Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/LDl43B7oES8yD1-3zwvnS21vM40.roa
File: LDl43B7oES8yD1-3zwvnS21vM40.roa (raw, json)
Hash identifier: ScUA1lNJ63KjLdQO06W68LIDv041c9bQ9X+t2f4nVeU=
Subject key identifier: 2C:39:78:DC:1E:E8:11:2F:32:0F:5F:B7:CF:0B:E7:4B:6D:6F:33:8D
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0CE8
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/LDl43B7oES8yD1-3zwvnS21vM40.roa
Signing time: Wed 01 Feb 2023 10:29:20 +0000
ROA not before: Wed 01 Feb 2023 10:29:20 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 192.72.128.0/18 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3304 (0xce8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 1 10:29:20 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2C3978DC1EE8112F320F5FB7CF0BE74B6D6F338D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:06:b2:32:0b:db:ac:80:fc:1f:3d:0f:de:ea:
97:54:cd:aa:74:fd:43:a9:a6:df:0f:6e:50:17:8c:
a8:d5:23:6b:92:0f:86:50:77:e5:62:4f:07:35:8c:
7c:e1:3b:f2:fe:68:4b:a0:17:22:cf:12:a7:2a:ef:
48:3d:5f:03:dd:5f:87:b6:1d:fe:d7:32:a7:ce:42:
7e:1a:12:c1:85:fc:59:46:5f:30:56:4a:46:94:55:
34:75:37:cb:1e:27:1a:c3:6f:56:d6:22:e0:ab:d8:
f6:1f:aa:1c:b1:94:18:a7:60:f3:d5:b0:2c:0e:14:
8a:a4:2b:37:44:fe:3d:d5:d4:98:da:f4:0d:89:b3:
76:45:da:5b:6f:21:1b:6f:28:a0:5f:b3:9b:3d:a5:
0c:b6:75:b6:62:e3:f4:bf:cb:52:c1:ba:4f:ca:88:
1b:ea:44:c0:2d:f2:1d:a9:ae:75:57:34:9c:65:6b:
fd:30:db:55:e1:31:aa:29:5c:c8:64:8f:a1:83:f4:
b6:af:25:05:40:e9:2b:87:a9:9c:14:76:62:9a:65:
d0:dc:f1:6a:c1:4e:7e:a7:19:6b:d5:1d:f6:13:69:
75:23:c9:80:b0:d3:f4:d9:fe:2d:2b:72:86:51:c2:
13:b0:21:61:eb:a3:0a:70:86:da:9a:66:9c:9e:c2:
8b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:39:78:DC:1E:E8:11:2F:32:0F:5F:B7:CF:0B:E7:4B:6D:6F:33:8D
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/LDl43B7oES8yD1-3zwvnS21vM40.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.128.0/18
Signature Algorithm: sha256WithRSAEncryption
82:97:d9:c5:4b:3d:3c:83:7e:e1:73:5f:4f:79:c6:aa:91:b3:
50:ae:b0:2c:4d:f9:63:aa:3f:59:4d:5a:51:57:e1:c9:85:98:
23:89:99:b3:69:30:aa:6f:f6:56:63:08:d1:6e:0f:f1:f5:89:
d1:bd:ff:b5:6e:81:49:a5:66:3b:99:c6:2d:0a:d3:cb:d1:98:
03:e3:43:96:42:d1:01:d4:d4:48:8c:3e:a8:14:01:09:12:12:
4c:84:69:b0:65:82:4f:76:96:98:c0:bf:00:db:5c:15:4a:5d:
92:e4:03:2c:5a:29:4b:15:9d:8d:8c:1c:a2:63:eb:de:86:33:
aa:c2:ac:c6:03:39:b9:dc:53:be:03:58:6a:21:df:f5:78:1d:
3c:56:22:23:b4:41:82:80:02:0a:73:e1:da:b9:ce:f3:cb:22:
36:90:1f:77:52:55:e7:11:0c:a9:c5:95:d1:51:c5:a4:52:a8:
cf:19:ff:59:50:1b:7f:5f:cc:2a:4e:fa:ae:04:59:f2:45:19:
ff:ee:33:53:85:09:ad:87:ed:95:94:18:21:6f:eb:76:2c:a6:
19:11:8f:51:c3:62:0d:2d:d5:fd:bf:96:d1:0f:7d:b5:3a:16:
e1:2c:9e:99:1e:00:9f:4a:32:dd:1e:c2:95:79:fa:48:e0:1d:
00:bf:31:a1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzAyMDEx
MDI5MjBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJDMzk3OERDMUVFODEx
MkYzMjBGNUZCN0NGMEJFNzRCNkQ2RjMzOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTBrIyC9usgPwfPQ/e6pdUzap0/UOppt8PblAXjKjVI2uSD4ZQ
d+ViTwc1jHzhO/L+aEugFyLPEqcq70g9XwPdX4e2Hf7XMqfOQn4aEsGF/FlGXzBW
SkaUVTR1N8seJxrDb1bWIuCr2PYfqhyxlBinYPPVsCwOFIqkKzdE/j3V1Jja9A2J
s3ZF2ltvIRtvKKBfs5s9pQy2dbZi4/S/y1LBuk/KiBvqRMAt8h2prnVXNJxla/0w
21XhMaopXMhkj6GD9LavJQVA6SuHqZwUdmKaZdDc8WrBTn6nGWvVHfYTaXUjyYCw
0/TZ/i0rcoZRwhOwIWHrowpwhtqaZpyewospAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQULDl43B7oES8yD1+3zwvnS21vM40wHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvTERsNDNCN29FUzh5RDEtM3p3dm5T
MjF2TTQwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBsBIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAgpfZxUs9PIN+4XNfT3nGqpGzUK6wLE35Y6o/WU1a
UVfhyYWYI4mZs2kwqm/2VmMI0W4P8fWJ0b3/tW6BSaVmO5nGLQrTy9GYA+NDlkLR
AdTUSIw+qBQBCRISTIRpsGWCT3aWmMC/ANtcFUpdkuQDLFopSxWdjYwcomPr3oYz
qsKsxgM5udxTvgNYaiHf9XgdPFYiI7RBgoACCnPh2rnO88siNpAfd1JV5xEMqcWV
0VHFpFKozxn/WVAbf1/MKk76rgRZ8kUZ/+4zU4UJrYftlZQYIW/rdiymGRGPUcNi
DS3V/b+W0Q99tToW4SyemR4An0oy3R7ClXn6SOAdAL8xoQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org