Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/nl78eNz9A-Pf1t2blr5pels7tLE.roa
File: nl78eNz9A-Pf1t2blr5pels7tLE.roa (raw, json)
Hash identifier: lAt6lmUXDb2kB3r0tZqDliz+K+CaqCzqqTdvHCYtWDM=
Subject key identifier: 9E:5E:FC:78:DC:FD:03:E3:DF:D6:DD:9B:96:BE:69:7A:5B:3B:B4:B1
Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial: 0AB7
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/nl78eNz9A-Pf1t2blr5pels7tLE.roa
Signing time: Thu 15 Sep 2022 02:37:41 +0000
ROA not before: Thu 15 Sep 2022 02:37:41 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9244
IP address blocks: 61.247.168.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2743 (0xab7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Validity
Not Before: Sep 15 02:37:41 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=9E5EFC78DCFD03E3DFD6DD9B96BE697A5B3BB4B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c4:3b:6b:98:7b:dc:63:a4:75:60:14:32:4a:
cd:6d:ef:ac:aa:05:91:13:3f:55:60:a3:ed:bd:79:
31:c8:f6:d1:3d:c7:ae:96:14:d1:be:c2:55:0b:57:
8a:88:f7:59:1c:aa:56:6d:d1:8b:82:19:fe:f8:62:
84:04:ce:88:88:02:b6:40:04:01:ed:15:6c:57:5f:
8d:0f:aa:70:92:63:1f:a7:6a:d5:63:f4:33:d0:2f:
04:c7:3b:2f:0f:0b:ef:7d:ca:78:df:87:aa:c9:05:
34:11:1c:31:c1:b3:83:a4:03:0f:1b:64:d1:4c:d3:
c0:ee:64:ff:60:1a:72:b9:65:07:c0:11:cd:dc:b1:
e2:a4:09:5c:0c:85:98:6a:16:a9:49:45:44:c1:e7:
06:18:41:12:33:3e:a1:de:b4:c9:14:78:b2:20:11:
cf:23:5e:75:90:b3:7c:19:3a:9b:ce:6b:9a:19:3c:
35:60:69:fd:71:ce:6f:09:09:e5:d8:9d:d5:d1:20:
06:13:57:80:dd:63:b4:fa:4e:5e:b0:09:23:c0:a2:
c7:3c:6d:f6:3f:be:aa:a2:c4:4d:19:ea:6e:b5:08:
71:60:50:c4:21:99:05:26:83:da:23:40:91:a0:7f:
54:d9:6b:f3:63:0a:29:a8:60:4d:11:07:46:b9:62:
65:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:5E:FC:78:DC:FD:03:E3:DF:D6:DD:9B:96:BE:69:7A:5B:3B:B4:B1
X509v3 Authority Key Identifier:
keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/nl78eNz9A-Pf1t2blr5pels7tLE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.247.168.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:9b:f2:e1:e8:3f:86:62:4d:2f:e0:7e:80:48:ff:ed:31:0f:
b3:53:f2:c8:d3:cb:0c:0d:1b:4a:6d:22:41:80:00:8b:1f:9c:
22:76:68:fa:9c:91:e9:51:35:98:ea:58:72:df:10:79:14:4e:
ed:fa:46:d4:78:49:e5:5a:2d:a3:77:88:2b:43:c0:39:a6:ab:
f5:85:05:4b:6f:49:5e:1c:c0:b8:be:fd:5b:da:58:f9:09:21:
37:d1:00:46:9f:50:6f:ac:12:17:86:cf:93:98:c7:bd:1c:d8:
cf:51:6d:17:ad:92:e7:0c:de:bf:78:1c:5d:ee:da:c6:04:cd:
0c:69:18:51:f5:ac:b6:d2:83:3b:0f:af:0f:50:f4:f7:15:cc:
e8:ee:4d:98:0d:7e:c9:d3:a0:be:c2:6e:0d:2a:7d:e4:0d:78:
48:77:ef:89:15:8c:d1:d8:a7:64:fe:d7:c7:f4:c7:f9:43:31:
28:c5:83:c4:91:91:b3:64:f1:be:7a:d0:be:5b:37:bf:c6:32:
ae:e5:0d:8e:4f:f0:11:94:6d:a5:09:44:9b:06:31:03:b3:71:
42:12:75:3f:38:37:73:92:d6:66:c9:b2:0c:8f:d3:b9:15:81:
e9:03:b2:fa:94:9a:1b:09:3c:05:7a:0c:0e:f8:15:cf:92:e0:
bd:ae:a2:a7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCrcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yMjA5MTUw
MjM3NDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDlFNUVGQzc4RENGRDAz
RTNERkQ2REQ5Qjk2QkU2OTdBNUIzQkI0QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7xDtrmHvcY6R1YBQySs1t76yqBZETP1Vgo+29eTHI9tE9x66W
FNG+wlULV4qI91kcqlZt0YuCGf74YoQEzoiIArZABAHtFWxXX40PqnCSYx+natVj
9DPQLwTHOy8PC+99ynjfh6rJBTQRHDHBs4OkAw8bZNFM08DuZP9gGnK5ZQfAEc3c
seKkCVwMhZhqFqlJRUTB5wYYQRIzPqHetMkUeLIgEc8jXnWQs3wZOpvOa5oZPDVg
af1xzm8JCeXYndXRIAYTV4DdY7T6Tl6wCSPAosc8bfY/vqqixE0Z6m61CHFgUMQh
mQUmg9ojQJGgf1TZa/NjCimoYE0RB0a5YmUvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnl78eNz9A+Pf1t2blr5pels7tLEwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL25sNzhlTno5QS1QZjF0MmJs
cjVwZWxzN3RMRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9
96gwDQYJKoZIhvcNAQELBQADggEBAIyb8uHoP4ZiTS/gfoBI/+0xD7NT8sjTywwN
G0ptIkGAAIsfnCJ2aPqckelRNZjqWHLfEHkUTu36RtR4SeVaLaN3iCtDwDmmq/WF
BUtvSV4cwLi+/VvaWPkJITfRAEafUG+sEheGz5OYx70c2M9RbRetkucM3r94HF3u
2sYEzQxpGFH1rLbSgzsPrw9Q9PcVzOjuTZgNfsnToL7Cbg0qfeQNeEh374kVjNHY
p2T+18f0x/lDMSjFg8SRkbNk8b560L5bN7/GMq7lDY5P8BGUbaUJRJsGMQOzcUIS
dT84N3OS1mbJsgyP07kVgekDsvqUmhsJPAV6DA74Fc+S4L2uoqc=
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:03:15 2023 by rpki-client on console-fra.rpki-client.org