Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/1ywVpLRPue3G70J85OptXGexNWI.roa
File: 1ywVpLRPue3G70J85OptXGexNWI.roa (raw, json)
Hash identifier: ujtHXCNbhJ5AYJuXnMrEqPDvQprQ/9pq8/99kale78E=
Subject key identifier: D7:2C:15:A4:B4:4F:B9:ED:C6:EF:42:7C:E4:EA:6D:5C:67:B1:35:62
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10D3
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/1ywVpLRPue3G70J85OptXGexNWI.roa
Signing time: Wed 01 Feb 2023 10:29:04 +0000
ROA not before: Wed 01 Feb 2023 10:29:04 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131627
IP address blocks: 220.229.66.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4307 (0x10d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:04 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D72C15A4B44FB9EDC6EF427CE4EA6D5C67B13562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:55:56:d4:23:67:de:18:0d:65:74:d8:ae:6b:
40:7f:bc:3f:61:fd:b4:8b:ea:97:75:41:49:52:f3:
b4:e1:9f:1b:b4:07:77:3e:f9:4d:99:e8:5f:fc:f0:
b9:18:73:e2:22:5e:48:36:d9:1c:74:d0:f6:52:7e:
d6:92:a3:3d:87:5e:1a:5a:8d:f4:e4:d7:b3:2b:e8:
1b:e6:32:3c:41:e7:72:d5:01:5e:1c:41:ef:39:f9:
d6:8b:a7:7e:34:3f:a0:6a:ca:ca:bc:e2:b6:16:6f:
ef:07:67:a1:73:82:fb:5f:a8:2c:6e:0e:a7:71:9c:
03:a9:c7:2b:22:69:36:82:82:42:2d:75:e4:13:d0:
04:bf:1f:10:8b:09:da:eb:a9:ac:85:64:c4:15:70:
73:2a:10:d1:23:2a:cf:56:d0:2e:ec:40:fe:88:41:
73:de:90:59:f3:6c:e0:ce:17:36:10:b6:c0:d8:d6:
7b:38:0f:fe:fd:2b:e9:9b:23:ea:a6:17:80:7f:e3:
d2:69:40:3f:6a:e3:e2:c4:a1:74:4a:58:ff:de:89:
c5:8f:54:35:67:fe:ce:08:8a:52:55:cb:33:ce:7b:
32:41:c5:6e:da:81:2a:95:37:22:f1:f4:0f:4b:31:
e8:29:e9:88:07:11:12:20:46:1b:70:3b:2e:c3:e5:
19:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2C:15:A4:B4:4F:B9:ED:C6:EF:42:7C:E4:EA:6D:5C:67:B1:35:62
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/1ywVpLRPue3G70J85OptXGexNWI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.66.0/23
Signature Algorithm: sha256WithRSAEncryption
61:4c:47:c5:45:70:05:4d:ad:c2:ca:57:4d:68:90:96:ce:4c:
e5:02:2f:59:38:7e:fe:27:55:3d:75:ff:67:fe:99:4f:43:89:
a0:ce:95:8f:36:9a:b9:79:89:e5:ed:da:56:c8:42:e1:56:85:
42:e0:67:f3:44:c1:e4:d0:25:08:0f:40:90:73:2b:a9:80:31:
c9:48:67:14:3a:6e:ad:b6:fe:7c:05:45:a0:fb:2d:fe:5c:e7:
4b:9b:3a:ce:79:43:d3:7f:d5:0f:43:4d:fc:70:21:61:de:aa:
26:6a:cb:d2:82:dc:02:fd:6c:dd:4d:1b:77:50:70:97:97:ca:
0d:f1:2a:e9:63:56:ac:ef:fc:c7:76:8e:eb:a8:25:f8:6a:39:
c7:75:fe:7f:5a:d5:45:de:15:96:f9:88:8f:1f:67:16:58:e7:
ca:71:fa:0f:34:d1:bf:a7:b2:88:a5:28:2e:78:d3:45:a8:d5:
b9:48:25:d2:6c:3c:98:06:38:1d:04:fd:f4:17:c9:21:3e:a3:
03:45:83:61:98:88:c6:0d:52:46:7f:0a:c7:43:31:cb:53:26:
4e:fb:dd:4d:e2:9a:5c:7d:d7:d4:76:99:ae:a2:6d:24:b0:ea:
7c:53:4c:77:c1:cd:37:cd:42:ac:6b:3f:19:4e:a9:2e:b2:46:
46:04:2a:1d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICENMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MDRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ3MkMxNUE0QjQ0RkI5
RURDNkVGNDI3Q0U0RUE2RDVDNjdCMTM1NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+VVbUI2feGA1ldNiua0B/vD9h/bSL6pd1QUlS87Thnxu0B3c+
+U2Z6F/88LkYc+IiXkg22Rx00PZSftaSoz2HXhpajfTk17Mr6BvmMjxB53LVAV4c
Qe85+daLp340P6Bqysq84rYWb+8HZ6FzgvtfqCxuDqdxnAOpxysiaTaCgkItdeQT
0AS/HxCLCdrrqayFZMQVcHMqENEjKs9W0C7sQP6IQXPekFnzbODOFzYQtsDY1ns4
D/79K+mbI+qmF4B/49JpQD9q4+LEoXRKWP/eicWPVDVn/s4IilJVyzPOezJBxW7a
gSqVNyLx9A9LMegp6YgHERIgRhtwOy7D5RnZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU1ywVpLRPue3G70J85OptXGexNWIwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvMXl3VnBMUlB1ZTNHNzBKODVPcHRY
R2V4TldJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdzlQjAN
BgkqhkiG9w0BAQsFAAOCAQEAYUxHxUVwBU2twspXTWiQls5M5QIvWTh+/idVPXX/
Z/6ZT0OJoM6VjzaauXmJ5e3aVshC4VaFQuBn80TB5NAlCA9AkHMrqYAxyUhnFDpu
rbb+fAVFoPst/lznS5s6znlD03/VD0NN/HAhYd6qJmrL0oLcAv1s3U0bd1Bwl5fK
DfEq6WNWrO/8x3aO66gl+Go5x3X+f1rVRd4VlvmIjx9nFljnynH6DzTRv6eyiKUo
LnjTRajVuUgl0mw8mAY4HQT99BfJIT6jA0WDYZiIxg1SRn8Kx0Mxy1MmTvvdTeKa
XH3X1HaZrqJtJLDqfFNMd8HNN81CrGs/GU6pLrJGRgQqHQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:14 2023 by rpki-client on console-fra.rpki-client.org