Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS47272.roa
File: AS47272.roa (raw, json)
Hash identifier: VfbxFH+PuJNZy9+u3JUlrrEtO5oLXb2wfBiIRdoVDII=
Subject key identifier: AD:5C:3E:23:CB:9C:0B:70:78:F5:CC:99:07:05:06:96:C2:A4:AD:D2
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 7B72D2CF84075B552FFCF8D328CAD639893C6410
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
Signing time: Wed 04 Mar 2026 08:00:49 +0000
ROA not before: Wed 04 Mar 2026 07:55:49 +0000
ROA not after: Wed 03 Mar 2027 08:00:49 +0000
asID: 47272
IP address blocks: 199.47.240.0/24 maxlen: 32
2a05:dfc3:fd24::/48 maxlen: 48
2a06:1281:40::/44 maxlen: 44
2a06:1281:1000::/36 maxlen: 36
2a09:54c6::/36 maxlen: 36
2a0f:6280:a::/48 maxlen: 128
2a0f:6280:10::/48 maxlen: 128
2a0f:6280:11::/48 maxlen: 128
2a0f:6280:12::/48 maxlen: 128
2a0f:6280:13::/48 maxlen: 128
2a0f:6280:14::/48 maxlen: 48
2a0f:6280:15::/48 maxlen: 128
2a0f:6280:16::/48 maxlen: 128
2a0f:6280:17::/48 maxlen: 128
2a0f:6280:18::/48 maxlen: 128
2a0f:6280:1a::/48 maxlen: 128
2a0f:6280:1b::/48 maxlen: 128
2a0f:6280:1c::/48 maxlen: 48
2a0f:6280:1d::/48 maxlen: 128
2a0f:6280:1f::/48 maxlen: 128
2a0f:6283:1130::/44 maxlen: 44
2a0f:6283:1140::/44 maxlen: 44
2a0f:6283:1150::/44 maxlen: 44
2a0f:6284:20::/44 maxlen: 44
2a0f:6284:4700::/40 maxlen: 40
2a0f:6287:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 06:34:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:72:d2:cf:84:07:5b:55:2f:fc:f8:d3:28:ca:d6:39:89:3c:64:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Mar 4 07:55:49 2026 GMT
Not After : Mar 3 08:00:49 2027 GMT
Subject: CN=AD5C3E23CB9C0B7078F5CC9907050696C2A4ADD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3e:7c:ad:d0:ab:9a:f2:51:58:6e:a6:03:85:
38:18:13:1e:fd:b2:53:07:d0:60:a5:f8:73:d8:15:
00:0e:1c:6d:a8:da:f5:2f:ce:21:ff:fe:73:72:99:
35:fb:17:c8:e9:04:69:b4:37:17:87:2a:55:94:a1:
20:09:7b:19:b4:1d:a5:ae:7f:9e:43:2a:50:f0:23:
3b:c0:e7:41:11:ac:26:c7:f2:99:a7:9c:4c:2a:1d:
1e:49:21:0f:f3:e7:1e:03:5c:3f:cc:14:f6:13:1f:
57:41:70:7f:74:9a:7f:da:ec:24:e5:54:49:68:de:
e4:d9:67:5f:f0:6f:9e:19:ea:46:5c:23:27:45:9d:
70:67:73:81:6a:2c:a9:51:14:bb:69:cb:21:2b:07:
bf:09:27:01:85:42:b1:d4:ec:b9:48:0b:65:d3:5f:
67:0a:e3:e0:07:f5:ae:21:59:32:2f:d1:fd:6e:66:
88:79:55:cb:4c:e5:d5:a4:40:90:99:c8:52:71:f1:
b6:76:0d:d5:1f:1f:85:18:23:91:ac:ab:f3:b3:6b:
65:6f:3f:3a:1a:dd:d1:c4:8c:21:78:ae:27:f1:f7:
d8:38:09:9d:06:44:4b:3b:d1:f8:43:e7:e1:f8:79:
e4:ca:bc:07:d7:b3:23:d0:ed:28:2a:24:2d:ff:d6:
56:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:5C:3E:23:CB:9C:0B:70:78:F5:CC:99:07:05:06:96:C2:A4:AD:D2
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.47.240.0/24
IPv6:
