$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS213535.roa File: AS213535.roa (raw, json) Hash identifier: g6wE+mXD6DpNyo/9mn0DyouLJN0pne7S3dr0lZDPi9U= Subject key identifier: 2D:19:EF:18:E1:BA:2D:26:0D:D4:87:1C:ED:79:A2:2E:33:2F:91:BF Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 42492CD02464E1F9322860E386BF10C0DDF4A9D8 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS213535.roa Signing time: Thu 09 Apr 2026 12:36:29 +0000 ROA not before: Thu 09 Apr 2026 12:31:29 +0000 ROA not after: Thu 08 Apr 2027 12:36:29 +0000 asID: 213535 IP address blocks: 2a0f:6284:50::/48 maxlen: 48 2a0f:6284:60::/48 maxlen: 48 2a0f:6284:62::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 10 Apr 2026 13:53:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:49:2c:d0:24:64:e1:f9:32:28:60:e3:86:bf:10:c0:dd:f4:a9:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Apr 9 12:31:29 2026 GMT Not After : Apr 8 12:36:29 2027 GMT Subject: CN=2D19EF18E1BA2D260DD4871CED79A22E332F91BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:1c:2c:24:80:ec:65:bc:d7:96:9c:a8:cc:95: c5:ac:89:8e:6f:7b:da:29:ba:35:b4:91:90:6d:cf: 54:4c:e1:c0:22:b6:36:5d:6e:76:d1:4b:38:3e:78: 9c:a7:69:ce:33:84:99:fb:e5:45:e6:bf:06:7b:c8: ab:26:b9:81:eb:39:87:b8:de:e4:23:97:9c:7d:81: 74:c1:53:4d:57:9e:73:25:6a:31:32:38:e1:e4:6d: f8:16:cc:55:0c:4f:0a:2b:10:53:0b:9a:e6:e9:79: 48:e5:b7:bf:f1:e3:1d:73:c4:65:b8:e0:27:0a:fe: e3:2b:3f:5c:3b:e8:5e:84:89:23:e1:a2:e4:40:25: 4e:6e:cd:9a:2a:ad:ca:4d:a7:75:16:2e:2e:38:c1: b5:cf:79:98:dc:26:cf:c1:a8:0d:17:f7:47:78:7e: bd:07:97:f7:a2:c5:77:57:0f:58:91:7d:41:98:48: c7:31:b5:e5:55:49:7a:58:38:d3:12:a9:f6:b0:5d: a5:4f:67:74:03:34:1f:66:55:17:ea:ef:12:e3:07: 29:99:ce:27:8d:77:2b:bd:5a:53:4b:64:ee:88:45: 14:fd:29:e9:1f:2e:12:08:e6:b1:b3:85:5f:1f:75: 20:88:e6:c7:06:83:8a:58:c0:fd:72:9d:1a:f6:b0: e4:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:19:EF:18:E1:BA:2D:26:0D:D4:87:1C:ED:79:A2:2E:33:2F:91:BF X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS213535.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:6284:50::/48 2a0f:6284:60::/48 2a0f:6284:62::/48 Signature Algorithm: sha256WithRSAEncryption 5f:c3:94:9f:25:29:ff:4d:3d:cf:06:f6:f5:66:0c:c5:b4:aa: 9d:f0:cd:0d:d8:d4:9e:c7:0b:70:ae:bf:fa:e5:16:aa:d4:92: 88:fa:4b:87:3e:72:80:57:3b:fe:0f:73:12:ec:f8:0f:ac:25: a1:49:8d:93:47:36:7e:0d:33:fb:ec:60:81:9a:c5:4f:ce:a2: 02:41:97:9f:e7:e2:db:29:a3:6b:83:13:7d:65:9b:99:62:bf: 2d:eb:90:ce:0b:e7:de:4a:80:79:d7:fe:b9:a4:5b:ce:ab:8a: e1:91:f5:2f:26:77:75:8b:bd:16:b1:8a:fe:6e:e6:67:57:49: 05:b2:65:89:82:ce:8e:c8:4e:30:d6:fd:99:ff:7e:06:54:72: 0a:c5:2e:ee:89:fa:c1:c5:c8:34:de:74:56:5c:b6:88:1d:56: ab:2e:43:3f:37:07:3e:76:26:98:ba:98:3f:15:75:1b:33:5b: 29:81:e7:74:cb:68:84:ea:d8:79:54:e0:6f:d8:40:b2:90:56: 35:c9:28:67:66:f5:f7:f0:a6:8c:41:74:17:aa:ba:e4:5f:cb: ff:8d:bc:83:19:d4:c2:89:e8:8a:34:31:61:74:28:c5:67:e2: 56:26:20:e0:8f:87:c9:f5:ed:3e:94:ed:05:a8:47:2f:e0:60: be:6f:2f:50 -----BEGIN CERTIFICATE----- MIIE5zCCA8+gAwIBAgIUQkks0CRk4fkyKGDjhr8QwN30qdgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNjA0MDkxMjMxMjlaFw0yNzA0MDgxMjM2MjlaMDMxMTAvBgNV BAMTKDJEMTlFRjE4RTFCQTJEMjYwREQ0ODcxQ0VENzlBMjJFMzMyRjkxQkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0HCwkgOxlvNeWnKjMlcWsiY5v e9opujW0kZBtz1RM4cAitjZdbnbRSzg+eJynac4zhJn75UXmvwZ7yKsmuYHrOYe4 3uQjl5x9gXTBU01XnnMlajEyOOHkbfgWzFUMTworEFMLmubpeUjlt7/x4x1zxGW4 4CcK/uMrP1w76F6EiSPhouRAJU5uzZoqrcpNp3UWLi44wbXPeZjcJs/BqA0X90d4 fr0Hl/eixXdXD1iRfUGYSMcxteVVSXpYONMSqfawXaVPZ3QDNB9mVRfq7xLjBymZ zieNdyu9WlNLZO6IRRT9KekfLhII5rGzhV8fdSCI5scGg4pYwP1ynRr2sOSFAgMB AAGjggHxMIIB7TAdBgNVHQ4EFgQULRnvGOG6LSYN1Icc7XmiLjMvkb8wHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTM1MzUucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMCEEAgACMBsDBwAq D2KEAFADBwAqD2KEAGADBwAqD2KEAGIwDQYJKoZIhvcNAQELBQADggEBAF/DlJ8l Kf9NPc8G9vVmDMW0qp3wzQ3Y1J7HC3Cuv/rlFqrUkoj6S4c+coBXO/4PcxLs+A+s JaFJjZNHNn4NM/vsYIGaxU/OogJBl5/n4tspo2uDE31lm5livy3rkM4L595KgHnX /rmkW86riuGR9S8md3WLvRaxiv5u5mdXSQWyZYmCzo7ITjDW/Zn/fgZUcgrFLu6J +sHFyDTedFZctogdVqsuQz83Bz52Jpi6mD8VdRszWymB53TLaITq2HlU4G/YQLKQ VjXJKGdm9ffwpoxBdBequuRfy/+NvIMZ1MKJ6Io0MWF0KMVn4lYmIOCPh8n17T6U 7QWoRy/gYL5vL1A= -----END CERTIFICATE-----Generated at Thu Apr 9 22:16:16 2026 by rpki-client