Route Origin Authorization
$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS47272.roa
File: AS47272.roa (raw, json)
Hash identifier: Q3UI+eJmW6GU5sdZqXW4KtjU8SBibgpCdGUZ3Sc/WNE=
Subject key identifier: BD:59:EB:DF:B3:6C:63:BA:89:A4:03:17:A1:8E:79:68:22:A1:35:01
Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial: 23EBDDD3534EA5E4E3696A7E2F2CD4958012089D
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
Signing time: Tue 23 Jun 2026 10:52:26 +0000
ROA not before: Tue 23 Jun 2026 10:47:26 +0000
ROA not after: Tue 22 Jun 2027 10:52:26 +0000
asID: 47272
IP address blocks: 199.47.240.0/24 maxlen: 32
2a06:1281:40::/44 maxlen: 44
2a06:1281:1000::/36 maxlen: 36
2a0f:6280:a::/48 maxlen: 128
2a0f:6280:13::/48 maxlen: 128
2a0f:6280:15::/48 maxlen: 128
2a0f:6280:18::/48 maxlen: 128
2a0f:6280:1d::/48 maxlen: 128
2a0f:6280:1f::/48 maxlen: 128
2a0f:6280:1300::/40 maxlen: 48
2a0f:6283:1130::/44 maxlen: 44
2a0f:6283:1140::/44 maxlen: 44
2a0f:6283:1150::/44 maxlen: 44
2a0f:6284:20::/44 maxlen: 44
Validation: OK
Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Jun 2026 13:46:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:eb:dd:d3:53:4e:a5:e4:e3:69:6a:7e:2f:2c:d4:95:80:12:08:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Validity
Not Before: Jun 23 10:47:26 2026 GMT
Not After : Jun 22 10:52:26 2027 GMT
Subject: CN=BD59EBDFB36C63BA89A40317A18E796822A13501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c4:9f:cc:af:52:96:67:2b:14:0d:1c:7a:0e:
fa:89:c5:a0:2a:79:e5:ec:8e:37:bb:1b:bc:0d:31:
4a:85:74:28:61:20:d1:37:cc:16:e6:04:b6:10:21:
07:b8:44:aa:f2:90:a7:bf:a1:74:c6:12:3c:ce:23:
35:d8:0e:1b:36:1c:d9:f1:9b:75:8a:4b:b0:0c:3c:
3f:77:c4:ed:2f:dc:ca:48:71:e2:eb:af:e1:ff:89:
59:9c:bc:71:6d:af:26:5c:49:b8:f7:cd:33:61:6b:
15:22:7b:6c:90:cc:e9:ba:7c:ad:2c:1a:bd:f0:e7:
f9:dc:4f:57:7a:14:bf:3b:53:72:8f:fb:3c:6a:48:
8d:ce:ce:a2:24:d3:7e:be:b7:8c:fc:57:fd:da:9e:
88:1f:b5:5f:a9:b9:a6:95:4a:58:c1:9e:e5:bf:7e:
09:ec:48:65:8c:5c:9c:87:a8:0a:aa:1d:02:03:2b:
5a:92:c4:06:b3:68:6a:38:df:19:5a:a7:94:95:0d:
cf:4f:6c:cf:4e:b0:07:1d:e2:6e:62:0f:59:69:e2:
bd:63:1d:f6:37:22:af:cd:ae:23:a5:66:ff:00:fb:
56:2e:49:5c:23:96:89:d2:4e:30:6f:15:84:aa:39:
bc:ab:4b:a4:a7:be:ea:b1:61:12:b6:fa:71:96:27:
5c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:59:EB:DF:B3:6C:63:BA:89:A4:03:17:A1:8E:79:68:22:A1:35:01
X509v3 Authority Key Identifier:
keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject Information Access:
Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS47272.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.47.240.0/24
