Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS47272.roa
File: AS47272.roa (raw, json)
Hash identifier: /7hO8nc0IVGqe6XOxgjntxHdMLNeomqr039eTv6qt/8=
Subject key identifier: 40:32:04:62:77:8D:5E:81:C3:FD:6B:BD:B9:21:4E:FD:AA:BE:97:A8
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 454C52338E0263344AE433C18F9321556066C20A
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
Signing time: Thu 03 Jul 2025 16:19:12 +0000
ROA not before: Thu 03 Jul 2025 16:14:12 +0000
ROA not after: Thu 02 Jul 2026 16:19:12 +0000
asID: 47272
IP address blocks: 2a05:dfc3:f500::/40 maxlen: 48
2a05:dfc3:fd24::/48 maxlen: 48
2a06:1281:1000::/36 maxlen: 36
2a09:54c6::/36 maxlen: 36
2a0f:6280:a::/48 maxlen: 128
2a0f:6280:10::/48 maxlen: 128
2a0f:6280:11::/48 maxlen: 128
2a0f:6280:12::/48 maxlen: 128
2a0f:6280:13::/48 maxlen: 128
2a0f:6280:14::/48 maxlen: 48
2a0f:6280:15::/48 maxlen: 128
2a0f:6280:16::/48 maxlen: 128
2a0f:6280:17::/48 maxlen: 128
2a0f:6280:18::/48 maxlen: 128
2a0f:6280:19::/48 maxlen: 128
2a0f:6280:1a::/48 maxlen: 128
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:4c:52:33:8e:02:63:34:4a:e4:33:c1:8f:93:21:55:60:66:c2:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Jul 3 16:14:12 2025 GMT
Not After : Jul 2 16:19:12 2026 GMT
Subject: CN=40320462778D5E81C3FD6BBDB9214EFDAABE97A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3a:27:29:89:b2:3b:9b:5f:e7:dd:66:56:6b:
34:11:52:66:76:f5:16:6e:ea:3c:2f:20:d8:04:b0:
37:6c:d7:6b:13:1b:2a:90:44:62:c9:42:c7:07:62:
88:db:c7:99:61:53:91:60:7f:27:f2:c0:84:6e:78:
6a:5d:46:8c:4b:92:c4:de:e7:7a:f7:b1:ae:31:31:
86:7c:ad:d6:16:47:82:76:b8:b8:ae:28:82:36:e5:
2e:58:da:9a:a2:bb:64:f8:e7:0d:6a:09:fc:d0:ba:
14:83:fb:15:60:99:7d:42:ff:28:8c:c9:0c:ac:92:
ba:43:9e:84:29:f0:97:30:17:e9:71:fe:2c:4d:4a:
86:80:14:48:22:f6:89:9d:6d:f4:98:e7:aa:f8:ec:
70:b7:16:be:21:14:f6:9b:62:c4:d0:ac:c5:7d:f9:
3f:48:79:4b:45:da:dc:93:46:4b:2b:9a:da:01:b3:
87:97:6e:cb:9d:7c:a5:de:96:2d:35:13:1a:8f:13:
92:4e:af:97:49:21:64:1d:ea:cf:84:74:ba:01:94:
10:0a:14:e4:a1:6d:88:53:a0:56:b6:6c:3a:5a:c6:
fe:16:f3:40:89:47:80:93:55:ff:63:a2:5a:b4:c4:
72:76:02:62:69:9c:65:c4:d7:b3:b4:7a:d3:e8:39:
69:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:32:04:62:77:8D:5E:81:C3:FD:6B:BD:B9:21:4E:FD:AA:BE:97:A8
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc3:f500::/40
