Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/G0-v0Eb1VVtOtU0ZHf3SheskoIM.roa
File: G0-v0Eb1VVtOtU0ZHf3SheskoIM.roa (raw, json)
Hash identifier: CCFqLpJin4rQ3n6vV9Ddvo+0uf8x6F+KMZvOMIntSgE=
Subject key identifier: 1B:4F:AF:D0:46:F5:55:5B:4E:B5:4D:19:1D:FD:D2:85:EB:24:A0:83
Certificate issuer: /CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647
Certificate serial: 09
Authority key identifier: BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/G0-v0Eb1VVtOtU0ZHf3SheskoIM.roa
Signing time: Thu 28 Nov 2024 10:16:57 +0000
ROA not before: Thu 28 Nov 2024 10:16:57 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9678
IP address blocks: 2.58.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:22:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647
Validity
Not Before: Nov 28 10:16:57 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=1B4FAFD046F5555B4EB54D191DFDD285EB24A083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:87:39:53:55:40:c8:ca:ac:55:08:fa:ba:3d:
e3:4a:3c:bb:08:2f:e1:cc:6d:e3:08:57:70:1c:a5:
46:e2:c6:0b:1d:5f:1f:b9:45:75:ff:64:88:26:c7:
0f:e4:24:0a:73:1f:d6:11:c3:74:87:39:6c:e5:98:
ba:53:e0:4d:c1:83:6f:b9:bf:11:93:3b:c6:55:0e:
8e:91:68:81:72:ac:49:6c:d3:fe:56:00:54:8c:09:
9e:8e:c4:58:ea:b7:94:45:2e:54:3b:ad:27:26:32:
b9:bb:56:36:4b:4f:0d:f8:de:a4:30:38:ff:c6:01:
e0:0d:94:69:ea:46:7b:e4:8e:1f:97:92:d8:35:e4:
04:be:09:26:1f:9e:4b:c6:2d:1e:9c:09:30:bb:db:
27:8f:a4:fa:71:cb:65:75:49:2f:80:3d:c6:f3:b9:
17:6d:92:60:bd:5e:15:c9:2f:9d:64:aa:21:bf:53:
42:65:c2:13:32:19:92:71:b3:85:f2:61:0c:5c:c1:
e7:ad:ad:58:72:e3:76:29:0e:cc:88:95:f6:e8:ff:
25:36:aa:4c:9f:4c:34:fb:c0:2d:57:6f:fa:bb:ce:
fd:60:a9:f0:58:5a:89:13:72:5e:e4:54:de:07:7d:
96:dd:d5:c0:e3:7a:78:34:ce:39:c9:d1:bb:93:b8:
3d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:4F:AF:D0:46:F5:55:5B:4E:B5:4D:19:1D:FD:D2:85:EB:24:A0:83
X509v3 Authority Key Identifier:
keyid:BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/G0-v0Eb1VVtOtU0ZHf3SheskoIM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
2.58.243.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:d9:d8:fd:d2:2b:41:c6:58:b4:16:f7:fc:d2:f7:32:a7:0e:
83:6e:b2:d7:c5:01:aa:3b:f1:72:81:a0:6b:6c:04:31:9a:ae:
e3:03:0a:a0:41:a0:d9:6e:64:25:f7:a5:b8:48:6d:ea:84:91:
b0:17:02:6c:7a:14:58:e1:e9:bb:6c:c2:f0:57:52:43:72:cc:
4e:d7:56:1b:d0:43:92:32:e2:0e:02:68:10:25:4b:a4:48:d1:
f0:4b:5f:d2:dc:8f:41:e4:a1:fe:00:e9:0c:7f:2b:87:b8:28:
26:17:e1:60:b5:53:85:73:e1:33:fd:55:ef:1a:fd:92:91:ff:
f7:14:f4:2d:c0:2b:10:f0:11:fc:69:ab:05:86:8a:fe:2e:75:
18:ac:33:83:09:c3:5c:98:da:5d:db:f1:31:ce:21:ed:f0:b1:
8e:c0:76:57:a9:f3:b3:da:71:ea:83:0b:f7:c1:43:80:16:a0:
3b:cf:ba:26:f2:9c:66:5e:17:ee:ef:f9:80:a8:10:7b:ac:9d:
be:b9:fe:89:62:13:ed:8f:86:53:bb:c5:98:2e:7d:8e:ed:0d:
f7:79:a3:ad:17:ed:bb:32:de:f7:8e:32:ff:57:8b:99:a6:e2:
21:72:f6:97:e0:36:d9:14:bc:45:a0:eb:79:25:ef:95:60:32:
ee:ad:d6:f7
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIBCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhCQjg4
QTkxNzg1QTc4MkM4RUEzQ0RERUQzRTdDMUYwOURBNzlGNjQ3MB4XDTI0MTEyODEw
MTY1N1oXDTI1MDgyNjAxNTcwM1owMzExMC8GA1UEAxMoMUI0RkFGRDA0NkY1NTU1
QjRFQjU0RDE5MURGREQyODVFQjI0QTA4MzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOiHOVNVQMjKrFUI+ro940o8uwgv4cxt4whXcBylRuLGCx1fH7lF
df9kiCbHD+QkCnMf1hHDdIc5bOWYulPgTcGDb7m/EZM7xlUOjpFogXKsSWzT/lYA
VIwJno7EWOq3lEUuVDutJyYyubtWNktPDfjepDA4/8YB4A2UaepGe+SOH5eS2DXk
BL4JJh+eS8YtHpwJMLvbJ4+k+nHLZXVJL4A9xvO5F22SYL1eFckvnWSqIb9TQmXC
EzIZknGzhfJhDFzB562tWHLjdikOzIiV9uj/JTaqTJ9MNPvALVdv+rvO/WCp8Fha
iRNyXuRU3gd9lt3VwON6eDTOOcnRu5O4PbcCAwEAAaOCAe4wggHqMB0GA1UdDgQW
BBQbT6/QRvVVW061TRkd/dKF6ySggzAfBgNVHSMEGDAWgBS7iKkXhaeCyOo83e0+
fB8J2nn2RzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9IT1NUSU4v
dTRpcEY0V25nc2pxUE4zdFBud2ZDZHA1OWtjLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS91NGlwRjRXbmdzanFQTjN0UG53ZkNkcDU5a2MuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9IT1NUSU4vRzAtdjBFYjFWVnRPdFUwWkhm
M1NoZXNrb0lNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI6
8zANBgkqhkiG9w0BAQsFAAOCAQEAmtnY/dIrQcZYtBb3/NL3MqcOg26y18UBqjvx
coGga2wEMZqu4wMKoEGg2W5kJfeluEht6oSRsBcCbHoUWOHpu2zC8FdSQ3LMTtdW
G9BDkjLiDgJoECVLpEjR8Etf0tyPQeSh/gDpDH8rh7goJhfhYLVThXPhM/1V7xr9
kpH/9xT0LcArEPAR/GmrBYaK/i51GKwzgwnDXJjaXdvxMc4h7fCxjsB2V6nzs9px
6oML98FDgBagO8+6JvKcZl4X7u/5gKgQe6ydvrn+iWIT7Y+GU7vFmC59ju0N93mj
rRftuzLe944y/1eLmabiIXL2l+A22RS8RaDreSXvlWAy7q3W9w==
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:53:02 2025 by rpki-client