Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS213864.roa
File: AS213864.roa (raw, json)
Hash identifier: aGImoacl+UWQUCMy+krs+Zp1Go1KiFp+eNnVnJfQWF8=
Subject key identifier: D4:4C:B7:09:E6:A9:BD:7D:03:80:38:BB:C1:81:49:74:E0:3F:CC:05
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 2796FF90AADD4E1A8F79C066576C9CAA47DE9434
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS213864.roa
Signing time: Thu 03 Jul 2025 15:53:06 +0000
ROA not before: Thu 03 Jul 2025 15:48:06 +0000
ROA not after: Thu 02 Jul 2026 15:53:06 +0000
asID: 213864
IP address blocks: 2a05:dfc2::/32 maxlen: 32
2a06:1281:7000::/36 maxlen: 44
2a06:1281:a000::/36 maxlen: 44
2a06:1284::/32 maxlen: 32
2a09:54c6:1000::/36 maxlen: 44
2a09:54c7:4000::/36 maxlen: 44
2a09:54c7:5000::/36 maxlen: 44
2a09:54c7:6000::/36 maxlen: 44
2a09:54c7:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:96:ff:90:aa:dd:4e:1a:8f:79:c0:66:57:6c:9c:aa:47:de:94:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Jul 3 15:48:06 2025 GMT
Not After : Jul 2 15:53:06 2026 GMT
Subject: CN=D44CB709E6A9BD7D038038BBC1814974E03FCC05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:63:3a:84:59:7a:fd:5e:35:dd:99:3e:1b:84:
39:cd:ce:f7:46:64:2e:6f:ae:04:c9:2f:f1:3c:68:
5a:51:2c:f9:88:a8:68:23:2c:83:0e:7e:6b:a1:37:
cd:31:32:05:57:82:40:a6:d9:47:50:7d:8a:db:eb:
21:7e:57:2b:28:45:61:d9:9f:b9:5e:00:84:0c:98:
2e:04:e9:e7:a8:c4:ea:db:25:63:07:0c:34:c1:8e:
1e:e2:8d:44:56:9e:5f:9b:81:73:fe:6c:3b:46:b4:
46:aa:9d:53:0e:b9:db:05:10:4d:61:15:d6:50:99:
0b:58:f0:f6:38:b2:6c:a0:c4:2a:f3:a2:8d:cc:e3:
1f:14:f0:3f:21:4f:41:4b:a8:e2:7f:9d:e9:a1:37:
58:5c:30:80:57:e9:be:76:ae:b7:a4:e5:a3:3f:f7:
5c:ab:af:90:90:8b:89:da:c0:c8:86:b5:59:1f:a4:
d0:16:a4:c3:21:ac:f3:77:d4:7c:98:7b:6f:9b:89:
b5:5b:72:6a:d6:2d:2c:f3:92:7d:12:64:8b:d1:43:
ee:bd:b6:54:fc:d5:da:12:0b:8b:5c:53:03:4e:fd:
82:a7:af:ff:ec:e7:47:95:36:f0:fd:de:c1:a2:f0:
ec:9e:30:da:88:53:e9:92:df:95:a4:e9:0f:47:c5:
8c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:4C:B7:09:E6:A9:BD:7D:03:80:38:BB:C1:81:49:74:E0:3F:CC:05
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS213864.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc2::/32
2a06:1281:7000::/36
2a06:1281:a000::/36
2a06:1284::/32
2a09:54c6:1000::/36
2a09:54c7:4000::-2a09:54c7:6fff:ffff:ffff:ffff:ffff:ffff
