Route Origin Authorization
$ rpki-client -vvf repo.rpki.space/repo/Netiface/1/32332e3137362e3138342e302f32342d3234203d3e203630323233.roa
File: 32332e3137362e3138342e302f32342d3234203d3e203630323233.roa (raw, json)
Hash identifier: IqA7mi+Xm4vOKcBvbtbgBq2WWBiD2/TfadhR5CIXTbc=
Subject key identifier: 99:98:A9:22:C7:55:7E:06:DF:79:70:E4:64:49:AC:9A:35:D0:62:CB
Certificate issuer: /CN=2b75ca250fc63c6c47d032638bcecc49f4b5fb715ec6dfe8c8
Certificate serial: 3FFD3BBAA6A5A781F2807BB71CCC4D33EFCDDCF0
Authority key identifier: FB:F7:8E:5D:A5:B5:D6:AD:4E:2F:93:26:34:20:6B:13:3C:CB:FD:25
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/04b24da1-11ab-48ad-a03f-6b7832a569c8/2b75ca250fc63c6c47d032638bcecc49f4b5fb715ec6dfe8c8.cer
Subject info access: rsync://repo.rpki.space/repo/Netiface/1/32332e3137362e3138342e302f32342d3234203d3e203630323233.roa
Signing time: Wed 30 Apr 2025 14:19:21 +0000
ROA not before: Wed 30 Apr 2025 14:14:21 +0000
ROA not after: Wed 29 Apr 2026 14:19:21 +0000
asID: 60223
IP address blocks: 23.176.184.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:fd:3b:ba:a6:a5:a7:81:f2:80:7b:b7:1c:cc:4d:33:ef:cd:dc:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b75ca250fc63c6c47d032638bcecc49f4b5fb715ec6dfe8c8
Validity
Not Before: Apr 30 14:14:21 2025 GMT
Not After : Apr 29 14:19:21 2026 GMT
Subject: CN=9998A922C7557E06DF7970E46449AC9A35D062CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3b:88:b2:9f:0c:31:07:5b:35:ad:64:92:18:
02:5c:4c:64:2c:3e:15:c4:e9:b4:0c:0d:fb:c8:b2:
12:36:6b:b3:89:58:d5:20:8e:bf:9c:94:db:88:f1:
5e:e7:37:02:7c:b7:50:53:ff:c1:fc:7a:a8:31:7b:
9e:bb:50:cf:56:b9:b9:fe:16:d7:64:52:0c:17:c0:
56:5d:8a:66:d5:a5:a2:53:1b:eb:3d:e2:50:b5:a3:
71:43:23:cd:b5:2a:17:f8:05:6d:49:9c:f2:aa:41:
c3:47:88:6c:58:79:4c:cb:3b:d6:f7:84:ad:33:86:
ae:bd:8f:58:dc:f2:b5:60:ec:66:c4:b2:2b:24:44:
8c:f6:fb:77:18:b7:0d:67:d8:32:66:87:89:32:74:
f8:93:fe:6d:ad:de:82:e5:b3:f4:ea:12:6b:c5:25:
cd:53:0d:4b:f0:f1:21:7f:bd:c0:4a:2f:69:5f:ee:
88:f4:4c:bd:b3:6f:17:50:ab:67:4d:64:7f:b0:eb:
3c:cf:dc:d4:f8:2b:3d:e4:21:56:c4:87:d0:10:4e:
9a:df:42:c4:14:f7:df:c4:f4:63:c9:36:c4:3b:e3:
2c:66:47:8b:01:c5:1d:93:ac:3c:ed:8c:ce:a3:5d:
83:15:3d:a8:87:23:1b:be:c9:8e:00:52:fb:89:e0:
fb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:98:A9:22:C7:55:7E:06:DF:79:70:E4:64:49:AC:9A:35:D0:62:CB
X509v3 Authority Key Identifier:
keyid:FB:F7:8E:5D:A5:B5:D6:AD:4E:2F:93:26:34:20:6B:13:3C:CB:FD:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo.rpki.space/repo/Netiface/1/FBF78E5DA5B5D6AD4E2F932634206B133CCBFD25.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/04b24da1-11ab-48ad-a03f-6b7832a569c8/2b75ca250fc63c6c47d032638bcecc49f4b5fb715ec6dfe8c8.cer
Subject Information Access:
Signed Object - URI:rsync://repo.rpki.space/repo/Netiface/1/32332e3137362e3138342e302f32342d3234203d3e203630323233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.176.184.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:d4:01:5c:36:5c:77:94:cd:30:d8:52:b1:78:a4:cb:e3:fe:
