$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS14618.roa File: AS14618.roa (raw, json) Hash identifier: Z7MFDvCXHsltd7Mx1U1CvCNZKf89NejZkIBQMvfLsxs= Subject key identifier: 29:28:26:13:87:48:E7:58:8B:AB:22:6C:C5:7D:F7:0A:DA:58:1B:78 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 213C1BD62A4655981E2EEBD882ED47939F5E91B1 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS14618.roa Signing time: Thu 03 Jul 2025 15:53:04 +0000 ROA not before: Thu 03 Jul 2025 15:48:04 +0000 ROA not after: Thu 02 Jul 2026 15:53:04 +0000 asID: 14618 IP address blocks: 2a05:dfc3:f740::/44 maxlen: 44 2a05:dfc3:f750::/44 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Jul 2025 17:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:3c:1b:d6:2a:46:55:98:1e:2e:eb:d8:82:ed:47:93:9f:5e:91:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Jul 3 15:48:04 2025 GMT Not After : Jul 2 15:53:04 2026 GMT Subject: CN=292826138748E7588BAB226CC57DF70ADA581B78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:97:28:9c:a6:45:df:2f:f9:6d:da:b0:1d:24: 3d:52:b7:43:37:03:6c:89:64:f4:f2:0e:80:4b:1d: 7e:14:8b:9e:45:f8:30:17:22:1c:84:15:b4:99:05: 0c:0c:ec:50:d1:8c:d9:40:4e:e4:82:f3:20:f5:f5: ef:56:00:d3:2e:e7:c3:f0:22:07:0e:ce:19:64:fe: e2:f2:ea:37:88:b2:ab:2a:4e:31:34:ba:e1:f6:2b: df:5d:5a:5e:cc:9f:b7:3a:b2:26:f1:f0:53:04:c6: 59:89:94:55:14:08:32:cd:aa:cc:89:4f:9e:35:a8: ff:1a:1e:23:3d:a6:5f:93:44:4e:f4:99:2b:cf:62: 14:b7:ad:29:7f:90:be:ae:f7:c5:60:39:37:4d:ad: 1e:68:44:41:a2:c2:a7:9c:ca:50:74:74:a5:ad:d3: c2:98:bf:87:a6:a5:5d:f6:51:88:9a:3d:da:03:0f: c9:f6:8d:ff:df:71:6a:fb:35:4b:d2:da:8e:c3:27: 13:83:82:e8:bc:66:cf:b2:87:39:f5:79:ee:92:f8: 91:e2:6d:31:1e:73:26:d2:00:b0:92:73:45:af:a2: a9:18:b9:4b:13:13:87:5b:8d:19:b5:d1:b6:69:cf: 15:b9:df:14:aa:5c:6a:44:14:81:2d:e3:d1:cf:15: fc:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:28:26:13:87:48:E7:58:8B:AB:22:6C:C5:7D:F7:0A:DA:58:1B:78 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS14618.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f740::/43 Signature Algorithm: sha256WithRSAEncryption 3d:36:cb:52:b5:a9:2b:97:80:1c:50:6c:22:a2:a7:8d:51:93: cc:c3:4b:da:90:ff:70:79:6a:7b:4c:20:28:e1:d3:cc:59:4c: da:d5:cd:78:a4:5b:68:27:3a:64:44:e5:6a:ea:e2:07:9e:c1: b2:1d:96:52:e2:67:1a:31:90:36:ce:71:3d:16:ec:14:92:f7: 46:e2:61:59:a1:fd:2c:0b:76:3c:71:fe:d6:6c:ec:d6:39:a6: 0d:2f:82:4e:bc:03:d8:0d:03:c3:35:81:9e:18:b3:a3:e4:df: af:8e:a6:0a:c1:d5:73:86:b0:ce:41:ab:c4:f6:a9:63:9a:0b: 16:8b:fe:d4:52:75:e9:7b:c6:ff:b2:87:36:40:99:d1:9a:63: 91:b8:39:84:73:97:ea:af:60:72:1c:33:b1:d6:78:d6:ac:36: f6:54:8b:99:40:c4:9e:dd:f4:00:7f:7a:b5:40:34:06:75:bf: 9a:02:fc:a2:18:df:6f:03:75:1c:5c:d0:54:60:00:e0:9d:25: 74:ef:89:aa:7d:ac:6b:1c:19:62:50:47:28:ed:16:63:3a:cd: 29:b2:21:04:ce:34:93:5b:e6:cd:f5:66:14:a5:6f:a6:c4:a3: be:7f:90:a1:d2:c6:01:be:2e:f4:31:9d:37:7b:d1:3b:96:ac: 10:59:fc:5d -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUITwb1ipGVZgeLuvYgu1Hk59ekbEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA3MDMxNTQ4MDRaFw0yNjA3MDIxNTUzMDRaMDMxMTAvBgNV BAMTKDI5MjgyNjEzODc0OEU3NTg4QkFCMjI2Q0M1N0RGNzBBREE1ODFCNzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwlyicpkXfL/lt2rAdJD1St0M3 A2yJZPTyDoBLHX4Ui55F+DAXIhyEFbSZBQwM7FDRjNlATuSC8yD19e9WANMu58Pw IgcOzhlk/uLy6jeIsqsqTjE0uuH2K99dWl7Mn7c6sibx8FMExlmJlFUUCDLNqsyJ T541qP8aHiM9pl+TRE70mSvPYhS3rSl/kL6u98VgOTdNrR5oREGiwqecylB0dKWt 08KYv4empV32UYiaPdoDD8n2jf/fcWr7NUvS2o7DJxODgui8Zs+yhzn1ee6S+JHi bTEecybSALCSc0WvoqkYuUsTE4dbjRm10bZpzxW53xSqXGpEFIEt49HPFfwJAgMB AAGjggHeMIIB2jAdBgNVHQ4EFgQUKSgmE4dI51iLqyJsxX33CtpYG3gwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMxNDYxOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBSoF 38P3QDANBgkqhkiG9w0BAQsFAAOCAQEAPTbLUrWpK5eAHFBsIqKnjVGTzMNL2pD/ cHlqe0wgKOHTzFlM2tXNeKRbaCc6ZETlauriB57Bsh2WUuJnGjGQNs5xPRbsFJL3 RuJhWaH9LAt2PHH+1mzs1jmmDS+CTrwD2A0DwzWBnhizo+Tfr46mCsHVc4awzkGr xPapY5oLFov+1FJ16XvG/7KHNkCZ0Zpjkbg5hHOX6q9gchwzsdZ41qw29lSLmUDE nt30AH96tUA0BnW/mgL8ohjfbwN1HFzQVGAA4J0ldO+Jqn2saxwZYlBHKO0WYzrN KbIhBM40k1vmzfVmFKVvpsSjvn+QodLGAb4u9DGdN3vRO5asEFn8XQ== -----END CERTIFICATE-----Generated at Sat Jul 5 02:04:06 2025 by rpki-client