Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/2LUqNDiSiVmqC22oEwHgpm-RlFw.roa
File: 2LUqNDiSiVmqC22oEwHgpm-RlFw.roa (raw, json)
Hash identifier: 9w5KWsa7XPVdgz6WlrHSC0pWx4wWHC5rU3YHwYyNR+Y=
Subject key identifier: D8:B5:2A:34:38:92:89:59:AA:0B:6D:A8:13:01:E0:A6:6F:91:94:5C
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1055
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/2LUqNDiSiVmqC22oEwHgpm-RlFw.roa
Signing time: Wed 01 Feb 2023 10:28:25 +0000
ROA not before: Wed 01 Feb 2023 10:28:25 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 220.229.64.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4181 (0x1055)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:25 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D8B52A3438928959AA0B6DA81301E0A66F91945C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c6:f4:ec:4d:9e:05:9e:fd:3e:93:fc:97:37:
0e:59:fe:c5:c9:e4:1f:fd:9e:e8:90:c2:9e:90:af:
7e:18:35:01:54:38:d4:65:a4:8c:f1:cf:2c:a3:14:
89:4c:5f:a7:04:6e:99:63:b7:f7:85:d4:78:48:6d:
14:c9:03:1d:b6:ef:7f:f5:26:bc:1e:46:fd:01:0d:
31:e6:82:71:9c:2b:39:74:91:7a:03:2b:3c:22:cb:
30:18:c0:e5:b6:3e:26:5c:40:c3:10:24:11:42:9b:
d0:a5:91:f1:1a:78:01:7d:2f:5f:c8:b5:44:5c:c5:
d4:d6:59:1a:85:b3:cd:e9:a1:6e:ac:e3:83:cf:63:
69:5b:8e:3b:63:4d:6c:b1:72:b2:37:ee:9a:c3:85:
3e:ef:90:c0:20:ef:3f:8f:cc:d1:9e:17:54:9a:32:
eb:61:1c:1d:b4:3f:bd:2c:2e:bd:b9:d5:57:09:3a:
61:11:0b:9d:79:76:b5:e8:3f:02:e7:08:f6:ee:c6:
dd:0f:88:cb:63:8b:d5:17:7e:39:d0:ba:fd:f7:48:
a5:6d:e8:5b:92:a3:d6:17:15:20:77:54:80:0c:18:
d6:cf:29:b7:f3:e4:c1:23:91:d1:61:8c:23:2f:06:
66:18:cb:1c:62:0a:2d:f0:a2:86:b8:69:7f:48:7a:
4c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B5:2A:34:38:92:89:59:AA:0B:6D:A8:13:01:E0:A6:6F:91:94:5C
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/2LUqNDiSiVmqC22oEwHgpm-RlFw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.64.0/24
Signature Algorithm: sha256WithRSAEncryption
58:83:08:11:3b:32:2c:ee:17:dd:b4:03:ea:df:99:f0:a7:78:
f8:26:69:6e:e4:b8:56:e0:ed:27:8b:d6:29:21:47:f7:cc:53:
09:5b:dd:92:a5:e6:98:06:4c:6e:d2:b9:1c:4a:dc:5c:ac:c0:
bb:72:03:c2:a0:58:bc:28:d0:5a:8a:3e:22:df:6d:34:fb:63:
9a:6f:de:2b:a7:d1:b2:df:42:1b:1a:d8:1e:7b:fc:87:9a:22:
a8:64:f3:4e:1a:43:f5:9a:90:4b:9b:3e:d1:19:8e:0c:eb:ec:
55:91:b3:b2:a7:41:4d:a9:56:0c:8a:78:8b:db:22:f6:fc:e9:
4b:39:1c:c9:c7:ba:9d:6c:0a:2b:a1:d5:fb:f8:4f:3a:de:c9:
fc:b5:75:73:75:02:d7:a3:3f:40:3e:12:ae:35:fd:5e:95:22:
4a:ca:e1:d3:df:e7:17:bb:9f:6b:0e:3d:83:5d:76:71:b9:fc:
65:d8:43:7f:24:86:51:f2:72:eb:6c:b4:b1:ad:eb:17:a9:e3:
88:8a:77:fc:40:0c:6b:a0:15:21:54:ef:85:9d:19:a1:6b:fe:
d5:9a:6e:a1:aa:32:51:40:6b:26:15:94:52:fd:36:20:3a:06:
b8:49:42:3c:c7:8e:54:b6:a8:66:7e:4e:7d:ca:d3:52:20:2e:
11:51:4f:9b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEFUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4MjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ4QjUyQTM0Mzg5Mjg5
NTlBQTBCNkRBODEzMDFFMEE2NkY5MTk0NUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTxvTsTZ4Fnv0+k/yXNw5Z/sXJ5B/9nuiQwp6Qr34YNQFUONRl
pIzxzyyjFIlMX6cEbpljt/eF1HhIbRTJAx2273/1JrweRv0BDTHmgnGcKzl0kXoD
KzwiyzAYwOW2PiZcQMMQJBFCm9ClkfEaeAF9L1/ItURcxdTWWRqFs83poW6s44PP
Y2lbjjtjTWyxcrI37prDhT7vkMAg7z+PzNGeF1SaMuthHB20P70sLr251VcJOmER
C515drXoPwLnCPbuxt0PiMtji9UXfjnQuv33SKVt6FuSo9YXFSB3VIAMGNbPKbfz
5MEjkdFhjCMvBmYYyxxiCi3wooa4aX9Iekx/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2LUqNDiSiVmqC22oEwHgpm+RlFwwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvMkxVcU5EaVNpVm1xQzIyb0V3SGdw
bS1SbEZ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANzlQDAN
BgkqhkiG9w0BAQsFAAOCAQEAWIMIETsyLO4X3bQD6t+Z8Kd4+CZpbuS4VuDtJ4vW
KSFH98xTCVvdkqXmmAZMbtK5HErcXKzAu3IDwqBYvCjQWoo+It9tNPtjmm/eK6fR
st9CGxrYHnv8h5oiqGTzThpD9ZqQS5s+0RmODOvsVZGzsqdBTalWDIp4i9si9vzp
Szkcyce6nWwKK6HV+/hPOt7J/LV1c3UC16M/QD4SrjX9XpUiSsrh09/nF7ufaw49
g112cbn8ZdhDfySGUfJy62y0sa3rF6njiIp3/EAMa6AVIVTvhZ0ZoWv+1Zpuoaoy
UUBrJhWUUv02IDoGuElCPMeOVLaoZn5OfcrTUiAuEVFPmw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:14 2023 by rpki-client on console-fra.rpki-client.org