$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS214299.roa File: AS214299.roa (raw, json) Hash identifier: 2nC+lNPxxHa+wDehdJ7EuNUeBFtuwOcqL3wKkPQRQ2o= Subject key identifier: EE:0E:71:8D:E5:54:93:EC:E6:AC:24:02:AB:0E:2F:B1:F5:6B:63:C7 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 3FEBED391726C17E0998B68BA2D7DBD7722E89DB Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS214299.roa Signing time: Sat 20 Sep 2025 15:25:09 +0000 ROA not before: Sat 20 Sep 2025 15:20:09 +0000 ROA not after: Sat 19 Sep 2026 15:25:09 +0000 asID: 214299 IP address blocks: 2a05:dfc3:fd40::/44 maxlen: 52 2a05:dfc3:fd40::/48 maxlen: 48 2a09:54c7:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 09 Oct 2025 13:21:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:eb:ed:39:17:26:c1:7e:09:98:b6:8b:a2:d7:db:d7:72:2e:89:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Sep 20 15:20:09 2025 GMT Not After : Sep 19 15:25:09 2026 GMT Subject: CN=EE0E718DE55493ECE6AC2402AB0E2FB1F56B63C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:90:34:0d:74:fc:da:44:14:c2:73:34:b1:f4: f2:e9:a3:1d:eb:19:fa:53:db:b6:44:b7:ea:1a:49: bb:2e:ba:87:6c:80:f9:55:e0:05:d8:95:c4:a4:86: 99:fc:40:d1:6f:fc:82:89:9b:6b:0e:5b:80:92:6d: c3:ee:8d:ff:f3:73:99:ef:c8:4d:e8:9f:92:a0:f8: 68:37:02:d8:5b:3d:7e:ce:8b:16:f7:1e:1f:c6:5b: 5e:2f:b1:d6:c8:7f:52:97:6a:54:d7:3f:53:28:63: d5:db:bf:da:ca:aa:31:c3:cd:13:ea:73:fb:10:68: eb:92:df:96:cc:14:c3:07:29:e9:b3:5b:d8:45:32: b1:83:0d:19:2b:75:fa:ef:41:e4:e6:ea:e6:ce:29: d5:30:b8:dc:28:e7:1a:b7:3b:7a:b2:c0:c5:af:d3: 81:b2:f4:41:dd:1b:91:65:94:a9:3b:a4:35:72:c8: df:0c:53:da:76:e1:71:68:7e:f8:24:25:d8:81:54: 35:a0:84:97:1f:3b:85:b5:8c:38:4c:45:8d:47:94: e2:47:90:63:3d:7e:95:b6:1f:81:2d:88:39:9b:fc: e0:82:06:1c:95:84:8e:8b:b4:90:3c:02:ed:01:7a: 58:a7:af:19:9a:77:ad:f5:5c:1c:0a:09:4e:b0:ce: ad:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:0E:71:8D:E5:54:93:EC:E6:AC:24:02:AB:0E:2F:B1:F5:6B:63:C7 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS214299.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:fd40::/44 2a09:54c7:1000::/48 Signature Algorithm: sha256WithRSAEncryption 00:2c:0d:6f:22:cb:18:87:8b:41:23:2b:64:67:41:84:36:6d: 2d:a3:78:80:c5:cc:39:8e:14:d3:a0:89:2b:2f:ba:85:f7:83: 09:79:ba:e7:f7:3a:c5:44:95:e0:cb:5d:93:6f:1c:48:cb:91: f0:44:7e:6c:e7:3f:3b:81:68:65:74:8e:42:7e:fa:66:5a:16: d8:87:0e:76:06:bf:3c:15:ce:a9:b2:cd:6e:f4:b6:30:ed:ad: 3d:cb:e1:3b:e1:04:48:4d:64:90:1d:7c:2d:52:42:d2:f9:cd: f9:3b:4c:35:f8:53:3f:bf:25:5b:e3:df:bc:68:09:cc:4c:05: ea:dc:16:0a:68:a1:af:9e:09:9b:32:69:9a:05:15:23:f2:f6: f5:29:6c:6d:3f:bd:1b:4e:12:95:94:4a:64:52:a7:f3:0e:dd: d4:ec:7d:e5:c7:6b:5a:ea:17:c4:a8:e1:5c:ce:4d:ac:66:fe: f9:41:89:a6:34:70:c1:5c:42:32:b7:14:57:e7:a1:82:07:28: 31:40:fc:59:6e:c1:c6:37:c5:22:d5:df:a5:81:e0:a3:55:33: bf:10:5a:83:a0:7f:42:6e:c5:b1:0d:9c:50:21:f8:85:1a:95: 23:33:74:0b:83:36:ed:77:e5:31:f9:1f:a5:a1:b4:ea:cd:9d: f3:6e:42:49 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUP+vtORcmwX4JmLaLotfb13IuidswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA5MjAxNTIwMDlaFw0yNjA5MTkxNTI1MDlaMDMxMTAvBgNV BAMTKEVFMEU3MThERTU1NDkzRUNFNkFDMjQwMkFCMEUyRkIxRjU2QjYzQzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0kDQNdPzaRBTCczSx9PLpox3r GfpT27ZEt+oaSbsuuodsgPlV4AXYlcSkhpn8QNFv/IKJm2sOW4CSbcPujf/zc5nv yE3on5Kg+Gg3AthbPX7Oixb3Hh/GW14vsdbIf1KXalTXP1MoY9Xbv9rKqjHDzRPq c/sQaOuS35bMFMMHKemzW9hFMrGDDRkrdfrvQeTm6ubOKdUwuNwo5xq3O3qywMWv 04Gy9EHdG5FllKk7pDVyyN8MU9p24XFofvgkJdiBVDWghJcfO4W1jDhMRY1HlOJH kGM9fpW2H4EtiDmb/OCCBhyVhI6LtJA8Au0Belinrxmad631XBwKCU6wzq3PAgMB AAGjggHoMIIB5DAdBgNVHQ4EFgQU7g5xjeVUk+zmrCQCqw4vsfVrY8cwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTQyOTkucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgACMBIDBwQq Bd/D/UADBwAqCVTHEAAwDQYJKoZIhvcNAQELBQADggEBAAAsDW8iyxiHi0EjK2Rn QYQ2bS2jeIDFzDmOFNOgiSsvuoX3gwl5uuf3OsVEleDLXZNvHEjLkfBEfmznPzuB aGV0jkJ++mZaFtiHDnYGvzwVzqmyzW70tjDtrT3L4TvhBEhNZJAdfC1SQtL5zfk7 TDX4Uz+/JVvj37xoCcxMBercFgpooa+eCZsyaZoFFSPy9vUpbG0/vRtOEpWUSmRS p/MO3dTsfeXHa1rqF8So4VzOTaxm/vlBiaY0cMFcQjK3FFfnoYIHKDFA/FluwcY3 xSLV36WB4KNVM78QWoOgf0JuxbENnFAh+IUalSMzdAuDNu135TH5H6WhtOrNnfNu Qkk= -----END CERTIFICATE-----Generated at Wed Oct 8 17:35:51 2025 by rpki-client