Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/PR_RixHcZVkkUQZSaZg08b-36gY.roa
File: PR_RixHcZVkkUQZSaZg08b-36gY.roa (raw, json)
Hash identifier: jGUVPMPNw+bz0T0EjRujDEcB38DR9GWOSoFAvMIuWaE=
Subject key identifier: 3D:1F:D1:8B:11:DC:65:59:24:51:06:52:69:98:34:F1:BF:B7:EA:06
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10B8
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/PR_RixHcZVkkUQZSaZg08b-36gY.roa
Signing time: Wed 01 Feb 2023 10:28:56 +0000
ROA not before: Wed 01 Feb 2023 10:28:56 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131627
IP address blocks: 218.210.32.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4280 (0x10b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:56 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3D1FD18B11DC655924510652699834F1BFB7EA06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e4:3a:4f:f4:24:34:3b:41:1c:64:cf:bc:c8:
54:c7:f6:19:bc:a6:e6:64:56:b9:9c:ac:8c:6d:8e:
be:1d:56:7d:94:43:cc:5b:9c:32:20:13:c2:e4:ee:
5e:a3:58:7a:0a:88:54:e3:17:72:67:fe:61:af:cf:
4d:16:f2:5f:98:7a:2c:9d:9d:db:20:d4:56:23:72:
6d:7f:d8:21:27:df:ee:19:f3:71:38:d2:db:5e:23:
00:bf:35:77:9f:11:8f:e6:d8:25:92:99:01:ec:24:
90:c9:fd:5f:31:7b:2a:3d:ce:b0:e1:9e:1f:db:89:
5c:9d:e9:d2:aa:44:bc:2c:c9:1f:85:ba:9c:7c:4e:
2f:29:d4:a7:7c:f0:1e:48:eb:bb:37:fd:63:43:bc:
e4:41:1e:01:e7:e3:1f:ba:31:ff:f6:87:95:7b:ec:
88:00:b1:71:cf:e7:b5:1f:8a:85:80:ff:c2:06:34:
1c:c9:f0:49:cf:b6:3d:11:2b:62:fe:76:e9:fb:e2:
58:ea:b7:5b:db:0a:f5:a7:a1:12:fb:36:7f:6d:6a:
94:b5:72:b5:6f:50:ab:99:23:01:2c:78:a1:92:3e:
db:23:54:0c:7e:56:8d:32:ab:ce:f4:da:9c:38:b9:
57:de:ab:30:48:85:91:93:9b:21:3d:3e:35:27:b1:
a8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1F:D1:8B:11:DC:65:59:24:51:06:52:69:98:34:F1:BF:B7:EA:06
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/PR_RixHcZVkkUQZSaZg08b-36gY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.210.32.0/20
Signature Algorithm: sha256WithRSAEncryption
52:90:af:e6:4a:32:c3:00:b3:46:17:96:6e:97:c9:38:34:14:
7f:7a:bd:4c:8d:89:f0:79:ef:7d:78:13:fe:82:82:a6:eb:c8:
d8:11:b4:88:2f:17:8c:5b:09:95:f6:11:12:c8:ad:a4:8d:fa:
34:fe:b2:62:60:bf:31:d8:be:54:f7:06:b0:c4:ad:3a:97:a6:
a8:1a:5a:af:a2:25:f4:1d:cd:fc:f0:fe:cd:53:4a:7c:0f:89:
64:1b:ea:7a:f7:c2:88:96:15:15:2a:80:33:95:cb:1b:10:d1:
1b:11:1a:69:a4:c4:86:4b:eb:61:24:f3:7d:f7:cf:4a:0b:c0:
43:6a:1e:d5:ad:8c:c0:17:9b:1d:63:36:55:7f:1f:2a:48:85:
78:de:89:cf:84:64:31:26:84:89:b9:4e:c8:87:35:2f:41:bf:
44:a4:4f:9b:14:3a:44:33:b4:ea:eb:c8:db:1a:43:1a:1a:45:
fe:f0:9c:64:68:ce:95:59:8b:79:5e:16:59:09:8e:c8:54:de:
9c:89:36:3f:77:fd:be:0f:f1:b0:7b:d3:08:e1:02:27:25:42:
2a:7f:c6:27:7c:78:18:de:a1:ba:e7:8f:b6:ad:92:64:b3:2b:
9b:8f:f1:b0:8d:fc:22:73:10:94:71:9e:d2:73:e9:15:c6:4d:
4e:43:c8:73
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICELgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4NTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNEMUZEMThCMTFEQzY1
NTkyNDUxMDY1MjY5OTgzNEYxQkZCN0VBMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDi5DpP9CQ0O0EcZM+8yFTH9hm8puZkVrmcrIxtjr4dVn2UQ8xb
nDIgE8Lk7l6jWHoKiFTjF3Jn/mGvz00W8l+Yeiydndsg1FYjcm1/2CEn3+4Z83E4
0tteIwC/NXefEY/m2CWSmQHsJJDJ/V8xeyo9zrDhnh/biVyd6dKqRLwsyR+Fupx8
Ti8p1Kd88B5I67s3/WNDvORBHgHn4x+6Mf/2h5V77IgAsXHP57UfioWA/8IGNBzJ
8EnPtj0RK2L+dun74ljqt1vbCvWnoRL7Nn9tapS1crVvUKuZIwEseKGSPtsjVAx+
Vo0yq8702pw4uVfeqzBIhZGTmyE9PjUnsajJAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPR/RixHcZVkkUQZSaZg08b+36gYwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUFJfUml4SGNaVmtrVVFaU2FaZzA4
Yi0zNmdZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNrSIDAN
BgkqhkiG9w0BAQsFAAOCAQEAUpCv5koywwCzRheWbpfJODQUf3q9TI2J8HnvfXgT
/oKCpuvI2BG0iC8XjFsJlfYREsitpI36NP6yYmC/Mdi+VPcGsMStOpemqBpar6Il
9B3N/PD+zVNKfA+JZBvqevfCiJYVFSqAM5XLGxDRGxEaaaTEhkvrYSTzfffPSgvA
Q2oe1a2MwBebHWM2VX8fKkiFeN6Jz4RkMSaEiblOyIc1L0G/RKRPmxQ6RDO06uvI
2xpDGhpF/vCcZGjOlVmLeV4WWQmOyFTenIk2P3f9vg/xsHvTCOECJyVCKn/GJ3x4
GN6huuePtq2SZLMrm4/xsI38InMQlHGe0nPpFcZNTkPIcw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:50 2023 by rpki-client on console-ams.rpki-client.org