Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/LuD6cEkdDgE3mW97VJUitIdiPsw.roa
File: LuD6cEkdDgE3mW97VJUitIdiPsw.roa (raw, json)
Hash identifier: qR420UGNhbbxTb4EUc17bZCqF0gfKyTfD2hBwNK4c3k=
Subject key identifier: 2E:E0:FA:70:49:1D:0E:01:37:99:6F:7B:54:95:22:B4:87:62:3E:CC
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 121C
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/LuD6cEkdDgE3mW97VJUitIdiPsw.roa
Signing time: Mon 26 Aug 2024 05:18:15 +0000
ROA not before: Mon 26 Aug 2024 05:18:15 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 198949
IP address blocks: 210.242.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4636 (0x121c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Aug 26 05:18:15 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2EE0FA70491D0E0137996F7B549522B487623ECC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:13:e5:0f:08:8c:1a:1c:92:1b:2f:6f:48:77:
d9:4c:15:9d:c7:36:a6:ca:42:e6:b2:fb:8e:ac:29:
ee:f3:1b:07:4f:d4:b4:29:eb:ea:b4:bc:5c:fd:b8:
44:42:a0:4c:8e:d6:f8:75:de:71:b9:60:4b:dc:ae:
a3:88:7d:18:21:95:e3:ab:a6:4a:b4:9b:b0:eb:26:
3c:e7:30:fc:29:04:26:cc:2d:6e:df:0e:cc:8e:3c:
c9:aa:6e:8f:b6:ac:ca:c0:cd:0d:75:90:2c:eb:ea:
c2:4c:32:b7:07:f4:b0:09:b7:38:f0:fb:6a:cd:01:
1b:f9:90:26:9d:b8:0f:13:48:ac:31:10:07:73:cd:
48:48:c7:33:83:5b:02:37:c8:f5:2c:12:b9:68:16:
ea:1c:cd:24:62:d1:e8:d3:55:9a:42:53:b4:77:4c:
d6:92:de:24:fb:ed:d8:b4:d9:82:e6:76:d1:59:24:
4b:ae:71:9e:aa:d1:51:77:de:9f:8f:ea:1a:94:8b:
ff:be:30:00:9a:45:02:04:0e:a8:14:8f:65:70:15:
6d:fd:10:c6:8f:cd:4a:73:c9:c4:33:04:57:a9:08:
f1:25:41:c5:66:f0:5b:c3:6a:69:9c:5e:e5:62:b8:
a9:ab:8d:56:92:56:a9:25:fc:9a:6a:4f:ea:5a:06:
ec:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:E0:FA:70:49:1D:0E:01:37:99:6F:7B:54:95:22:B4:87:62:3E:CC
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/LuD6cEkdDgE3mW97VJUitIdiPsw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.242.186.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:93:d7:e5:dd:e2:a8:a1:8f:9a:a9:9f:32:8d:1d:e6:c4:30:
17:3f:81:67:83:8c:f6:a9:6c:cc:5b:df:77:95:a4:ce:ef:36:
e3:05:35:c2:32:fe:d8:b4:fc:6b:d1:47:52:2c:0b:4a:b8:65:
6b:f0:fe:c0:58:55:11:64:0c:ed:bb:ac:48:8a:bc:6b:ac:c4:
1a:e0:38:20:c4:83:64:9a:17:09:0b:80:e5:c3:6a:a7:9b:29:
53:98:76:22:dd:19:bc:eb:a3:30:c1:79:2b:a5:40:7a:51:01:
f6:42:25:67:bb:5d:94:91:71:a1:e7:33:32:0f:4a:29:54:5d:
cf:c2:de:85:d9:7a:21:a1:24:3d:8f:f2:81:73:91:ac:1a:e4:
94:21:13:f5:72:62:75:5d:2c:c2:09:00:8e:0a:07:9f:ad:44:
ed:30:dd:58:d3:25:f3:0f:5d:20:18:c2:ce:6f:8f:9f:ff:13:
64:24:0e:f1:40:79:9c:7e:0b:01:5d:d0:b9:43:d2:56:3c:79:
af:8b:e2:85:2a:bd:c0:48:98:38:14:e4:5f:2d:87:bc:fb:43:
a6:ad:50:c8:ff:23:58:44:1b:c2:05:71:ba:c5:9c:13:02:53:
77:e1:fa:09:25:2f:07:52:bc:1e:ce:b1:cb:c5:ef:9a:fb:fb:
68:2f:23:5e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEhwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw
NTE4MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJFRTBGQTcwNDkxRDBF
MDEzNzk5NkY3QjU0OTUyMkI0ODc2MjNFQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqE+UPCIwaHJIbL29Id9lMFZ3HNqbKQuay+46sKe7zGwdP1LQp
6+q0vFz9uERCoEyO1vh13nG5YEvcrqOIfRghleOrpkq0m7DrJjznMPwpBCbMLW7f
DsyOPMmqbo+2rMrAzQ11kCzr6sJMMrcH9LAJtzjw+2rNARv5kCaduA8TSKwxEAdz
zUhIxzODWwI3yPUsErloFuoczSRi0ejTVZpCU7R3TNaS3iT77di02YLmdtFZJEuu
cZ6q0VF33p+P6hqUi/++MACaRQIEDqgUj2VwFW39EMaPzUpzycQzBFepCPElQcVm
8FvDammcXuViuKmrjVaSVqkl/JpqT+paBuxlAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQULuD6cEkdDgE3mW97VJUitIdiPswwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9MdUQ2Y0VrZERnRTNtVzk3VkpV
aXRJZGlQc3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0vK6
MA0GCSqGSIb3DQEBCwUAA4IBAQC3k9fl3eKooY+aqZ8yjR3mxDAXP4Fng4z2qWzM
W993laTO7zbjBTXCMv7YtPxr0UdSLAtKuGVr8P7AWFURZAztu6xIirxrrMQa4Dgg
xINkmhcJC4Dlw2qnmylTmHYi3Rm866MwwXkrpUB6UQH2QiVnu12UkXGh5zMyD0op
VF3Pwt6F2XohoSQ9j/KBc5GsGuSUIRP1cmJ1XSzCCQCOCgefrUTtMN1Y0yXzD10g
GMLOb4+f/xNkJA7xQHmcfgsBXdC5Q9JWPHmvi+KFKr3ASJg4FORfLYe8+0OmrVDI
/yNYRBvCBXG6xZwTAlN34foJJS8HUrwezrHLxe+a+/toLyNe
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:55:27 2025 by rpki-client