This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: bTV5O0aFpy0iMhXRpKB+Y+Fy8cuDfKubSgrduRWlDxo= Subject key identifier: 33:30:60:D6:B4:24:E6:2C:88:E5:DA:45:D6:E0:44:97:29:A3:B1:67 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 28EB48AC29C294A7E802DE774F69F479CD55C12C Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa Signing time: Fri 26 Dec 2025 17:41:32 +0000 ROA not before: Fri 26 Dec 2025 17:36:32 +0000 ROA not after: Fri 25 Dec 2026 17:41:32 +0000 asID: 16509 IP address blocks: 2a05:dfc3:f740::/44 maxlen: 44 2a05:dfc3:f750::/44 maxlen: 48 2a0f:6284:41fe::/48 maxlen: 48 2a0f:6284:4c00::/40 maxlen: 48 2a0f:6284:4c50::/44 maxlen: 48 2a0f:6284:4c60::/44 maxlen: 48 2a0f:6284:4c80::/44 maxlen: 48 2a0f:6284:4c90::/44 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 06:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:eb:48:ac:29:c2:94:a7:e8:02:de:77:4f:69:f4:79:cd:55:c1:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Dec 26 17:36:32 2025 GMT Not After : Dec 25 17:41:32 2026 GMT Subject: CN=333060D6B424E62C88E5DA45D6E0449729A3B167 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:11:54:df:2e:04:f0:04:f0:06:e3:bd:d5:18: fa:25:89:2c:e3:d5:09:9b:ff:48:80:55:22:38:30: f6:e1:d7:4a:c6:82:08:a2:ba:29:10:3a:86:57:ab: a4:84:80:ba:8d:d8:df:40:61:ac:37:03:e9:79:1c: 40:9a:39:1c:ba:ed:7b:11:e9:96:e8:41:a1:09:74: f8:08:1f:ca:96:85:f5:dc:94:80:78:76:0a:3a:6f: 25:3e:94:cc:1d:e2:ab:7a:e2:0c:ac:02:47:b6:d2: 9a:aa:7b:95:55:6d:81:3d:ba:e6:d7:dd:46:fd:53: 3e:8a:12:c8:a5:ef:c3:41:4f:89:c8:c1:c2:b7:a0: ca:ce:8c:d9:18:ce:f1:76:06:cb:72:55:3c:ae:b2: 8a:ba:53:8d:3f:1d:6c:ff:5b:58:cc:f8:aa:e3:b3: d3:2d:00:29:7d:ee:31:f1:0d:ef:f7:0c:9a:1a:e1: b0:50:8a:f3:06:47:3a:0e:08:61:4e:36:19:73:e2: 9b:b2:a1:63:00:d5:0b:ae:44:a5:56:0b:68:f6:67: c8:54:6c:69:49:01:12:19:61:6c:ec:3f:c5:da:71: ab:ad:11:4c:ae:da:74:f5:68:2f:b8:5c:3e:f4:9b: 6f:8b:01:7b:dc:a5:74:37:34:d6:bb:e0:e7:37:cd: d3:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:30:60:D6:B4:24:E6:2C:88:E5:DA:45:D6:E0:44:97:29:A3:B1:67 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f740::/43 2a0f:6284:41fe::/48 2a0f:6284:4c00::/40 Signature Algorithm: sha256WithRSAEncryption 7c:97:ff:03:60:39:e8:bb:d1:a5:3b:12:eb:e6:c3:63:ec:25: 43:49:62:f2:f2:d1:28:36:92:33:30:cc:87:a9:72:4b:aa:18: fe:5a:d8:93:7f:14:fb:a1:07:c9:f8:53:e7:41:96:07:57:93: da:bb:61:38:24:d0:68:2a:03:6d:b3:6d:95:de:76:54:5a:d5: 8f:47:4a:65:f0:2b:fa:16:a9:04:5d:dc:51:e1:ce:fd:ee:8c: 00:f2:62:36:a4:76:3a:bf:89:07:c7:e9:97:dd:12:db:b2:5d: d3:c0:aa:5b:ad:49:c5:ae:73:89:29:62:cc:6b:01:e1:2c:fc: 64:5d:7c:d8:e0:77:f8:55:79:61:2b:62:f1:45:44:15:f4:44: f3:08:54:7f:e5:df:6f:24:8a:05:a5:a6:0a:57:e1:0d:d3:08: f6:77:1d:ae:ed:d1:97:03:67:a7:99:cb:8c:7e:14:c0:02:42: ca:40:9e:56:42:b5:4b:ea:9b:90:1c:7f:a6:b5:91:3a:9a:f4: d0:3d:63:f3:3e:ce:09:47:02:94:78:fd:f8:c2:72:62:f2:28: 85:97:28:fa:4b:45:97:e1:79:89:e7:84:2b:bc:2a:77:e3:31: e7:b2:63:c8:26:98:6b:65:18:07:a3:a0:54:77:c9:4d:e7:6b: 3b:12:e3:b4 -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgIUKOtIrCnClKfoAt53T2n0ec1VwSwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTEyMjYxNzM2MzJaFw0yNjEyMjUxNzQxMzJaMDMxMTAvBgNV BAMTKDMzMzA2MEQ2QjQyNEU2MkM4OEU1REE0NUQ2RTA0NDk3MjlBM0IxNjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQEVTfLgTwBPAG473VGPoliSzj 1Qmb/0iAVSI4MPbh10rGggiiuikQOoZXq6SEgLqN2N9AYaw3A+l5HECaORy67XsR 6ZboQaEJdPgIH8qWhfXclIB4dgo6byU+lMwd4qt64gysAke20pqqe5VVbYE9uubX 3Ub9Uz6KEsil78NBT4nIwcK3oMrOjNkYzvF2BstyVTyusoq6U40/HWz/W1jM+Krj s9MtACl97jHxDe/3DJoa4bBQivMGRzoOCGFONhlz4puyoWMA1QuuRKVWC2j2Z8hU bGlJARIZYWzsP8XacautEUyu2nT1aC+4XD70m2+LAXvcpXQ3NNa74Oc3zdMTAgMB AAGjggHvMIIB6zAdBgNVHQ4EFgQUMzBg1rQk5iyI5dpF1uBElymjsWcwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMxNjUwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAIwGgMHBSoF 38P3QAMHACoPYoRB/gMGACoPYoRMMA0GCSqGSIb3DQEBCwUAA4IBAQB8l/8DYDno u9GlOxLr5sNj7CVDSWLy8tEoNpIzMMyHqXJLqhj+WtiTfxT7oQfJ+FPnQZYHV5Pa u2E4JNBoKgNts22V3nZUWtWPR0pl8Cv6FqkEXdxR4c797owA8mI2pHY6v4kHx+mX 3RLbsl3TwKpbrUnFrnOJKWLMawHhLPxkXXzY4Hf4VXlhK2LxRUQV9ETzCFR/5d9v JIoFpaYKV+EN0wj2dx2u7dGXA2enmcuMfhTAAkLKQJ5WQrVL6puQHH+mtZE6mvTQ PWPzPs4JRwKUeP34wnJi8iiFlyj6S0WX4XmJ54QrvCp34zHnsmPIJphrZRgHo6BU d8lN52s7EuO0 -----END CERTIFICATE-----Generated at Sat Jan 10 14:24:11 2026 by rpki-client