Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/HpY7iksznxPjQcsSSxz8DmxUrSM.roa
File: HpY7iksznxPjQcsSSxz8DmxUrSM.roa (raw, json)
Hash identifier: zrJROYfegO8CuHqWe7IE5IDeShWbOSWOyOxLuBOsGHs=
Subject key identifier: 1E:96:3B:8A:4B:33:9F:13:E3:41:CB:12:4B:1C:FC:0E:6C:54:AD:23
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1090
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HpY7iksznxPjQcsSSxz8DmxUrSM.roa
Signing time: Wed 01 Feb 2023 10:28:43 +0000
ROA not before: Wed 01 Feb 2023 10:28:43 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 122.147.24.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4240 (0x1090)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:43 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1E963B8A4B339F13E341CB124B1CFC0E6C54AD23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d5:a1:18:b5:91:38:f5:a2:36:a7:4b:44:39:
05:a4:2f:13:cb:29:ab:11:0c:20:13:7c:60:f3:25:
f0:37:cd:49:19:d9:72:1c:d2:70:e0:0f:dd:0f:84:
52:d0:1e:ee:02:78:3a:29:6b:45:ce:5e:eb:ba:85:
38:61:3d:64:a7:7a:24:d4:c2:24:94:37:78:38:ad:
c7:3c:c5:1c:4f:5f:77:42:14:0e:af:db:58:b0:dc:
6d:61:63:18:3b:49:f7:16:75:4e:60:7f:e0:8d:2c:
7b:53:79:af:66:37:10:19:38:ed:34:37:eb:16:51:
ba:d5:e8:ec:d2:c0:86:2f:19:c2:73:db:3b:35:f2:
d8:2e:cb:61:c2:0b:c9:65:21:b4:ea:b9:29:67:62:
68:c6:44:75:ae:88:cf:d2:1e:ca:17:5b:f4:3a:32:
bc:7e:50:53:45:a4:1d:b8:06:92:21:d5:20:d2:6f:
83:3d:af:e7:09:78:0c:c8:a8:96:c1:0c:82:03:99:
3e:82:1e:fa:8d:43:80:5c:23:a4:3a:45:62:84:69:
73:a7:a7:d2:b2:fd:19:45:bc:39:6a:a1:26:c7:33:
8e:70:61:6c:db:9b:93:ec:dd:59:5d:1a:75:b1:4e:
f7:5e:de:4d:24:89:30:87:e9:db:6b:bd:24:1f:bd:
ef:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:96:3B:8A:4B:33:9F:13:E3:41:CB:12:4B:1C:FC:0E:6C:54:AD:23
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HpY7iksznxPjQcsSSxz8DmxUrSM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.147.24.0/21
Signature Algorithm: sha256WithRSAEncryption
25:c1:3e:c3:1c:22:18:b0:6c:1c:8e:e5:48:e5:4d:89:1b:1b:
0e:8c:3f:17:fa:4a:6d:30:26:ed:15:8f:ec:eb:6a:44:6c:01:
e2:95:59:0a:ea:0c:08:69:9e:19:da:65:02:22:df:4c:ba:ae:
af:79:e7:5d:35:48:76:3f:dd:8a:2e:de:d8:7b:4a:f6:2c:0e:
74:49:13:a9:70:96:56:29:d4:24:84:ca:75:eb:8f:9e:ee:d8:
07:7f:d5:1a:f6:e1:64:bf:2c:79:33:2d:02:0a:e2:05:6d:0d:
a1:f5:09:06:21:e6:89:7d:6b:d6:24:fb:22:3f:da:86:02:d2:
ef:cb:50:52:c1:b5:45:b2:19:79:7d:09:e6:28:e7:2d:6c:13:
70:24:ce:8e:65:5c:47:13:d6:df:f8:00:6a:68:26:47:d7:43:
ad:ab:f7:3b:40:45:08:8a:9b:e0:b2:a3:7e:fe:5f:f1:81:d3:
c6:81:5e:d5:6f:a3:c9:12:d4:be:19:cd:ab:e9:2c:da:52:1f:
e6:f7:8b:7f:26:81:cd:b6:10:95:c4:e2:37:12:41:3c:86:50:
fe:8d:a9:00:76:7a:1a:ba:c8:29:0c:ed:3a:21:af:04:cf:ac:
99:9c:84:8a:1f:8e:1f:a8:98:0e:0e:54:fa:c3:bc:40:d4:f4:
cd:fc:ef:37
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4NDNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFFOTYzQjhBNEIzMzlG
MTNFMzQxQ0IxMjRCMUNGQzBFNkM1NEFEMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCW1aEYtZE49aI2p0tEOQWkLxPLKasRDCATfGDzJfA3zUkZ2XIc
0nDgD90PhFLQHu4CeDopa0XOXuu6hThhPWSneiTUwiSUN3g4rcc8xRxPX3dCFA6v
21iw3G1hYxg7SfcWdU5gf+CNLHtTea9mNxAZOO00N+sWUbrV6OzSwIYvGcJz2zs1
8tguy2HCC8llIbTquSlnYmjGRHWuiM/SHsoXW/Q6Mrx+UFNFpB24BpIh1SDSb4M9
r+cJeAzIqJbBDIIDmT6CHvqNQ4BcI6Q6RWKEaXOnp9Ky/RlFvDlqoSbHM45wYWzb
m5Ps3VldGnWxTvde3k0kiTCH6dtrvSQfve8BAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHpY7iksznxPjQcsSSxz8DmxUrSMwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSHBZN2lrc3pueFBqUWNzU1N4ejhE
bXhVclNNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3qTGDAN
BgkqhkiG9w0BAQsFAAOCAQEAJcE+wxwiGLBsHI7lSOVNiRsbDow/F/pKbTAm7RWP
7OtqRGwB4pVZCuoMCGmeGdplAiLfTLqur3nnXTVIdj/dii7e2HtK9iwOdEkTqXCW
VinUJITKdeuPnu7YB3/VGvbhZL8seTMtAgriBW0NofUJBiHmiX1r1iT7Ij/ahgLS
78tQUsG1RbIZeX0J5ijnLWwTcCTOjmVcRxPW3/gAamgmR9dDrav3O0BFCIqb4LKj
fv5f8YHTxoFe1W+jyRLUvhnNq+ks2lIf5veLfyaBzbYQlcTiNxJBPIZQ/o2pAHZ6
GrrIKQztOiGvBM+smZyEih+OH6iYDg5U+sO8QNT0zfzvNw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:50 2023 by rpki-client on console-ams.rpki-client.org