2a09:54c7:c000::/34
Signature Algorithm: sha256WithRSAEncryption
28:b3:9d:59:ff:c6:66:15:e8:31:11:c2:3a:e0:24:b0:fa:3c:
7f:1c:50:7f:d6:ef:11:35:44:ac:00:19:06:5e:54:a2:ef:59:
31:6f:25:39:c2:bd:af:bc:54:0e:ea:86:27:82:93:13:35:9c:
0d:c9:95:78:7f:47:99:a9:78:a9:3b:9e:89:43:15:68:c4:10:
99:c0:0d:2c:94:49:c8:75:4b:15:41:5a:ec:b3:5c:fa:4c:d7:
e2:b7:68:05:57:54:ad:2a:01:ac:e2:d2:43:6e:e1:5c:fc:92:
b4:2c:d7:49:34:61:3d:0f:67:70:2f:ba:79:bc:fe:84:bc:9f:
98:38:65:ea:e8:ed:c8:5e:28:61:8a:9f:c8:fd:51:89:24:a0:
91:e7:ba:fd:0f:48:af:d8:d1:86:95:07:a5:62:98:fa:93:a1:
77:f7:df:37:e5:23:1f:6e:0a:98:9d:bc:34:ed:76:7e:8e:45:
ca:aa:30:39:e0:c0:5e:61:7c:01:d3:e5:9c:f7:98:90:d8:0e:
21:06:28:f9:8d:ee:1f:3f:02:94:ed:3e:32:c8:50:0f:d1:37:
8a:64:ce:9c:4b:19:15:be:14:6c:85:b0:a1:41:e8:5c:42:db:
69:ec:3d:cc:a5:de:54:5d:e3:3f:a0:64:c7:79:74:d4:98:5a:
3a:6a:3f:61
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUJ5b/kKrdThqPecBmV2ycqkfelDQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA3MDMxNTQ4MDZaFw0yNjA3MDIxNTUzMDZaMDMxMTAvBgNV
BAMTKEQ0NENCNzA5RTZBOUJEN0QwMzgwMzhCQkMxODE0OTc0RTAzRkNDMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDYzqEWXr9XjXdmT4bhDnNzvdG
ZC5vrgTJL/E8aFpRLPmIqGgjLIMOfmuhN80xMgVXgkCm2UdQfYrb6yF+VysoRWHZ
n7leAIQMmC4E6eeoxOrbJWMHDDTBjh7ijURWnl+bgXP+bDtGtEaqnVMOudsFEE1h
FdZQmQtY8PY4smygxCrzoo3M4x8U8D8hT0FLqOJ/nemhN1hcMIBX6b52rrek5aM/
91yrr5CQi4nawMiGtVkfpNAWpMMhrPN31HyYe2+bibVbcmrWLSzzkn0SZIvRQ+69
tlT81doSC4tcUwNO/YKnr//s50eVNvD93sGi8OyeMNqIU+mS35Wk6Q9HxYxjAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQU1Ey3CeapvX0DgDi7wYFJdOA/zAUwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTM4NjQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwWQYIKwYBBQUHAQcBAf8ESjBIMEYEAgACMEADBQAq
Bd/CAwYEKgYSgXADBgQqBhKBoAMFACoGEoQDBgQqCVTGEDAQAwYGKglUx0ADBgQq
CVTHYAMGBioJVMfAMA0GCSqGSIb3DQEBCwUAA4IBAQAos51Z/8ZmFegxEcI64CSw
+jx/HFB/1u8RNUSsABkGXlSi71kxbyU5wr2vvFQO6oYngpMTNZwNyZV4f0eZqXip
O56JQxVoxBCZwA0slEnIdUsVQVrss1z6TNfit2gFV1StKgGs4tJDbuFc/JK0LNdJ
NGE9D2dwL7p5vP6EvJ+YOGXq6O3IXihhip/I/VGJJKCR57r9D0iv2NGGlQelYpj6
k6F399835SMfbgqYnbw07XZ+jkXKqjA54MBeYXwB0+Wc95iQ2A4hBij5je4fPwKU
7T4yyFAP0TeKZM6cSxkVvhRshbChQehcQttp7D3Mpd5UXeM/oGTHeXTUmFo6aj9h
-----END CERTIFICATE-----
Generated at Sat Jul 5 02:04:09 2025 by rpki-client