IPv6:
2a06:1281:40::/44
2a06:1281:1000::/36
2a0f:6280:a::/48
2a0f:6280:13::/48
2a0f:6280:15::/48
2a0f:6280:18::/48
2a0f:6280:1d::/48
2a0f:6280:1f::/48
2a0f:6280:1300::/40
2a0f:6283:1130::-2a0f:6283:115f:ffff:ffff:ffff:ffff:ffff
2a0f:6284:20::/44
Signature Algorithm: sha256WithRSAEncryption
51:13:24:69:3e:44:cd:68:7b:98:35:9c:c7:e3:e3:26:0a:60:
17:a6:1d:9d:2a:b7:b1:0e:e0:2d:76:7d:34:17:0f:27:0d:51:
17:2c:86:10:da:c6:e2:e6:c5:8d:34:1d:17:0d:24:15:0b:5c:
c0:44:ad:db:fc:66:a1:04:be:a8:c2:d5:36:79:42:00:d1:73:
a4:41:af:0c:93:0e:79:1c:aa:14:9d:c3:cc:b5:fa:6b:19:6d:
c1:01:0a:65:c9:13:63:36:88:7f:54:d9:11:8e:e1:e6:78:35:
d8:10:79:cb:ba:af:2b:7d:30:97:b8:22:d2:0e:48:5f:7f:e0:
fb:a9:ba:56:ad:ed:67:59:8e:df:0b:79:4d:c8:45:e1:69:f5:
08:6e:89:d9:d6:bd:12:df:a6:0a:22:29:bd:24:a3:aa:25:5f:
b3:33:cf:39:01:45:95:0c:66:c5:41:7d:7e:f2:cd:22:2f:91:
ab:9e:39:82:e6:f6:63:f8:80:c8:2d:bd:97:b3:7a:a3:e2:bf:
de:ca:90:d6:24:51:f9:5c:27:14:1b:0e:06:91:11:1c:2e:6e:
83:5f:37:63:9e:98:d9:20:65:ae:9a:43:f2:15:d3:47:d8:9c:
fd:ff:8d:5d:43:da:ce:05:2d:e8:d3:5a:42:05:9b:90:28:6b:
f2:53:5b:3e
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUI+vd01NOpeTjaWp+LyzUlYASCJ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA2MjMxMDQ3MjZaFw0yNzA2MjIxMDUyMjZaMDMxMTAvBgNV
BAMTKEJENTlFQkRGQjM2QzYzQkE4OUE0MDMxN0ExOEU3OTY4MjJBMTM1MDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDExJ/Mr1KWZysUDRx6DvqJxaAq
eeXsjje7G7wNMUqFdChhINE3zBbmBLYQIQe4RKrykKe/oXTGEjzOIzXYDhs2HNnx
m3WKS7AMPD93xO0v3MpIceLrr+H/iVmcvHFtryZcSbj3zTNhaxUie2yQzOm6fK0s
Gr3w5/ncT1d6FL87U3KP+zxqSI3OzqIk036+t4z8V/3anogftV+puaaVSljBnuW/
fgnsSGWMXJyHqAqqHQIDK1qSxAazaGo43xlap5SVDc9PbM9OsAcd4m5iD1lp4r1j
HfY3Iq/NriOlZv8A+1YuSVwjlonSTjBvFYSqObyrS6SnvuqxYRK2+nGWJ1wrAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQUvVnr37NsY7qJpAMXoY55aCKhNQEwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM0NzI3Mi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjCBlQYIKwYBBQUHAQcBAf8EgYUwgYIwDAQCAAEwBgME
AMcv8DByBAIAAjBsAwcEKgYSgQBAAwYEKgYSgRADBwAqD2KAAAoDBwAqD2KAABMD
BwAqD2KAABUDBwAqD2KAABgDBwAqD2KAAB0DBwAqD2KAAB8DBgAqD2KAEzASAwcE
Kg9igxEwAwcFKg9igxFAAwcEKg9ihAAgMA0GCSqGSIb3DQEBCwUAA4IBAQBREyRp
PkTNaHuYNZzH4+MmCmAXph2dKrexDuAtdn00Fw8nDVEXLIYQ2sbi5sWNNB0XDSQV
C1zARK3b/GahBL6owtU2eUIA0XOkQa8Mkw55HKoUncPMtfprGW3BAQplyRNjNoh/
VNkRjuHmeDXYEHnLuq8rfTCXuCLSDkhff+D7qbpWre1nWY7fC3lNyEXhafUIbonZ
1r0S36YKIim9JKOqJV+zM885AUWVDGbFQX1+8s0iL5GrnjmC5vZj+IDILb2Xs3qj
4r/eypDWJFH5XCcUGw4GkREcLm6DXzdjnpjZIGWumkPyFdNH2Jz9/41dQ9rOBS3o
01pCBZuQKGvyU1s+
-----END CERTIFICATE-----
Generated at Wed Jun 24 04:39:58 2026 by rpki-client