$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS31898.roa File: AS31898.roa (raw, json) Hash identifier: CJBUHLAcp/4mKxgwku8xdgDp4fYX1eWk937f+aLMToI= Subject key identifier: D5:85:BE:D0:67:60:18:0E:21:AF:A7:37:F7:2F:C6:03:5C:00:17:0C Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 304E62B292BC8C135710C46E1609570919308A5C Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS31898.roa Signing time: Mon 18 Aug 2025 20:21:02 +0000 ROA not before: Mon 18 Aug 2025 20:16:02 +0000 ROA not after: Mon 17 Aug 2026 20:21:02 +0000 asID: 31898 IP address blocks: 2a05:dfc3:f6ce::/48 maxlen: 48 2a0a:6044:6d00::/48 maxlen: 48 2a0f:6284:41ff::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 20 Aug 2025 21:47:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:4e:62:b2:92:bc:8c:13:57:10:c4:6e:16:09:57:09:19:30:8a:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Aug 18 20:16:02 2025 GMT Not After : Aug 17 20:21:02 2026 GMT Subject: CN=D585BED06760180E21AFA737F72FC6035C00170C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:61:00:21:3a:db:4a:48:c3:19:5e:19:68:8b: bd:ef:aa:20:39:38:02:3a:93:f4:ea:90:ce:e7:36: ef:7b:b2:67:4e:5b:6d:d1:06:40:98:ab:3c:19:79: af:11:3a:c5:71:65:b2:2e:9c:3f:b0:ba:f6:e7:d7: b9:ec:22:ec:71:1f:d8:18:1b:e8:9f:f0:b0:bf:4b: 91:d5:71:bb:e6:e9:b4:7c:e9:b6:71:16:65:53:5a: 68:bc:7e:6f:c6:fd:46:9a:7b:ab:5f:ef:d9:ce:24: 3e:2a:ca:37:fd:4e:61:cc:91:e0:c1:1f:7a:0b:45: 8d:61:14:f1:ea:27:ad:1b:b3:01:04:d6:8b:3a:58: d0:ae:6a:be:a4:3b:dc:ce:29:b4:28:bb:2a:44:5e: 19:df:4d:16:ed:56:cc:17:32:49:8b:7e:16:63:07: 1a:79:45:17:8e:ac:96:35:c0:e2:1f:c6:af:37:0e: e8:2e:bd:78:d9:ec:4a:16:1a:9e:61:6a:43:18:f0: a7:a4:55:0d:d7:4c:93:79:5d:60:d0:ce:d5:41:2e: 9f:9a:74:a5:29:70:76:94:23:58:39:f1:11:63:65: 3c:fa:68:4a:78:0e:7b:81:83:1b:7e:f2:71:4e:a2: 87:6e:e5:76:07:79:79:b8:d6:6e:41:9e:13:63:34: 33:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:85:BE:D0:67:60:18:0E:21:AF:A7:37:F7:2F:C6:03:5C:00:17:0C X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS31898.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f6ce::/48 2a0a:6044:6d00::/48 2a0f:6284:41ff::/48 Signature Algorithm: sha256WithRSAEncryption 11:4a:c8:dc:25:12:24:54:82:dc:8b:e2:0e:d9:df:30:f2:27: d0:20:be:5e:98:f9:81:d6:13:e3:53:2e:1b:13:76:80:19:a6: 25:92:a8:f7:7e:ca:4b:d8:8f:b9:71:56:a9:a6:31:ab:0f:02: 12:0b:c0:98:2d:45:be:59:81:c0:e7:46:64:f4:91:c5:4b:bb: f0:f2:e8:24:43:14:c4:b6:ab:80:65:ac:57:50:11:38:7e:59: 24:a2:f8:c4:89:fd:2b:6b:df:a9:2a:4c:ea:33:0b:0e:44:86: 00:39:59:7e:8b:e0:7e:e1:07:bd:ae:a8:b2:18:d8:94:d9:f1: 21:b7:1c:31:9b:a9:15:bb:3e:2e:d6:a7:0f:50:cd:2f:9e:b5: 1d:c4:fc:e7:fd:46:fa:fe:bd:c0:3d:26:5d:37:63:59:f1:ba: 7e:df:4c:f1:d4:cb:ee:22:27:6a:ca:0b:ae:c5:24:23:c7:de: 9b:d9:70:af:82:8b:9b:f9:3a:62:5b:98:63:5d:49:1a:d8:bb: 3e:e9:bf:6a:03:27:ac:91:8a:a6:33:5f:d4:f7:c2:aa:3c:8b: 51:2a:0d:50:71:05:34:cd:e5:1b:63:6a:db:48:1d:cc:f6:e8: 78:72:cc:fd:b7:d1:3c:ef:b3:bd:ff:61:cc:ac:db:3d:7d:8b: 8c:22:4f:df -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIUME5ispK8jBNXEMRuFglXCRkwilwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA4MTgyMDE2MDJaFw0yNjA4MTcyMDIxMDJaMDMxMTAvBgNV BAMTKEQ1ODVCRUQwNjc2MDE4MEUyMUFGQTczN0Y3MkZDNjAzNUMwMDE3MEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdYQAhOttKSMMZXhloi73vqiA5 OAI6k/TqkM7nNu97smdOW23RBkCYqzwZea8ROsVxZbIunD+wuvbn17nsIuxxH9gY G+if8LC/S5HVcbvm6bR86bZxFmVTWmi8fm/G/Uaae6tf79nOJD4qyjf9TmHMkeDB H3oLRY1hFPHqJ60bswEE1os6WNCuar6kO9zOKbQouypEXhnfTRbtVswXMkmLfhZj Bxp5RReOrJY1wOIfxq83DuguvXjZ7EoWGp5hakMY8KekVQ3XTJN5XWDQztVBLp+a dKUpcHaUI1g58RFjZTz6aEp4DnuBgxt+8nFOoodu5XYHeXm41m5BnhNjNDPPAgMB AAGjggHwMIIB7DAdBgNVHQ4EFgQU1YW+0GdgGA4hr6c39y/GA1wAFwwwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMzMTg5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwIQQCAAIwGwMHACoF 38P2zgMHACoKYERtAAMHACoPYoRB/zANBgkqhkiG9w0BAQsFAAOCAQEAEUrI3CUS JFSC3IviDtnfMPIn0CC+Xpj5gdYT41MuGxN2gBmmJZKo937KS9iPuXFWqaYxqw8C EgvAmC1FvlmBwOdGZPSRxUu78PLoJEMUxLargGWsV1AROH5ZJKL4xIn9K2vfqSpM 6jMLDkSGADlZfovgfuEHva6oshjYlNnxIbccMZupFbs+LtanD1DNL561HcT85/1G +v69wD0mXTdjWfG6ft9M8dTL7iInasoLrsUkI8fem9lwr4KLm/k6YluYY11JGti7 Pum/agMnrJGKpjNf1PfCqjyLUSoNUHEFNM3lG2Nq20gdzPboeHLM/bfRPO+zvf9h zKzbPX2LjCJP3w== -----END CERTIFICATE-----Generated at Wed Aug 20 08:07:17 2025 by rpki-client