DD:00:64:A4:19:01:96:96:B0:DE:08:47:5B:07:DE:FA:06
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 7BF024FAA674AB7614F280C740768ABAC7694BCB
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS0.roa
Signing time: Mon 18 Aug 2025 15:58:59 +0000
ROA not before: Mon 18 Aug 2025 15:53:59 +0000
ROA not after: Mon 17 Aug 2026 15:58:59 +0000
asID: 0
IP address blocks: 2a05:dfc3:f400::/40 maxlen: 40
2a06:1281:7000::/36 maxlen: 128
2a06:1281:9000::/36 maxlen: 36
2a06:1281:a000::/36 maxlen: 128
2a09:54c6:1000::/36 maxlen: 128
2a09:54c7:3000::/36 maxlen: 36
2a09:54c7:4000::/36 maxlen: 128
2a09:54c7:5000::/36 maxlen: 128
2a09:54c7:6000::/36 maxlen: 128
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 20 Aug 2025 21:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:f0:24:fa:a6:74:ab:76:14:f2:80:c7:40:76:8a:ba:c7:69:4b:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Aug 18 15:53:59 2025 GMT
Not After : Aug 17 15:58:59 2026 GMT
Subject: CN=FB74FFDD0064A419019696B0DE08475B07DEFA06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d3:b3:20:58:0e:f1:62:5a:d3:c6:3b:7c:86:
e6:a1:90:81:8a:1f:1b:a6:14:20:98:f7:4f:3c:60:
32:57:8a:b0:c6:30:4c:22:35:b9:b3:12:82:b3:ab:
77:9d:e2:75:94:c3:fb:cf:38:9a:89:88:b2:02:47:
66:2d:fb:f7:1b:ea:0f:6a:89:05:0d:00:9e:09:74:
16:04:be:1d:4d:ce:b8:61:9e:06:51:a6:a7:1d:32:
a8:da:a6:51:a2:15:de:98:04:e4:a2:57:47:e0:cc:
11:21:c8:d3:f4:15:e1:5d:7a:dc:c6:26:84:a2:7f:
11:0d:ac:e0:50:57:02:00:be:0e:bb:e8:94:82:b6:
33:f5:8a:07:0c:e8:4a:c7:c5:02:ea:b6:c7:c3:36:
56:04:c1:b8:33:f0:10:1a:6d:7c:9b:9e:ef:b1:8f:
10:90:12:c0:f0:90:42:fe:72:89:21:a0:cb:c3:5c:
a4:68:a2:17:9b:ec:1a:31:50:4d:87:89:67:08:5c:
b8:cc:93:fb:ef:f9:63:ad:04:11:5f:7e:23:8a:6a:
65:ee:43:58:c9:5f:bf:b1:5b:ac:92:a4:b1:dc:b9:
7b:2e:8d:72:28:d0:3f:cf:66:77:81:e4:2c:0e:69:
cb:a7:14:a4:2c:91:64:87:5f:a2:b6:ce:df:18:1b:
41:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:74:FF:DD:00:64:A4:19:01:96:96:B0:DE:08:47:5B:07:DE:FA:06
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc3:f400::/40
2a06:1281:7000::/36
2a06:1281:9000::-2a06:1281:afff:ffff:ffff:ffff:ffff:ffff
2a09:54c6:1000::/36
2a09:54c7:3000::-2a09:54c7:6fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6a:ca:6d:c1:48:0a:05:40:98:c6:1c:d2:1c:fe:af:39:18:d3:
15:9b:7b:ba:04:b9:4c:78:16:19:97:b8:a2:18:93:d7:ee:96:
0b:03:fe:37:8d:f3:59:38:4e:66:1f:98:29:0d:de:eb:2e:7e:
3f:26:49:08:b7:2e:8f:62:8c:8c:e0:82:2c:38:92:56:25:50:
d7:29:69:71:e3:99:16:d8:3a:b4:b5:d5:07:65:29:b3:20:3c:
ff:a1:30:c4:7a:50:37:54:3b:bc:14:81:dd:25:f2:2e:4e:f3:
d1:f8:b6:23:f2:ff:eb:f3:15:89:ea:4c:3f:cf:aa:e5:e0:1e:
97:22:39:02:60:50:22:6d:95:ac:b3:a3:bf:b9:c0:1d:cf:d5:
17:29:9c:f9:96:63:34:89:0d:88:71:c1:02:10:0e:35:1a:ef:
69:d2:f3:0a:3f:04:98:fa:01:33:b0:ca:f2:cc:8e:ff:ae:1d:
fe:49:1f:26:9b:b2:b1:12:bc:a7:98:cd:ea:9b:c3:55:c9:6a:
a4:8d:0d:6a:c7:64:1e:a8:c5:8e:42:57:ff:3c:6c:5f:b5:e0:
0c:a6:ea:a3:1a:eb:5b:c9:a8:cc:2e:b1:8e:32:54:19:66:8c:
fd:84:58:a1:f6:fa:01:46:5a:d4:44:ad:c8:99:d3:e8:36:ea:
3e:d8:c7:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUe/Ak+qZ0q3YU8oDHQHaKusdpS8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA4MTgxNTUzNTlaFw0yNjA4MTcxNTU4NTlaMDMxMTAvBgNV
BAMTKEZCNzRGRkREMDA2NEE0MTkwMTk2OTZCMERFMDg0NzVCMDdERUZBMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK07MgWA7xYlrTxjt8huahkIGK
HxumFCCY9088YDJXirDGMEwiNbmzEoKzq3ed4nWUw/vPOJqJiLICR2Yt+/cb6g9q
iQUNAJ4JdBYEvh1NzrhhngZRpqcdMqjaplGiFd6YBOSiV0fgzBEhyNP0FeFdetzG
JoSifxENrOBQVwIAvg676JSCtjP1igcM6ErHxQLqtsfDNlYEwbgz8BAabXybnu+x
jxCQEsDwkEL+cokhoMvDXKRooheb7BoxUE2HiWcIXLjMk/vv+WOtBBFffiOKamXu
Q1jJX7+xW6ySpLHcuXsujXIo0D/PZneB5CwOacunFKQskWSHX6K2zt8YG0F/AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU+3T/3QBkpBkBlpaw3ghHWwfe+gYwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyMEoGCCsGAQUFBwELBD4wPDA6BggrBgEFBQcwC4YucnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAAjA8AwYAKgXfw/QD
BgQqBhKBcDAQAwYEKgYSgZADBgQqBhKBoAMGBCoJVMYQMBADBgQqCVTHMAMGBCoJ
VMdgMA0GCSqGSIb3DQEBCwUAA4IBAQBqym3BSAoFQJjGHNIc/q85GNMVm3u6BLlM
eBYZl7iiGJPX7pYLA/43jfNZOE5mH5gpDd7rLn4/JkkIty6PYoyM4IIsOJJWJVDX
KWlx45kW2Dq0tdUHZSmzIDz/oTDEelA3VDu8FIHdJfIuTvPR+LYj8v/r8xWJ6kw/
z6rl4B6XIjkCYFAibZWss6O/ucAdz9UXKZz5lmM0iQ2IccECEA41Gu9p0vMKPwSY
+gEzsMryzI7/rh3+SR8mm7KxErynmM3qm8NVyWqkjQ1qx2QeqMWOQlf/PGxfteAM
puqjGutbyajMLrGOMlQZZoz9hFih9voBRlrURK3ImdPoNuo+2MdZ
-----END CERTIFICATE-----
Generated at Wed Aug 20 14:28:11 2025 by rpki-client