Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LIRUN/j0qVI6aL1XkfBC_DMJylC9CYxMg.roa
File: j0qVI6aL1XkfBC_DMJylC9CYxMg.roa (raw, json)
Hash identifier: fJWhUhuggeo5DhZuyVdSHXOXwyEQtcVvFdNvj/UvLkw=
Subject key identifier: 8F:4A:95:23:A6:8B:D5:79:1F:04:2F:C3:30:9C:A5:0B:D0:98:C4:C8
Certificate issuer: /CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5
Certificate serial: 1E
Authority key identifier: D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/j0qVI6aL1XkfBC_DMJylC9CYxMg.roa
Signing time: Fri 24 May 2024 07:53:52 +0000
ROA not before: Fri 24 May 2024 07:53:52 +0000
ROA not after: Sat 26 Apr 2025 10:00:55 +0000
asID: 399624
IP address blocks: 157.66.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 May 2024 13:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5
Validity
Not Before: May 24 07:53:52 2024 GMT
Not After : Apr 26 10:00:55 2025 GMT
Subject: CN=8F4A9523A68BD5791F042FC3309CA50BD098C4C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:49:7e:5d:49:56:9f:16:de:72:4f:b0:b7:7d:
9e:12:71:9b:e3:40:b1:a1:5b:56:c0:d0:4d:53:3b:
a9:e9:54:d2:22:76:46:5a:c2:91:70:fc:0d:1c:23:
67:b9:5a:35:84:3b:0d:a9:5d:8b:db:45:f7:55:eb:
a0:87:be:ef:33:98:3a:54:03:77:78:f0:e9:9f:b2:
79:c7:fd:82:ab:0c:ce:13:ee:a4:00:1d:d0:68:8f:
00:58:6c:76:24:89:87:b6:01:fc:e7:47:82:a7:51:
52:7b:22:6a:c8:3c:2a:c7:a6:1e:26:3c:e4:c5:83:
f2:60:0d:9c:05:f5:c7:45:8d:0c:be:b5:73:4d:2f:
28:a6:1c:f3:c4:3b:07:fa:a2:17:20:3e:ba:74:0d:
c0:a1:78:82:60:78:db:fa:c9:a5:e3:a0:f1:b2:c1:
c2:5b:f5:20:44:e2:d3:8e:3b:c8:9d:b7:f2:dd:69:
60:66:3e:77:bb:a4:20:b8:8b:1e:98:71:e5:d9:92:
98:dd:2f:c7:e7:f4:9e:6a:bf:47:c0:fb:56:65:47:
7e:3a:d9:2f:92:31:e8:26:04:78:5c:04:8c:93:f5:
d3:b9:2c:93:6e:05:7f:18:be:09:14:ce:07:40:fc:
69:9a:ce:68:28:8d:6f:75:98:4a:7e:45:ac:d5:04:
82:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:4A:95:23:A6:8B:D5:79:1F:04:2F:C3:30:9C:A5:0B:D0:98:C4:C8
X509v3 Authority Key Identifier:
keyid:D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/j0qVI6aL1XkfBC_DMJylC9CYxMg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.167.0/24
Signature Algorithm: sha256WithRSAEncryption
36:21:ff:ef:58:e8:33:b6:c8:95:d0:fe:a8:de:af:eb:a0:78:
94:2c:1e:9c:75:f2:c6:2b:ec:33:1f:82:3b:da:cc:a7:4e:cd:
ba:d2:50:45:52:a9:42:b4:cc:26:04:b6:33:87:3d:d7:65:b5:
b6:43:b7:31:9d:e0:11:b9:d8:53:d2:3d:a1:9a:51:df:1d:0a:
3d:fa:ad:a9:b9:5e:67:b9:90:bc:f8:6e:57:5f:0d:8d:99:eb:
ba:1e:6c:01:4c:fe:45:db:91:e5:67:89:d0:bc:7b:af:02:2c:
1e:04:5d:51:94:d0:87:72:4c:95:03:e4:b0:aa:94:36:c2:89:
20:9f:d7:87:d4:2a:19:ea:0d:fd:a4:c1:7e:ed:4b:04:bb:07:
be:8b:a9:dc:c7:12:d4:18:47:52:34:4a:d7:65:56:1f:04:17:
6d:bd:15:9e:29:f4:b6:75:0e:8b:7c:3e:97:59:fe:86:f0:57:
ad:dc:00:b3:a1:72:70:59:a8:d2:1a:4c:5a:ce:d7:a4:de:cc:
33:59:9c:39:a1:cc:e7:b4:d1:83:e5:bc:d9:7c:33:43:8f:3f:
14:0b:44:4f:4e:bc:7d:2d:7e:da:ec:69:ce:71:d8:e8:bf:11:
18:f1:69:17:fa:af:45:28:47:89:dd:67:52:ee:ae:68:1a:04:
6a:e9:1d:dd
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIBHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhEOTY2
QjU1OTA5MzI0MTgwQTg4QTQ1RTFGNjgzQ0Y0RDJFRDlCQ0E1MB4XDTI0MDUyNDA3
NTM1MloXDTI1MDQyNjEwMDA1NVowMzExMC8GA1UEAxMoOEY0QTk1MjNBNjhCRDU3
OTFGMDQyRkMzMzA5Q0E1MEJEMDk4QzRDODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJ9Jfl1JVp8W3nJPsLd9nhJxm+NAsaFbVsDQTVM7qelU0iJ2RlrC
kXD8DRwjZ7laNYQ7Daldi9tF91XroIe+7zOYOlQDd3jw6Z+yecf9gqsMzhPupAAd
0GiPAFhsdiSJh7YB/OdHgqdRUnsiasg8KsemHiY85MWD8mANnAX1x0WNDL61c00v
KKYc88Q7B/qiFyA+unQNwKF4gmB42/rJpeOg8bLBwlv1IETi0447yJ238t1pYGY+
d7ukILiLHphx5dmSmN0vx+f0nmq/R8D7VmVHfjrZL5Ix6CYEeFwEjJP107ksk24F
fxi+CRTOB0D8aZrOaCiNb3WYSn5FrNUEgl0CAwEAAaOCAewwggHoMB0GA1UdDgQW
BBSPSpUjpovVeR8EL8MwnKUL0JjEyDAfBgNVHSMEGDAWgBTZZrVZCTJBgKiKReH2
g89NLtm8pTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9MSVJVTi8y
V2ExV1FreVFZQ29pa1hoOW9QUFRTN1p2S1UuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
LzJXYTFXUWt5UVlDb2lrWGg5b1BQVFM3WnZLVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0xJUlVOL2owcVZJNmFMMVhrZkJDX0RNSnls
QzlDWXhNZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9y
cmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACdQqcw
DQYJKoZIhvcNAQELBQADggEBADYh/+9Y6DO2yJXQ/qjer+ugeJQsHpx18sYr7DMf
gjvazKdOzbrSUEVSqUK0zCYEtjOHPddltbZDtzGd4BG52FPSPaGaUd8dCj36ram5
Xme5kLz4bldfDY2Z67oebAFM/kXbkeVnidC8e68CLB4EXVGU0IdyTJUD5LCqlDbC
iSCf14fUKhnqDf2kwX7tSwS7B76LqdzHEtQYR1I0StdlVh8EF229FZ4p9LZ1Dot8
PpdZ/obwV63cALOhcnBZqNIaTFrO16TezDNZnDmhzOe00YPlvNl8M0OPPxQLRE9O
vH0tftrsac5x2Oi/ERjxaRf6r0UoR4ndZ1LurmgaBGrpHd0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:37 2025 by rpki-client