2a05:dfc3:fd24::/48
2a06:1281:1000::/36
2a09:54c6::/36
2a0f:6280:a::/48
2a0f:6280:10::-2a0f:6280:1a:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8b:f1:5f:d0:c1:9a:c0:4c:60:44:33:10:8f:c5:6d:8d:15:e9:
07:de:c2:cf:1a:e5:cb:4c:eb:90:c3:dc:ca:39:a0:3a:15:87:
0b:59:f6:fe:9d:90:11:ca:1c:bd:3a:1e:2a:44:93:97:b4:9c:
03:0c:27:97:8a:f7:fd:0c:2a:09:da:f6:59:b9:ee:d3:e3:35:
55:fe:f1:2f:6e:02:e3:43:47:3e:44:6e:5b:69:33:08:5a:d0:
97:fc:3a:98:0b:ae:de:c7:ef:48:e1:c8:a9:aa:28:2f:d4:97:
35:29:23:0d:e8:8f:59:56:9e:c7:ac:e0:77:7b:6b:6d:39:ce:
9d:17:29:b9:e6:8c:00:f9:d6:df:40:de:ab:76:74:15:fb:b8:
4c:c2:ed:65:77:55:ec:1a:06:a9:c0:37:74:d7:f7:76:5b:54:
18:6f:da:42:3c:65:a0:53:0d:ee:71:3b:82:74:39:87:98:67:
06:cd:fb:3b:db:de:b8:32:30:c4:d1:4a:dc:a6:cf:a4:8b:3b:
70:0c:92:78:41:a5:1e:c0:1f:bf:88:d0:26:a4:e2:3f:af:e4:
55:53:24:fa:b3:60:fc:6e:e5:5e:9c:35:bb:09:2d:8d:91:25:
70:ef:e1:8d:d4:2f:3f:a4:a3:7b:43:c3:bb:e5:d9:b7:0e:6b:
61:48:8d:08
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIURUxSM44CYzRK5DPBj5MhVWBmwgowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA3MDMxNjE0MTJaFw0yNjA3MDIxNjE5MTJaMDMxMTAvBgNV
BAMTKDQwMzIwNDYyNzc4RDVFODFDM0ZENkJCREI5MjE0RUZEQUFCRTk3QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEOicpibI7m1/n3WZWazQRUmZ2
9RZu6jwvINgEsDds12sTGyqQRGLJQscHYojbx5lhU5FgfyfywIRueGpdRoxLksTe
53r3sa4xMYZ8rdYWR4J2uLiuKII25S5Y2pqiu2T45w1qCfzQuhSD+xVgmX1C/yiM
yQyskrpDnoQp8JcwF+lx/ixNSoaAFEgi9omdbfSY56r47HC3Fr4hFPabYsTQrMV9
+T9IeUtF2tyTRksrmtoBs4eXbsudfKXeli01ExqPE5JOr5dJIWQd6s+EdLoBlBAK
FOShbYhToFa2bDpaxv4W80CJR4CTVf9jolq0xHJ2AmJpnGXE17O0etPoOWmhAgMB
AAGjggITMIICDzAdBgNVHQ4EFgQUQDIEYneNXoHD/Wu9uSFO/aq+l6gwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM0NzI3Mi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjBXBggrBgEFBQcBBwEB/wRIMEYwRAQCAAIwPgMGACoF
38P1AwcAKgXfw/0kAwYEKgYSgRADBgQqCVTGAAMHACoPYoAACjASAwcEKg9igAAQ
AwcAKg9igAAaMA0GCSqGSIb3DQEBCwUAA4IBAQCL8V/QwZrATGBEMxCPxW2NFekH
3sLPGuXLTOuQw9zKOaA6FYcLWfb+nZARyhy9Oh4qRJOXtJwDDCeXivf9DCoJ2vZZ
ue7T4zVV/vEvbgLjQ0c+RG5baTMIWtCX/DqYC67ex+9I4cipqigv1Jc1KSMN6I9Z
Vp7HrOB3e2ttOc6dFym55owA+dbfQN6rdnQV+7hMwu1ld1XsGgapwDd01/d2W1QY
b9pCPGWgUw3ucTuCdDmHmGcGzfs72964MjDE0Urcps+kiztwDJJ4QaUewB+/iNAm
pOI/r+RVUyT6s2D8buVenDW7CS2NkSVw7+GN1C8/pKN7Q8O75dm3DmthSI0I
-----END CERTIFICATE-----
Generated at Sat Jul 5 02:04:10 2025 by rpki-client