$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS214242.roa File: AS214242.roa (raw, json) Hash identifier: IRB6A22ISm0wcAjtiKsIoO4IWDsyXW9u75ZrNPEY7VI= Subject key identifier: E8:C2:56:67:08:71:B7:BF:9D:F9:88:FF:BD:E4:93:D7:B4:0E:86:5D Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 7C5E89CDB8B90C614EC0A46BBFD57EB86171459B Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS214242.roa Signing time: Fri 29 Aug 2025 21:19:13 +0000 ROA not before: Fri 29 Aug 2025 21:14:13 +0000 ROA not after: Fri 28 Aug 2026 21:19:13 +0000 asID: 214242 IP address blocks: 2a0a:6044:7700::/40 maxlen: 48 2a0f:6284:4900::/40 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 10 Sep 2025 08:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:5e:89:cd:b8:b9:0c:61:4e:c0:a4:6b:bf:d5:7e:b8:61:71:45:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Aug 29 21:14:13 2025 GMT Not After : Aug 28 21:19:13 2026 GMT Subject: CN=E8C256670871B7BF9DF988FFBDE493D7B40E865D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:52:b2:46:1d:90:c5:73:24:37:32:10:21:67: 99:53:c4:49:00:ac:c4:b2:90:7b:cd:39:df:b1:73: a5:2a:03:f2:de:c9:ad:c4:b3:67:bd:d4:65:e5:79: 8e:eb:a2:bd:a6:85:02:20:fd:f1:c3:f2:f0:e9:60: c2:7a:b5:95:15:a8:29:73:ba:cd:23:7c:40:54:66: c5:f7:d3:8e:91:d0:c7:4b:dc:19:0c:38:1d:c7:ed: ee:77:be:c0:66:dc:39:c7:5f:01:ed:fb:5e:ed:46: 16:4c:2d:0c:62:8d:79:ec:99:8b:2e:3e:01:3b:4a: 15:f3:06:a5:0d:36:f9:de:53:87:f9:a7:55:9b:3b: 74:94:80:bc:83:2d:ea:42:fc:ca:5c:c6:a8:3e:1a: a4:35:7f:f1:5d:16:c9:61:fd:c5:66:1a:47:48:5c: 56:18:5d:08:55:63:e7:2a:58:ae:47:3a:8f:d1:25: 07:e2:aa:8d:b1:06:38:49:44:41:95:df:03:7d:17: 45:a9:f0:a0:a3:ac:6e:5d:ee:0b:56:33:d2:19:46: 9e:8e:99:5a:ef:d1:55:a7:8b:9b:4e:18:88:9e:9c: 7e:56:a5:c7:6f:d3:35:d1:35:f6:e2:a5:67:7c:ca: 79:ab:89:3a:9f:c9:0d:97:55:07:42:3f:56:11:d2: 37:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:C2:56:67:08:71:B7:BF:9D:F9:88:FF:BD:E4:93:D7:B4:0E:86:5D X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS214242.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6044:7700::/40 2a0f:6284:4900::/40 Signature Algorithm: sha256WithRSAEncryption 40:a2:b3:e6:52:b4:ab:7d:65:c4:64:f6:e0:b4:2e:7b:c3:e6: c4:2a:01:2e:31:b3:eb:55:e7:d7:39:ea:57:2f:a9:79:09:d1: fa:51:41:c9:38:d5:c8:66:34:61:37:2f:5f:2e:13:a4:ee:cf: 3d:88:34:b1:ee:53:86:f4:8d:5d:73:90:67:81:f5:fd:4d:cd: 26:54:9a:70:4e:83:5c:17:6c:40:a2:75:6a:9c:66:9b:45:85: 21:ef:83:ea:e8:b3:97:04:93:86:97:9a:ba:af:92:b0:06:52: 25:c9:95:2a:ab:22:77:ff:9f:f9:78:64:15:46:a6:3d:d8:17: 25:c8:3a:e0:0e:c9:97:2a:4b:d3:c8:2b:bc:68:4f:91:86:60: 90:04:87:3e:e5:e2:7a:6e:cc:45:c7:8b:c4:aa:2e:70:32:b2: dc:5d:d3:81:48:82:8c:32:8a:19:f9:18:0b:88:ae:30:41:50: 8c:d1:d3:39:b1:c5:19:78:09:56:92:b5:64:aa:37:2d:b6:6e: ce:1f:af:27:84:de:a6:26:d1:68:fc:5f:7d:92:14:97:ec:b3: ac:e5:2d:e9:03:b8:19:a0:48:f2:60:2a:b6:e6:4f:b7:29:8c: b8:e4:fa:23:42:c4:9c:88:8e:72:79:48:8b:d5:db:e7:15:bd: ea:cd:fb:e5 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUfF6Jzbi5DGFOwKRrv9V+uGFxRZswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA4MjkyMTE0MTNaFw0yNjA4MjgyMTE5MTNaMDMxMTAvBgNV BAMTKEU4QzI1NjY3MDg3MUI3QkY5REY5ODhGRkJERTQ5M0Q3QjQwRTg2NUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4UrJGHZDFcyQ3MhAhZ5lTxEkA rMSykHvNOd+xc6UqA/Leya3Es2e91GXleY7ror2mhQIg/fHD8vDpYMJ6tZUVqClz us0jfEBUZsX3046R0MdL3BkMOB3H7e53vsBm3DnHXwHt+17tRhZMLQxijXnsmYsu PgE7ShXzBqUNNvneU4f5p1WbO3SUgLyDLepC/Mpcxqg+GqQ1f/FdFslh/cVmGkdI XFYYXQhVY+cqWK5HOo/RJQfiqo2xBjhJREGV3wN9F0Wp8KCjrG5d7gtWM9IZRp6O mVrv0VWni5tOGIienH5Wpcdv0zXRNfbipWd8ynmriTqfyQ2XVQdCP1YR0jfFAgMB AAGjggHmMIIB4jAdBgNVHQ4EFgQU6MJWZwhxt7+d+Yj/veST17QOhl0wHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTQyNDIucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwKQYIKwYBBQUHAQcBAf8EGjAYMBYEAgACMBADBgAq CmBEdwMGACoPYoRJMA0GCSqGSIb3DQEBCwUAA4IBAQBAorPmUrSrfWXEZPbgtC57 w+bEKgEuMbPrVefXOepXL6l5CdH6UUHJONXIZjRhNy9fLhOk7s89iDSx7lOG9I1d c5BngfX9Tc0mVJpwToNcF2xAonVqnGabRYUh74Pq6LOXBJOGl5q6r5KwBlIlyZUq qyJ3/5/5eGQVRqY92BclyDrgDsmXKkvTyCu8aE+RhmCQBIc+5eJ6bsxFx4vEqi5w MrLcXdOBSIKMMooZ+RgLiK4wQVCM0dM5scUZeAlWkrVkqjcttm7OH68nhN6mJtFo /F99khSX7LOs5S3pA7gZoEjyYCq25k+3KYy45PojQsSciI5yeUiL1dvnFb3qzfvl -----END CERTIFICATE-----Generated at Tue Sep 9 13:57:04 2025 by rpki-client