$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS213576.roa File: AS213576.roa (raw, json) Hash identifier: E8T0hcvPRkFEjke1Yk9BCXtaZYXHbCB4pvu9t9uBg9g= Subject key identifier: 8A:71:DE:AA:2C:FA:9C:4F:7C:BC:93:D8:9C:EF:FA:81:21:DE:94:8F Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 1BB193D5A2D24CCD907590FFFBF55BF8285231FC Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS213576.roa Signing time: Sat 06 Sep 2025 13:55:29 +0000 ROA not before: Sat 06 Sep 2025 13:50:29 +0000 ROA not after: Sat 05 Sep 2026 13:55:29 +0000 asID: 213576 IP address blocks: 2a05:dfc3:fe00::/40 maxlen: 40 2a05:dfc3:fe00::/40 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 09 Oct 2025 13:21:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:b1:93:d5:a2:d2:4c:cd:90:75:90:ff:fb:f5:5b:f8:28:52:31:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Sep 6 13:50:29 2025 GMT Not After : Sep 5 13:55:29 2026 GMT Subject: CN=8A71DEAA2CFA9C4F7CBC93D89CEFFA8121DE948F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:49:3b:a4:3c:26:a0:f6:04:f2:33:30:cc:bd: 55:88:7b:9b:ca:7c:f2:da:71:34:67:5e:1b:fb:f6: cb:aa:76:f3:30:71:64:b6:cc:59:a6:4c:23:2b:3b: 57:d4:15:7d:e4:26:05:5f:e4:da:2a:98:cb:6a:be: c6:44:7a:bd:fa:22:e7:c8:e3:d7:64:61:74:55:7b: ef:97:8f:bd:51:bf:06:c9:5a:c5:b2:28:51:6c:a4: 48:70:99:e3:ef:4b:75:6e:23:9e:81:11:14:91:ca: 4d:5f:25:9e:f4:72:f5:bd:f5:b0:66:b2:d9:f5:30: 80:2f:7a:18:c8:28:0a:b9:8d:fb:df:d5:c0:82:1c: 95:23:cb:49:9d:04:b5:a3:b4:1f:5d:a4:6c:07:f6: ab:4d:1b:66:9d:f7:57:91:ee:bc:ab:3e:e7:32:14: 34:78:15:08:d2:80:b6:3d:28:96:de:41:30:9b:a7: 64:87:93:7d:01:ba:86:f6:5a:10:a6:5c:8d:d8:4b: 22:13:a6:b5:e7:85:83:48:7b:7e:a2:f0:83:0e:46: c1:ed:f3:de:24:51:90:92:1e:6e:65:a9:ca:75:9f: 06:5c:38:c0:b6:a5:56:72:83:4f:f1:ae:6f:0f:bb: 41:05:d1:2c:b1:09:c2:ac:e8:90:12:3b:72:71:61: da:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:71:DE:AA:2C:FA:9C:4F:7C:BC:93:D8:9C:EF:FA:81:21:DE:94:8F X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS213576.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:fe00::/40 Signature Algorithm: sha256WithRSAEncryption 5a:08:6d:06:b1:d6:5e:26:67:cd:cc:75:24:62:86:98:57:10: e5:b7:78:93:39:79:72:cf:0c:7b:14:3e:95:67:18:5e:46:eb: 27:0c:7c:0e:ac:c7:30:1c:59:38:dc:76:ac:7f:ed:96:23:10: 17:b1:76:74:b5:1b:54:7a:9a:5b:f7:09:bf:3a:56:66:3a:bc: 59:31:8a:89:5d:6e:64:4a:2b:d4:cc:2a:57:97:06:a8:2c:6b: 75:04:a3:a2:95:6e:38:91:a9:68:a0:cf:1e:61:c9:d3:52:71: d2:20:b2:df:ee:da:ee:67:53:5a:05:97:c8:64:bc:23:c2:70: de:95:9f:9d:5a:23:4f:6a:06:c2:2a:e0:9d:f9:37:5c:6a:7f: 62:b4:74:4e:d6:e9:01:da:f1:bf:1e:c8:7e:ef:36:fe:74:a9: 66:e5:d2:21:ed:ff:da:c7:85:93:d8:e2:9c:98:9f:51:93:0c: 0a:c5:9c:d8:c6:0c:3d:49:65:94:f2:5a:20:4d:34:af:4c:83: 39:92:eb:c5:3b:38:aa:32:f8:f8:a3:62:3a:3c:aa:57:f8:53: c4:2d:50:ef:2e:5d:4c:bc:89:92:87:37:fe:2d:48:6f:f0:e3: 2e:39:4b:f7:f0:c1:a3:45:09:f7:8b:18:c5:28:24:ec:40:a3: d5:af:db:5f -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUG7GT1aLSTM2QdZD/+/Vb+ChSMfwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA5MDYxMzUwMjlaFw0yNjA5MDUxMzU1MjlaMDMxMTAvBgNV BAMTKDhBNzFERUFBMkNGQTlDNEY3Q0JDOTNEODlDRUZGQTgxMjFERTk0OEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiSTukPCag9gTyMzDMvVWIe5vK fPLacTRnXhv79suqdvMwcWS2zFmmTCMrO1fUFX3kJgVf5NoqmMtqvsZEer36IufI 49dkYXRVe++Xj71RvwbJWsWyKFFspEhwmePvS3VuI56BERSRyk1fJZ70cvW99bBm stn1MIAvehjIKAq5jfvf1cCCHJUjy0mdBLWjtB9dpGwH9qtNG2ad91eR7ryrPucy FDR4FQjSgLY9KJbeQTCbp2SHk30Buob2WhCmXI3YSyITprXnhYNIe36i8IMORsHt 894kUZCSHm5lqcp1nwZcOMC2pVZyg0/xrm8Pu0EF0SyxCcKs6JASO3JxYdqzAgMB AAGjggHeMIIB2jAdBgNVHQ4EFgQUinHeqiz6nE98vJPYnO/6gSHelI8wHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTM1NzYucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAq Bd/D/jANBgkqhkiG9w0BAQsFAAOCAQEAWghtBrHWXiZnzcx1JGKGmFcQ5bd4kzl5 cs8MexQ+lWcYXkbrJwx8DqzHMBxZONx2rH/tliMQF7F2dLUbVHqaW/cJvzpWZjq8 WTGKiV1uZEor1MwqV5cGqCxrdQSjopVuOJGpaKDPHmHJ01Jx0iCy3+7a7mdTWgWX yGS8I8Jw3pWfnVojT2oGwirgnfk3XGp/YrR0TtbpAdrxvx7Ifu82/nSpZuXSIe3/ 2seFk9jinJifUZMMCsWc2MYMPUlllPJaIE00r0yDOZLrxTs4qjL4+KNiOjyqV/hT xC1Q7y5dTLyJkoc3/i1Ib/DjLjlL9/DBo0UJ94sYxSgk7ECj1a/bXw== -----END CERTIFICATE-----Generated at Wed Oct 8 17:36:23 2025 by rpki-client