Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS47272.roa
File: AS47272.roa (raw, json)
Hash identifier: OrynZB81lFd75USFRlbKfYDQNuhXQN6JWYaSBSG2t04=
Subject key identifier: 95:AE:34:FF:4C:8E:9E:61:07:1F:AF:17:31:DE:90:C2:07:A7:5D:E5
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 6C1F6D6DFF69510B6331DA80CEAA258B5C8AACAC
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
Signing time: Tue 07 Oct 2025 08:00:35 +0000
ROA not before: Tue 07 Oct 2025 07:55:35 +0000
ROA not after: Tue 06 Oct 2026 08:00:35 +0000
asID: 47272
IP address blocks: 199.47.240.0/24 maxlen: 32
2a05:dfc3:f500::/40 maxlen: 48
2a05:dfc3:fd24::/48 maxlen: 48
2a06:1281:40::/44 maxlen: 44
2a06:1281:1000::/36 maxlen: 36
2a09:54c6::/36 maxlen: 36
2a0f:6280:a::/48 maxlen: 128
2a0f:6280:10::/48 maxlen: 128
2a0f:6280:11::/48 maxlen: 128
2a0f:6280:12::/48 maxlen: 128
2a0f:6280:13::/48 maxlen: 128
2a0f:6280:14::/48 maxlen: 48
2a0f:6280:15::/48 maxlen: 128
2a0f:6280:16::/48 maxlen: 128
2a0f:6280:17::/48 maxlen: 128
2a0f:6280:18::/48 maxlen: 128
2a0f:6280:19::/48 maxlen: 128
2a0f:6280:1a::/48 maxlen: 128
2a0f:6280:1b::/48 maxlen: 128
2a0f:6280:1c::/48 maxlen: 48
2a0f:6280:1d::/48 maxlen: 128
2a0f:6280:1f::/48 maxlen: 128
2a0f:6283:1130::/44 maxlen: 44
2a0f:6283:1140::/44 maxlen: 44
2a0f:6283:1150::/44 maxlen: 44
2a0f:6283:6000::/36 maxlen: 36
2a0f:6284:4700::/40 maxlen: 40
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:1f:6d:6d:ff:69:51:0b:63:31:da:80:ce:aa:25:8b:5c:8a:ac:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Oct 7 07:55:35 2025 GMT
Not After : Oct 6 08:00:35 2026 GMT
Subject: CN=95AE34FF4C8E9E61071FAF1731DE90C207A75DE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:24:11:2c:ef:7e:c8:cc:39:47:68:f6:90:44:
ec:24:92:8b:0d:c2:be:e9:3c:00:87:3e:d9:34:72:
09:80:55:6a:69:ad:72:17:47:31:ba:a0:18:a6:50:
56:b2:d5:ea:72:ed:94:bc:eb:c3:db:b6:6d:75:6b:
ab:55:dc:ef:b4:7e:42:12:ed:c0:86:e6:fd:86:fa:
e6:48:66:2a:9f:ba:e1:47:09:1f:46:84:1a:b7:a3:
22:58:62:9f:2d:98:d5:b0:d9:6a:28:88:05:68:95:
9a:5c:c8:cd:ee:f6:e7:fb:76:58:35:3a:12:65:14:
5f:52:94:be:cf:b8:9f:f6:e8:19:55:a0:1c:0e:0e:
8d:67:80:63:a7:b8:14:cf:d9:b7:da:7f:df:42:46:
6f:30:ad:e2:ac:1e:98:75:9c:78:d9:28:95:5e:d1:
47:12:70:a5:c5:da:47:38:d8:64:87:0a:91:f0:88:
a8:00:44:a9:67:13:0b:70:f7:03:c9:8c:dd:6c:52:
09:6a:db:6b:e5:2b:72:5a:96:ec:3e:44:f6:86:87:
fa:84:71:2b:7f:01:f7:87:80:0f:c2:ce:55:8f:5b:
4a:59:32:80:af:46:dd:67:49:ac:a9:35:e3:be:8d:
07:2c:9a:c7:55:6a:47:e3:b9:5f:16:a6:5c:48:02:
65:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:AE:34:FF:4C:8E:9E:61:07:1F:AF:17:31:DE:90:C2:07:A7:5D:E5
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.47.240.0/24
