$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS214801.roa File: AS214801.roa (raw, json) Hash identifier: ttHo8UxO9XhRRWo0qXEXlVeWNet/zWA56cC21178iy4= Subject key identifier: AA:5A:94:BC:69:46:CC:80:BB:57:4E:6E:F9:2F:11:40:7B:E3:EE:B6 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 34F2A4CE517EBE060ED32E6A56D96962C7F5BC9A Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS214801.roa Signing time: Mon 03 Nov 2025 00:43:36 +0000 ROA not before: Mon 03 Nov 2025 00:38:36 +0000 ROA not after: Mon 02 Nov 2026 00:43:36 +0000 asID: 214801 IP address blocks: 2a0f:6284:2ff::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 04 Nov 2025 13:39:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:f2:a4:ce:51:7e:be:06:0e:d3:2e:6a:56:d9:69:62:c7:f5:bc:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Nov 3 00:38:36 2025 GMT Not After : Nov 2 00:43:36 2026 GMT Subject: CN=AA5A94BC6946CC80BB574E6EF92F11407BE3EEB6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:f7:a6:99:5a:67:d9:2d:56:26:f7:7c:16:91: d6:6c:3b:6e:fb:1f:fe:e9:d9:86:06:df:04:38:54: 39:e0:52:50:08:a2:9c:a5:81:ab:fa:0b:16:f3:ae: 89:85:bf:19:a4:e5:c8:24:2d:9f:46:bb:51:a0:8d: ed:8b:76:4c:0a:4e:83:6a:a5:f5:f5:ae:81:51:d0: 27:b7:86:46:a2:2e:dd:dc:dd:25:6f:03:1b:63:4d: 6f:4f:ca:b2:95:25:98:55:46:05:24:04:ba:67:10: e3:ea:f8:0b:46:74:1d:6e:76:cf:ae:ec:89:c7:7f: 7d:51:42:52:25:8c:ff:af:65:59:f5:14:92:de:06: a3:19:fa:29:fa:50:0f:cd:76:c6:90:4d:7f:b9:5f: 81:bb:42:f0:ee:5a:8f:1d:c7:91:3c:2a:c7:f6:87: ba:e5:72:22:e9:ed:c5:3e:2e:8c:87:6e:51:06:e5: 3d:85:7a:5f:30:93:38:25:a7:67:a1:05:32:17:69: 9c:10:8e:57:ab:d8:dc:7b:18:8c:db:11:69:2a:2a: 23:90:38:4d:eb:7d:ef:dc:52:3c:44:fd:9b:80:a7: 5f:ae:c1:24:57:a7:16:c9:6b:da:3f:d9:5d:0d:0d: 3b:ff:6f:a8:0d:52:68:0c:53:9c:32:31:56:6f:30: d5:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:5A:94:BC:69:46:CC:80:BB:57:4E:6E:F9:2F:11:40:7B:E3:EE:B6 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS214801.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:6284:2ff::/48 Signature Algorithm: sha256WithRSAEncryption 20:38:4f:e2:31:86:60:52:63:f8:20:dc:d5:8e:80:c1:20:a3: 02:6f:e8:4f:28:18:9c:2c:25:58:83:8b:1d:17:bc:1a:a6:17: d9:34:9c:99:7e:68:01:86:d2:7b:14:3f:7f:17:6e:ca:ba:f5: 5a:2e:7a:eb:92:12:6a:8a:14:71:59:05:dc:2a:d5:e1:eb:a6: 30:ab:56:4f:6f:28:4a:97:3d:aa:8a:8c:5b:1b:bd:cf:d0:dd: 45:96:4a:bb:32:77:d9:fb:f0:72:52:71:8c:f2:c7:99:ce:fa: 48:26:e0:5d:da:bb:85:57:aa:89:4f:71:f7:8a:9c:8d:cc:2e: 63:0c:05:86:bf:8e:87:dc:bd:43:ee:95:90:24:b4:52:05:8d: 0c:36:4e:8f:ff:9f:5a:62:3c:1d:b5:2b:4d:2b:70:73:b8:3d: 71:d8:f8:3d:05:09:71:59:2e:0e:4c:22:da:f3:f7:29:fe:3c: 22:6e:28:6e:c8:37:bc:7e:a7:c8:03:cb:fa:0f:35:97:60:d1: 44:55:5f:32:76:9a:a8:69:f5:50:8d:88:30:68:cf:99:4d:32: 95:6a:68:22:87:90:c5:01:43:d0:1a:dc:44:66:73:81:d7:2c: e5:66:67:25:c8:18:fc:5b:95:98:19:54:af:6c:e9:4d:aa:77: ea:b2:df:7b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgIUNPKkzlF+vgYO0y5qVtlpYsf1vJowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTExMDMwMDM4MzZaFw0yNjExMDIwMDQzMzZaMDMxMTAvBgNV BAMTKEFBNUE5NEJDNjk0NkNDODBCQjU3NEU2RUY5MkYxMTQwN0JFM0VFQjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh96aZWmfZLVYm93wWkdZsO277 H/7p2YYG3wQ4VDngUlAIopylgav6CxbzromFvxmk5cgkLZ9Gu1Ggje2LdkwKToNq pfX1roFR0Ce3hkaiLt3c3SVvAxtjTW9PyrKVJZhVRgUkBLpnEOPq+AtGdB1uds+u 7InHf31RQlIljP+vZVn1FJLeBqMZ+in6UA/NdsaQTX+5X4G7QvDuWo8dx5E8Ksf2 h7rlciLp7cU+LoyHblEG5T2Fel8wkzglp2ehBTIXaZwQjler2Nx7GIzbEWkqKiOQ OE3rfe/cUjxE/ZuAp1+uwSRXpxbJa9o/2V0NDTv/b6gNUmgMU5wyMVZvMNXrAgMB AAGjggHfMIIB2zAdBgNVHQ4EFgQUqlqUvGlGzIC7V05u+S8RQHvj7rYwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTQ4MDEucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAq D2KEAv8wDQYJKoZIhvcNAQELBQADggEBACA4T+IxhmBSY/gg3NWOgMEgowJv6E8o GJwsJViDix0XvBqmF9k0nJl+aAGG0nsUP38Xbsq69VoueuuSEmqKFHFZBdwq1eHr pjCrVk9vKEqXPaqKjFsbvc/Q3UWWSrsyd9n78HJScYzyx5nO+kgm4F3au4VXqolP cfeKnI3MLmMMBYa/jofcvUPulZAktFIFjQw2To//n1piPB21K00rcHO4PXHY+D0F CXFZLg5MItrz9yn+PCJuKG7IN7x+p8gDy/oPNZdg0URVXzJ2mqhp9VCNiDBoz5lN MpVqaCKHkMUBQ9Aa3ERmc4HXLOVmZyXIGPxblZgZVK9s6U2qd+qy33s= -----END CERTIFICATE-----Generated at Mon Nov 3 23:16:28 2025 by rpki-client