$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS214223.roa File: AS214223.roa (raw, json) Hash identifier: 2hxJsjZCBH8amSbbf/crekVyR3uQ6ubq0P57QVOZhXg= Subject key identifier: 66:BE:49:F3:6A:D7:24:66:6E:3A:F5:E6:F4:53:27:3E:54:86:00:C2 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 7F86C395104D29DFB4B32C93814024441D6CF674 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS214223.roa Signing time: Thu 03 Jul 2025 15:53:05 +0000 ROA not before: Thu 03 Jul 2025 15:48:05 +0000 ROA not after: Thu 02 Jul 2026 15:53:05 +0000 asID: 214223 IP address blocks: 2a05:dfc3:fa00::/40 maxlen: 48 2a0a:6044:6400::/40 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Jul 2025 17:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:86:c3:95:10:4d:29:df:b4:b3:2c:93:81:40:24:44:1d:6c:f6:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Jul 3 15:48:05 2025 GMT Not After : Jul 2 15:53:05 2026 GMT Subject: CN=66BE49F36AD724666E3AF5E6F453273E548600C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c9:c8:d6:ac:dd:52:a8:94:58:8a:b2:9d:aa: 98:1d:ee:67:c7:b2:62:f0:20:99:37:be:b9:dc:36: 8b:4b:dc:94:95:51:e0:b8:91:e8:ab:dc:06:2b:4a: 41:ab:14:cd:90:29:c4:a8:08:09:66:df:63:c4:bc: 5c:b5:02:1c:c9:1f:c9:84:19:4a:67:61:ac:d5:69: 1d:09:b4:1c:2e:1d:9e:12:2a:69:9b:50:c6:3a:8a: 39:94:2f:75:ee:d1:5e:e4:24:ba:7b:e2:f4:a9:1c: 96:c9:36:88:56:73:b3:83:fd:f3:0e:2c:1f:bd:7a: 77:09:28:90:39:0a:c1:18:9f:ce:63:2a:27:02:60: 07:11:fa:a1:e9:00:8e:cc:9f:89:a0:ed:d5:ea:f2: fd:2b:74:0a:49:16:1b:02:e7:89:54:d8:3c:51:5d: a6:bb:93:76:d5:9e:dc:66:f9:16:78:67:ff:ea:24: dc:45:1a:86:f5:d8:21:d0:f7:0c:72:fa:62:ea:23: 91:7c:ae:d1:3f:77:f0:af:a5:65:45:01:a9:27:3d: 66:3a:5d:1a:b1:7f:73:56:71:a0:c1:07:e2:7d:f4: 0b:be:11:9f:27:e8:3e:8b:0f:51:e9:ce:03:3d:36: 60:e4:95:39:dc:cc:c0:08:ff:31:c9:7a:f7:93:3d: 1b:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:BE:49:F3:6A:D7:24:66:6E:3A:F5:E6:F4:53:27:3E:54:86:00:C2 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS214223.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:fa00::/40 2a0a:6044:6400::/40 Signature Algorithm: sha256WithRSAEncryption 6a:60:5b:72:7c:81:de:be:2a:43:ba:15:5e:67:4e:71:33:48: cf:d7:ac:b6:71:b1:c7:bc:79:00:84:49:66:41:19:37:c2:36: c6:2e:3f:27:96:aa:6d:0e:75:42:0d:5d:39:48:5b:ed:86:1c: e6:5c:a1:ae:4e:9a:b5:a4:63:ed:b3:8c:d4:ab:f3:6e:d9:25: ba:87:de:71:17:71:32:63:0b:4e:72:19:08:9a:89:d9:20:89: 8a:1b:56:72:d5:f5:72:b0:1a:03:fd:82:11:02:76:0d:10:ae: e8:2c:cd:9b:f5:cd:3d:8d:7e:e2:94:49:73:0f:e4:8c:12:11: c6:75:de:fe:76:cb:3c:fb:47:c7:09:d5:8c:5b:6f:ed:9d:ae: 62:0a:0d:aa:1d:49:53:af:d6:30:1d:9b:4d:40:a3:a8:fc:14: 5e:18:87:4b:f7:87:c3:53:b9:a1:21:6e:34:ed:0a:cc:c5:c3: 22:cd:d1:99:d2:d4:5e:ea:a3:37:35:7b:d8:7f:ae:4a:75:ef: b1:93:35:ed:49:4c:90:1b:49:27:f2:cd:50:a4:91:14:fe:90: 4e:93:9d:bf:75:57:61:aa:17:96:31:d1:07:a2:e2:e3:7d:17: 50:1c:04:3d:5d:e1:4a:b5:03:cc:16:32:b3:cd:71:7f:fb:c6: dc:5d:38:ba -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUf4bDlRBNKd+0syyTgUAkRB1s9nQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA3MDMxNTQ4MDVaFw0yNjA3MDIxNTUzMDVaMDMxMTAvBgNV BAMTKDY2QkU0OUYzNkFENzI0NjY2RTNBRjVFNkY0NTMyNzNFNTQ4NjAwQzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGycjWrN1SqJRYirKdqpgd7mfH smLwIJk3vrncNotL3JSVUeC4keir3AYrSkGrFM2QKcSoCAlm32PEvFy1AhzJH8mE GUpnYazVaR0JtBwuHZ4SKmmbUMY6ijmUL3Xu0V7kJLp74vSpHJbJNohWc7OD/fMO LB+9encJKJA5CsEYn85jKicCYAcR+qHpAI7Mn4mg7dXq8v0rdApJFhsC54lU2DxR Xaa7k3bVntxm+RZ4Z//qJNxFGob12CHQ9wxy+mLqI5F8rtE/d/CvpWVFAaknPWY6 XRqxf3NWcaDBB+J99Au+EZ8n6D6LD1HpzgM9NmDklTnczMAI/zHJeveTPRsXAgMB AAGjggHmMIIB4jAdBgNVHQ4EFgQUZr5J82rXJGZuOvXm9FMnPlSGAMIwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTQyMjMucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwKQYIKwYBBQUHAQcBAf8EGjAYMBYEAgACMBADBgAq Bd/D+gMGACoKYERkMA0GCSqGSIb3DQEBCwUAA4IBAQBqYFtyfIHevipDuhVeZ05x M0jP16y2cbHHvHkAhElmQRk3wjbGLj8nlqptDnVCDV05SFvthhzmXKGuTpq1pGPt s4zUq/Nu2SW6h95xF3EyYwtOchkImonZIImKG1Zy1fVysBoD/YIRAnYNEK7oLM2b 9c09jX7ilElzD+SMEhHGdd7+dss8+0fHCdWMW2/tna5iCg2qHUlTr9YwHZtNQKOo /BReGIdL94fDU7mhIW407QrMxcMizdGZ0tRe6qM3NXvYf65Kde+xkzXtSUyQG0kn 8s1QpJEU/pBOk52/dVdhqheWMdEHouLjfRdQHAQ9XeFKtQPMFjKzzXF/+8bcXTi6 -----END CERTIFICATE-----Generated at Sat Jul 5 02:11:45 2025 by rpki-client