2a05:dfc3:fd24::/48
2a06:1281:40::/44
2a06:1281:1000::/36
2a09:54c6::/36
2a0f:6280:a::/48
2a0f:6280:10::-2a0f:6280:18:ffff:ffff:ffff:ffff:ffff
2a0f:6280:1a::-2a0f:6280:1d:ffff:ffff:ffff:ffff:ffff
2a0f:6280:1f::/48
2a0f:6283:1130::-2a0f:6283:115f:ffff:ffff:ffff:ffff:ffff
2a0f:6284:20::/44
2a0f:6284:4700::/40
2a0f:6287:1000::/36
Signature Algorithm: sha256WithRSAEncryption
66:96:86:cb:c2:36:86:d9:b0:77:85:7b:f1:54:09:2e:38:a0:
d3:ae:23:77:6c:5c:62:fd:54:53:e3:cd:a7:27:55:e9:11:aa:
26:36:aa:e7:a3:3c:99:ad:35:c4:14:e1:0c:e3:23:42:e8:9f:
4b:9e:7b:b6:2c:c1:0f:2b:d3:d0:e8:0f:32:4b:23:65:ae:22:
a7:ae:ec:78:b1:31:e6:9d:40:ec:82:c1:78:31:62:a8:79:8d:
ba:e6:9b:1a:ef:cc:e9:76:f4:6e:9e:bd:24:f6:f8:da:3a:db:
68:ae:62:0f:bb:5b:13:41:43:7f:5d:25:71:0a:bc:ab:a6:73:
6e:27:b2:19:63:80:0b:26:a3:b7:85:95:f6:25:f8:7b:b9:0d:
ae:bd:c2:5c:51:5c:66:25:5d:bd:34:d1:2d:44:6a:3d:0b:ce:
b6:03:67:f2:3d:c6:39:a8:a3:a7:05:9d:12:57:3d:63:f1:b0:
95:c2:e0:86:47:56:4e:a9:02:89:af:81:5d:c0:bc:6d:6d:c6:
46:e2:b8:ba:0d:cf:e2:5e:b1:96:d7:e9:31:0d:e1:4c:36:9a:
6e:cc:cf:58:12:32:60:70:87:55:c7:62:e1:fc:27:21:54:8e:
cd:be:cb:bc:76:66:a7:62:45:39:65:4e:42:7f:02:d4:32:d5:
26:9a:d0:5e
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIUe3LSz4QHW1Uv/PjTKMrWOYk8ZBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjAzMDQwNzU1NDlaFw0yNzAzMDMwODAwNDlaMDMxMTAvBgNV
BAMTKEFENUMzRTIzQ0I5QzBCNzA3OEY1Q0M5OTA3MDUwNjk2QzJBNEFERDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUPnyt0Kua8lFYbqYDhTgYEx79
slMH0GCl+HPYFQAOHG2o2vUvziH//nNymTX7F8jpBGm0NxeHKlWUoSAJexm0HaWu
f55DKlDwIzvA50ERrCbH8pmnnEwqHR5JIQ/z5x4DXD/MFPYTH1dBcH90mn/a7CTl
VElo3uTZZ1/wb54Z6kZcIydFnXBnc4FqLKlRFLtpyyErB78JJwGFQrHU7LlIC2XT
X2cK4+AH9a4hWTIv0f1uZoh5VctM5dWkQJCZyFJx8bZ2DdUfH4UYI5Gsq/Oza2Vv
Pzoa3dHEjCF4rifx99g4CZ0GREs70fhD5+H4eeTKvAfXsyPQ7SgqJC3/1lZxAgMB
AAGjggJxMIICbTAdBgNVHQ4EFgQUrVw+I8ucC3B49cyZBwUGlsKkrdIwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM0NzI3Mi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjCBtAYIKwYBBQUHAQcBAf8EgaQwgaEwDAQCAAEwBgME
AMcv8DCBkAQCAAIwgYkDBwAqBd/D/SQDBwQqBhKBAEADBgQqBhKBEAMGBCoJVMYA
AwcAKg9igAAKMBIDBwQqD2KAABADBwAqD2KAABgwEgMHASoPYoAAGgMHASoPYoAA
HAMHACoPYoAAHzASAwcEKg9igxEwAwcFKg9igxFAAwcEKg9ihAAgAwYAKg9ihEcD
BgQqD2KHEDANBgkqhkiG9w0BAQsFAAOCAQEAZpaGy8I2htmwd4V78VQJLjig064j
d2xcYv1UU+PNpydV6RGqJjaq56M8ma01xBThDOMjQuifS557tizBDyvT0OgPMksj
Za4ip67seLEx5p1A7ILBeDFiqHmNuuabGu/M6Xb0bp69JPb42jrbaK5iD7tbE0FD
f10lcQq8q6ZzbieyGWOACyajt4WV9iX4e7kNrr3CXFFcZiVdvTTRLURqPQvOtgNn
8j3GOaijpwWdElc9Y/GwlcLghkdWTqkCia+BXcC8bW3GRuK4ug3P4l6xltfpMQ3h
TDaabszPWBIyYHCHVcdi4fwnIVSOzb7LvHZmp2JFOWVOQn8C1DLVJprQXg==
-----END CERTIFICATE-----
Generated at Thu Mar 5 11:56:56 2026 by rpki-client