8e:b4:71:18:b8:f5:f6:31:fa:57:35:5c:01:4d:ca:95:66:7f:
ba:18:2f:56:43:ca:6a:4f:2a:a3:af:54:70:eb:52:94:57:05:
9d:b8:c0:b6:38:d5:6d:6e:65:17:8b:58:c2:01:a5:82:aa:54:
a9:9c:06:2f:cd:0a:d7:5f:1e:9d:17:b4:b5:9a:17:1c:05:65:
e7:d8:cc:2b:1b:40:c3:c1:1c:10:82:37:c0:09:8e:e3:cf:11:
de:8e:16:e0:43:90:27:c1:2f:40:0c:26:88:ae:a7:e8:52:37:
7b:6a:78:b6:80:b3:e5:e5:a4:aa:e2:e9:74:eb:74:98:aa:4e:
e6:a0:fd:94:dd:2c:c6:dc:bc:51:6c:c6:e7:fe:b7:c2:41:18:
8e:0f:7a:24:56:90:40:6a:c4:16:c3:43:5d:06:44:ca:1c:81:
30:de:02:1b:7d:aa:64:7a:24:4a:9a:70:7f:77:ed:8d:49:40:
88:8f:4c:ed:2d:bc:ea:c9:ce:07:3d:d0:bd:fb:36:ac:ba:74:
dc:3d:bf:16:f2:53:fa:93:9a:c4:11:01:e8:e8:47:77:9c:31:
b1:96:f0:4e:66:04:13:bc:80:6f:34:da:1c:cf:8e:3e:41:79:
9e:a4:43:08
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUP/07uqalp4HygHu3HMxNM+/N3PAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMmI3NWNhMjUwZmM2M2M2YzQ3ZDAzMjYzOGJjZWNjNDlm
NGI1ZmI3MTVlYzZkZmU4YzgwHhcNMjUwNDMwMTQxNDIxWhcNMjYwNDI5MTQxOTIx
WjAzMTEwLwYDVQQDEyg5OTk4QTkyMkM3NTU3RTA2REY3OTcwRTQ2NDQ5QUM5QTM1
RDA2MkNCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDuIsp8MMQdb
Na1kkhgCXExkLD4VxOm0DA37yLISNmuziVjVII6/nJTbiPFe5zcCfLdQU//B/Hqo
MXueu1DPVrm5/hbXZFIMF8BWXYpm1aWiUxvrPeJQtaNxQyPNtSoX+AVtSZzyqkHD
R4hsWHlMyzvW94StM4auvY9Y3PK1YOxmxLIrJESM9vt3GLcNZ9gyZoeJMnT4k/5t
rd6C5bP06hJrxSXNUw1L8PEhf73ASi9pX+6I9Ey9s28XUKtnTWR/sOs8z9zU+Cs9
5CFWxIfQEE6a30LEFPffxPRjyTbEO+MsZkeLAcUdk6w87YzOo12DFT2ohyMbvsmO
AFL7ieD7MwIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFJmYqSLHVX4G33lw5GRJrJo1
0GLLMB8GA1UdIwQYMBaAFPv3jl2ltdatTi+TJjQgaxM8y/0lMA4GA1UdDwEB/wQE
AwIHgDBlBgNVHR8EXjBcMFqgWKBWhlRyc3luYzovL3JlcG8ucnBraS5zcGFjZS9y
ZXBvL05ldGlmYWNlLzEvRkJGNzhFNURBNUI1RDZBRDRFMkY5MzI2MzQyMDZCMTMz
Q0NCRkQyNS5jcmwwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03Jz
eW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRh
MjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvNGFiN2FlNGQtYmQ3Yi00
YjMzLTlhODgtNWIyMmQyYTgzMzdkLzA0YjI0ZGExLTExYWItNDhhZC1hMDNmLTZi
NzgzMmE1NjljOC8yYjc1Y2EyNTBmYzYzYzZjNDdkMDMyNjM4YmNlY2M0OWY0YjVm
YjcxNWVjNmRmZThjOC5jZXIwfgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJy
c3luYzovL3JlcG8ucnBraS5zcGFjZS9yZXBvL05ldGlmYWNlLzEvMzIzMzJlMzEz
NzM2MmUzMTM4MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzIzMjMzLnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAF7C4MA0GCSqGSIb3DQEBCwUAA4IBAQC/1AFcNlx3lM0w2FKxeKTL
4/6OtHEYuPX2MfpXNVwBTcqVZn+6GC9WQ8pqTyqjr1Rw61KUVwWduMC2ONVtbmUX
i1jCAaWCqlSpnAYvzQrXXx6dF7S1mhccBWXn2MwrG0DDwRwQgjfACY7jzxHejhbg
Q5AnwS9ADCaIrqfoUjd7ani2gLPl5aSq4ul063SYqk7moP2U3SzG3LxRbMbn/rfC
QRiOD3okVpBAasQWw0NdBkTKHIEw3gIbfapkeiRKmnB/d+2NSUCIj0ztLbzqyc4H
PdC9+zasunTcPb8W8lP6k5rEEQHo6Ed3nDGxlvBOZgQTvIBvNNocz44+QXmepEMI
-----END CERTIFICATE-----
Generated at Mon Jun 30 21:49:08 2025 by rpki-client