Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/NOsH2rB5PdBRXYTBoxgzqpHz_vk.roa
File: NOsH2rB5PdBRXYTBoxgzqpHz_vk.roa (raw, json)
Hash identifier: MC4zAvCZFrzsrnC20o17WxGlsh4gUZ+Ze/fQ68bnYIc=
Subject key identifier: 34:EB:07:DA:B0:79:3D:D0:51:5D:84:C1:A3:18:33:AA:91:F3:FE:F9
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10BC
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/NOsH2rB5PdBRXYTBoxgzqpHz_vk.roa
Signing time: Wed 01 Feb 2023 10:28:57 +0000
ROA not before: Wed 01 Feb 2023 10:28:57 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 220.229.80.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4284 (0x10bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:57 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=34EB07DAB0793DD0515D84C1A31833AA91F3FEF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b5:37:df:3e:4e:f1:8c:b8:c7:5c:40:48:2a:
9c:dd:b5:04:9d:f9:b3:c5:47:6f:55:24:d6:f7:30:
f8:d5:29:72:e4:07:17:78:4f:35:af:c2:14:15:5a:
61:99:3e:ee:75:94:ee:f5:12:90:f9:42:18:88:5c:
ad:49:44:a1:a0:a0:29:e0:c1:32:0c:d7:e2:40:5e:
a4:1e:7b:c7:89:b7:9c:54:4a:1c:58:1b:3f:f5:2b:
b0:d2:20:01:a6:38:9c:cc:2c:bf:27:ae:a1:fe:74:
f1:70:ae:6a:67:7a:b9:4d:2f:f1:44:6f:03:29:46:
ee:3a:65:4e:08:ba:cb:5b:82:42:7d:6d:d4:84:54:
11:a5:36:4c:54:1c:c9:04:f5:a7:c8:12:79:53:1f:
96:69:8f:49:e3:33:98:f5:9a:29:48:bc:89:8d:20:
96:a2:01:3d:48:8f:ba:c2:5a:74:ec:9e:34:39:1b:
16:9e:ab:6b:ee:76:b2:1c:62:fc:c0:97:95:e8:b1:
1b:72:bd:c0:af:de:6e:7e:94:9f:83:94:52:37:c2:
5b:ab:25:7f:b9:88:1a:12:5a:29:25:74:88:fe:15:
78:45:a7:cd:a3:2b:0e:df:df:ca:e1:de:d8:c7:c7:
4d:eb:87:aa:5a:9e:0d:a7:8b:9b:f4:fb:b2:b6:f3:
8a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:EB:07:DA:B0:79:3D:D0:51:5D:84:C1:A3:18:33:AA:91:F3:FE:F9
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/NOsH2rB5PdBRXYTBoxgzqpHz_vk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.80.0/20
Signature Algorithm: sha256WithRSAEncryption
45:25:8e:6b:da:e1:48:e0:39:9c:5a:02:86:3c:60:c1:7f:3a:
7e:fe:6e:0a:d8:6b:09:3e:38:71:63:b0:aa:33:b1:a4:a9:81:
12:f2:8b:3d:6b:5a:11:96:81:24:64:e7:1f:14:40:a7:df:55:
c7:7e:fa:8a:5f:6b:42:95:06:85:38:70:8a:20:8b:4a:c7:dc:
0d:8e:c3:9c:86:6e:43:eb:2a:f9:83:55:62:7d:f8:20:67:c9:
50:e3:6c:fe:c0:f0:64:21:e2:ef:f6:c3:b3:d9:d0:2f:50:c7:
7e:38:9c:27:0d:49:88:78:5f:56:f9:d1:b4:8e:62:0d:ef:56:
30:a5:2b:45:ac:4d:55:00:5b:e0:a7:73:96:88:79:2e:11:2d:
9b:38:b9:68:89:1e:aa:5a:8d:88:16:05:23:ea:06:a2:89:0a:
ce:70:4c:b8:7f:ce:6c:8e:75:de:32:3d:9e:6f:1d:17:f2:05:
5d:57:03:65:2e:0a:7c:94:d0:23:ee:11:fe:b2:d2:f7:c4:10:
e0:d8:fb:6f:c8:56:37:3d:67:c0:15:be:2e:86:13:9a:a4:7a:
04:1f:aa:dc:0f:a8:88:9f:12:80:e2:41:6e:f3:6a:fa:51:0a:
03:a1:03:26:65:78:32:33:d9:d3:aa:36:be:a5:30:c2:06:b7:
c7:a9:1f:2b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICELwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4NTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM0RUIwN0RBQjA3OTNE
RDA1MTVEODRDMUEzMTgzM0FBOTFGM0ZFRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOtTffPk7xjLjHXEBIKpzdtQSd+bPFR29VJNb3MPjVKXLkBxd4
TzWvwhQVWmGZPu51lO71EpD5QhiIXK1JRKGgoCngwTIM1+JAXqQee8eJt5xUShxY
Gz/1K7DSIAGmOJzMLL8nrqH+dPFwrmpnerlNL/FEbwMpRu46ZU4IustbgkJ9bdSE
VBGlNkxUHMkE9afIEnlTH5Zpj0njM5j1milIvImNIJaiAT1Ij7rCWnTsnjQ5Gxae
q2vudrIcYvzAl5XosRtyvcCv3m5+lJ+DlFI3wlurJX+5iBoSWikldIj+FXhFp82j
Kw7f38rh3tjHx03rh6pang2ni5v0+7K284qRAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUNOsH2rB5PdBRXYTBoxgzqpHz/vkwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvTk9zSDJyQjVQZEJSWFlUQm94Z3px
cEh6X3ZrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNzlUDAN
BgkqhkiG9w0BAQsFAAOCAQEARSWOa9rhSOA5nFoChjxgwX86fv5uCthrCT44cWOw
qjOxpKmBEvKLPWtaEZaBJGTnHxRAp99Vx376il9rQpUGhThwiiCLSsfcDY7DnIZu
Q+sq+YNVYn34IGfJUONs/sDwZCHi7/bDs9nQL1DHfjicJw1JiHhfVvnRtI5iDe9W
MKUrRaxNVQBb4Kdzloh5LhEtmzi5aIkeqlqNiBYFI+oGookKznBMuH/ObI513jI9
nm8dF/IFXVcDZS4KfJTQI+4R/rLS98QQ4Nj7b8hWNz1nwBW+LoYTmqR6BB+q3A+o
iJ8SgOJBbvNq+lEKA6EDJmV4MjPZ06o2vqUwwga3x6kfKw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org