IPv6:
2a05:dfc3:f500::/40
2a05:dfc3:fd24::/48
2a06:1281:40::/44
2a06:1281:1000::/36
2a09:54c6::/36
2a0f:6280:a::/48
2a0f:6280:10::-2a0f:6280:1d:ffff:ffff:ffff:ffff:ffff
2a0f:6280:1f::/48
2a0f:6283:1130::-2a0f:6283:115f:ffff:ffff:ffff:ffff:ffff
2a0f:6283:6000::/36
2a0f:6284:4700::/40
Signature Algorithm: sha256WithRSAEncryption
0f:39:b3:65:22:a8:32:88:85:7f:33:55:ec:b3:79:58:9e:6a:
22:3b:6b:2b:9d:7b:64:20:ee:e2:d7:00:34:b8:0a:f8:b7:e4:
ee:5a:41:6f:b3:18:36:a5:4a:6d:eb:27:f3:a0:04:5c:b3:61:
f1:59:a3:2f:27:8b:41:7c:3e:42:3b:08:cc:43:35:49:02:05:
e7:ab:02:c0:5c:e3:4f:ea:e2:50:64:6a:e2:36:75:e0:3e:36:
1a:2e:51:34:31:48:1c:b6:00:c0:c2:93:90:71:ce:6c:2c:e5:
7e:51:2c:9d:07:c6:c0:e5:2a:0e:01:b8:d7:b6:f4:b0:1c:cb:
cc:7e:f0:8e:a1:7f:52:44:f7:3e:60:d6:e9:63:2b:fe:b6:7c:
58:21:68:de:f5:e9:15:b1:5f:b8:cd:53:fa:86:d4:a8:71:4c:
06:80:c6:f3:d9:ee:02:96:c7:e2:1d:33:48:3a:bd:a0:78:64:
30:11:9d:f5:05:49:fc:34:88:6c:c0:0e:0e:a0:ff:13:7d:38:
8f:31:02:13:51:9d:c8:95:da:29:07:c2:85:d1:92:cf:b5:8b:
2f:ae:c7:19:4e:29:71:f2:5a:1c:a2:4c:5f:2a:12:b4:cc:d2:
2a:6f:c5:c4:57:78:bb:d5:62:b2:ef:07:bd:ab:29:25:e6:97:
16:94:fe:a3
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgIUbB9tbf9pUQtjMdqAzqoli1yKrKwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTEwMDcwNzU1MzVaFw0yNjEwMDYwODAwMzVaMDMxMTAvBgNV
BAMTKDk1QUUzNEZGNEM4RTlFNjEwNzFGQUYxNzMxREU5MEMyMDdBNzVERTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIJBEs737IzDlHaPaQROwkkosN
wr7pPACHPtk0cgmAVWpprXIXRzG6oBimUFay1epy7ZS868Pbtm11a6tV3O+0fkIS
7cCG5v2G+uZIZiqfuuFHCR9GhBq3oyJYYp8tmNWw2WooiAVolZpcyM3u9uf7dlg1
OhJlFF9SlL7PuJ/26BlVoBwODo1ngGOnuBTP2bfaf99CRm8wreKsHph1nHjZKJVe
0UcScKXF2kc42GSHCpHwiKgARKlnEwtw9wPJjN1sUglq22vlK3Jaluw+RPaGh/qE
cSt/AfeHgA/CzlWPW0pZMoCvRt1nSaypNeO+jQcsmsdVakfjuV8WplxIAmWJAgMB
AAGjggJaMIICVjAdBgNVHQ4EFgQUla40/0yOnmEHH68XMd6QwgenXeUwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM0NzI3Mi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjCBnQYIKwYBBQUHAQcBAf8EgY0wgYowDAQCAAEwBgME
AMcv8DB6BAIAAjB0AwYAKgXfw/UDBwAqBd/D/SQDBwQqBhKBAEADBgQqBhKBEAMG
BCoJVMYAAwcAKg9igAAKMBIDBwQqD2KAABADBwEqD2KAABwDBwAqD2KAAB8wEgMH
BCoPYoMRMAMHBSoPYoMRQAMGBCoPYoNgAwYAKg9ihEcwDQYJKoZIhvcNAQELBQAD
ggEBAA85s2UiqDKIhX8zVeyzeVieaiI7ayude2Qg7uLXADS4Cvi35O5aQW+zGDal
Sm3rJ/OgBFyzYfFZoy8ni0F8PkI7CMxDNUkCBeerAsBc40/q4lBkauI2deA+Nhou
UTQxSBy2AMDCk5Bxzmws5X5RLJ0HxsDlKg4BuNe29LAcy8x+8I6hf1JE9z5g1ulj
K/62fFghaN716RWxX7jNU/qG1KhxTAaAxvPZ7gKWx+IdM0g6vaB4ZDARnfUFSfw0
iGzADg6g/xN9OI8xAhNRnciV2ikHwoXRks+1iy+uxxlOKXHyWhyiTF8qErTM0ipv
xcRXeLvVYrLvB72rKSXmlxaU/qM=
-----END CERTIFICATE-----
Generated at Wed Oct 8 17:36:23 2025 by rpki-client