Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/JU_I1988jxKtQe1KlNX6KOZlgyk.roa
File: JU_I1988jxKtQe1KlNX6KOZlgyk.roa (raw, json)
Hash identifier: vxS2Ci2MkuuCMrUceOcNx8aOrquNPW+6cc072sTVqME=
Subject key identifier: 25:4F:C8:D7:DF:3C:8F:12:AD:41:ED:4A:94:D5:FA:28:E6:65:83:29
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0CE3
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/JU_I1988jxKtQe1KlNX6KOZlgyk.roa
Signing time: Wed 01 Feb 2023 10:29:11 +0000
ROA not before: Wed 01 Feb 2023 10:29:11 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 192.72.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3299 (0xce3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 1 10:29:11 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=254FC8D7DF3C8F12AD41ED4A94D5FA28E6658329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:90:52:63:6d:f0:76:f7:78:c1:78:36:94:8e:
e7:41:12:c0:11:ec:03:12:f2:b2:76:30:55:b7:bd:
37:0a:75:e0:c2:9e:b3:f2:24:16:72:64:96:63:fc:
05:ef:3b:93:71:0c:df:6a:40:5b:33:0d:88:6e:ff:
34:95:72:8c:5a:a4:a4:46:5c:59:b5:3b:0f:f8:1b:
7b:ba:2b:bc:03:f8:65:c7:80:d3:42:1c:3e:49:cc:
55:9d:11:82:49:18:99:a9:6c:57:63:e1:49:8c:48:
82:1b:5f:da:8d:a0:a6:fe:60:d7:9a:8d:d0:35:2d:
3a:32:b1:8c:9e:70:e6:64:67:93:73:c7:26:91:4e:
dc:09:c8:fb:0d:42:e6:b8:52:3d:87:db:cb:a6:b9:
4b:c0:c0:be:f5:9f:74:4e:fb:2c:2d:68:3d:d9:6c:
49:93:c7:87:62:08:08:3b:90:17:05:4d:eb:b1:e7:
3c:1b:d1:39:15:40:e5:9a:90:f7:e0:a2:30:bb:d5:
06:a9:19:11:a0:6c:e4:f4:20:35:b0:44:cb:b4:3c:
da:f1:89:23:9a:b9:c9:63:3e:b9:89:4e:7e:cc:fc:
61:68:40:0f:75:fb:69:a0:2c:05:2e:39:1d:1f:25:
df:9d:e6:86:7f:8d:7c:67:38:1e:07:64:ab:5e:5f:
88:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4F:C8:D7:DF:3C:8F:12:AD:41:ED:4A:94:D5:FA:28:E6:65:83:29
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/JU_I1988jxKtQe1KlNX6KOZlgyk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.3.0/24
Signature Algorithm: sha256WithRSAEncryption
96:d4:88:b8:01:6b:20:06:ee:51:20:37:8b:8b:44:ec:56:6a:
29:99:90:ed:36:dd:b7:1d:b5:cf:b0:db:c1:77:24:23:47:f2:
be:a3:a5:5b:ff:53:61:1e:8f:c9:cc:52:92:66:91:d4:95:87:
91:11:24:34:d4:82:22:23:75:6d:19:36:1b:29:2b:a5:e9:fc:
89:ee:5f:8f:ee:65:a9:5f:63:be:45:4a:e6:2b:4f:59:e3:d4:
ac:ae:9d:6d:09:f4:b7:9b:4b:41:27:fe:10:be:e1:e6:3d:d3:
43:7c:e1:00:7d:47:bc:29:98:25:e7:46:3d:13:e8:d4:b5:5e:
0b:6a:cc:16:60:e5:a6:63:57:1a:29:e4:18:e9:a4:4e:b2:ec:
1a:11:2d:42:8b:dd:cc:d2:3d:29:34:87:a8:d9:c2:c1:3e:62:
7f:09:0e:45:b7:ab:b5:9e:84:ad:25:b2:2b:f1:21:df:a7:f7:
eb:f4:a3:1f:4b:b8:a3:61:8e:7f:8f:79:03:83:c8:09:32:cd:
e9:3a:5c:fa:78:f3:17:f0:b5:c1:dd:38:6f:00:52:11:bc:9e:
98:2b:c8:6e:f3:b6:db:d5:15:50:67:ae:1d:b7:98:29:c7:a4:
64:fa:92:66:d3:a8:20:04:e9:24:4d:0e:8a:08:f1:e9:59:09:
cc:8a:25:9e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzAyMDEx
MDI5MTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDI1NEZDOEQ3REYzQzhG
MTJBRDQxRUQ0QTk0RDVGQTI4RTY2NTgzMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7kFJjbfB293jBeDaUjudBEsAR7AMS8rJ2MFW3vTcKdeDCnrPy
JBZyZJZj/AXvO5NxDN9qQFszDYhu/zSVcoxapKRGXFm1Ow/4G3u6K7wD+GXHgNNC
HD5JzFWdEYJJGJmpbFdj4UmMSIIbX9qNoKb+YNeajdA1LToysYyecOZkZ5NzxyaR
TtwJyPsNQua4Uj2H28umuUvAwL71n3RO+ywtaD3ZbEmTx4diCAg7kBcFTeux5zwb
0TkVQOWakPfgojC71QapGRGgbOT0IDWwRMu0PNrxiSOaucljPrmJTn7M/GFoQA91
+2mgLAUuOR0fJd+d5oZ/jXxnOB4HZKteX4jpAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUJU/I1988jxKtQe1KlNX6KOZlgykwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSlVfSTE5ODhqeEt0UWUxS2xOWDZL
T1psZ3lrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBIAzAN
BgkqhkiG9w0BAQsFAAOCAQEAltSIuAFrIAbuUSA3i4tE7FZqKZmQ7Tbdtx21z7Db
wXckI0fyvqOlW/9TYR6PycxSkmaR1JWHkREkNNSCIiN1bRk2Gykrpen8ie5fj+5l
qV9jvkVK5itPWePUrK6dbQn0t5tLQSf+EL7h5j3TQ3zhAH1HvCmYJedGPRPo1LVe
C2rMFmDlpmNXGinkGOmkTrLsGhEtQovdzNI9KTSHqNnCwT5ifwkORbertZ6ErSWy
K/Eh36f36/SjH0u4o2GOf495A4PICTLN6Tpc+njzF/C1wd04bwBSEbyemCvIbvO2
29UVUGeuHbeYKcekZPqSZtOoIATpJE0Oigjx6VkJzIolng==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org