Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/Q7BLz_kXljWjF-EN9S7cN-UdH-I.roa
File: Q7BLz_kXljWjF-EN9S7cN-UdH-I.roa (raw, json)
Hash identifier: xg3LBymagQJgBoIfk2CuckQ0THkw05kDOQ81WXvfOWo=
Subject key identifier: 43:B0:4B:CF:F9:17:96:35:A3:17:E1:0D:F5:2E:DC:37:E5:1D:1F:E2
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1114
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Q7BLz_kXljWjF-EN9S7cN-UdH-I.roa
Signing time: Wed 01 Feb 2023 10:29:26 +0000
ROA not before: Wed 01 Feb 2023 10:29:26 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131627
IP address blocks: 60.245.96.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4372 (0x1114)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:26 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=43B04BCFF9179635A317E10DF52EDC37E51D1FE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:55:96:8a:0b:11:28:98:6d:66:4a:bb:8a:bc:
a3:90:d6:9a:50:6a:14:1e:6d:67:71:75:de:e1:ef:
2f:b3:9b:ba:57:77:42:9f:13:ae:fa:91:70:1e:a0:
c0:c3:ef:e4:e6:ef:2b:d2:c9:30:0e:3f:06:b7:28:
86:91:7d:8b:89:39:dc:9a:dc:2a:e8:69:92:89:b9:
7f:48:94:67:4e:4c:3a:bb:f5:87:0e:ec:9e:be:a5:
c4:90:fa:d6:40:92:dd:69:70:d7:ec:51:f8:03:c1:
f5:f0:e3:96:71:81:02:f9:6b:8a:a4:08:b2:69:81:
ac:8e:61:75:93:7f:df:2a:61:8b:e8:d8:b4:c4:b4:
65:5f:4b:37:99:52:e8:33:d8:f2:a8:1b:6e:db:c4:
8b:a6:9d:30:2d:bc:62:ea:4e:2b:ba:d2:4d:40:02:
a1:78:fb:31:17:5b:85:6d:88:29:c0:38:5a:ae:c5:
1a:32:56:ee:91:ee:55:d3:5d:17:7b:e4:1c:7d:18:
ce:46:b1:11:34:74:ab:f5:57:c6:76:43:dc:5c:62:
bc:f5:47:33:ac:ad:bd:4b:d8:39:bd:1f:73:88:ce:
45:b7:60:ca:ff:42:d0:bf:7f:34:57:c8:0a:d0:5d:
c2:1a:01:bd:f0:f7:ad:8b:aa:06:0b:9a:f4:d9:ac:
9e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B0:4B:CF:F9:17:96:35:A3:17:E1:0D:F5:2E:DC:37:E5:1D:1F:E2
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Q7BLz_kXljWjF-EN9S7cN-UdH-I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.245.96.0/20
Signature Algorithm: sha256WithRSAEncryption
a4:20:06:33:c2:dd:f6:76:0a:ab:ca:8e:05:4e:c0:08:0d:32:
44:d0:06:9e:75:e3:85:d1:cf:c2:1a:f7:44:33:42:a2:02:41:
33:e4:d0:8a:b8:f9:56:b3:b5:28:aa:a7:6f:f4:70:e7:fd:72:
9c:22:95:3b:4a:c6:01:7b:62:7d:d3:9d:df:3d:a1:71:dd:6f:
a8:bf:cd:ce:ed:7a:36:5e:03:26:d5:b3:aa:18:d0:b4:11:b1:
79:3c:1a:d1:85:53:1e:16:f5:52:93:bf:69:9b:3b:4d:62:7e:
35:2a:7c:28:34:2d:d8:4a:2f:5c:73:3d:66:d5:ea:8c:db:48:
e8:f5:db:a1:6d:f5:d0:ed:7c:9f:db:79:29:55:ab:98:a5:16:
56:35:70:7f:f6:40:de:98:1f:2c:58:83:e1:a9:97:24:8c:a9:
3c:26:42:38:7f:fb:61:12:83:bd:d6:65:68:dc:d9:ed:04:5b:
14:be:67:87:19:8c:f7:32:1b:59:37:af:05:2f:f3:77:27:02:
34:91:da:06:20:fb:11:fb:59:e4:ba:38:5e:5b:40:65:8f:c2:
69:db:a9:21:d4:eb:ba:37:6a:8e:0b:dd:3d:18:e1:26:8c:42:
9c:f7:f1:ae:86:4a:41:9c:10:0b:68:d3:77:b0:b4:09:00:dd:
d3:48:63:d5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICERQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MjZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQzQjA0QkNGRjkxNzk2
MzVBMzE3RTEwREY1MkVEQzM3RTUxRDFGRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0VZaKCxEomG1mSruKvKOQ1ppQahQebWdxdd7h7y+zm7pXd0Kf
E676kXAeoMDD7+Tm7yvSyTAOPwa3KIaRfYuJOdya3CroaZKJuX9IlGdOTDq79YcO
7J6+pcSQ+tZAkt1pcNfsUfgDwfXw45ZxgQL5a4qkCLJpgayOYXWTf98qYYvo2LTE
tGVfSzeZUugz2PKoG27bxIumnTAtvGLqTiu60k1AAqF4+zEXW4VtiCnAOFquxRoy
Vu6R7lXTXRd75Bx9GM5GsRE0dKv1V8Z2Q9xcYrz1RzOsrb1L2Dm9H3OIzkW3YMr/
QtC/fzRXyArQXcIaAb3w962LqgYLmvTZrJ6JAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQ7BLz/kXljWjF+EN9S7cN+UdH+IwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUTdCTHpfa1hsaldqRi1FTjlTN2NO
LVVkSC1JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBDz1YDAN
BgkqhkiG9w0BAQsFAAOCAQEApCAGM8Ld9nYKq8qOBU7ACA0yRNAGnnXjhdHPwhr3
RDNCogJBM+TQirj5VrO1KKqnb/Rw5/1ynCKVO0rGAXtifdOd3z2hcd1vqL/Nzu16
Nl4DJtWzqhjQtBGxeTwa0YVTHhb1UpO/aZs7TWJ+NSp8KDQt2EovXHM9ZtXqjNtI
6PXboW310O18n9t5KVWrmKUWVjVwf/ZA3pgfLFiD4amXJIypPCZCOH/7YRKDvdZl
aNzZ7QRbFL5nhxmM9zIbWTevBS/zdycCNJHaBiD7EftZ5Lo4XltAZY/CadupIdTr
ujdqjgvdPRjhJoxCnPfxroZKQZwQC2jTd7C0CQDd00hj1Q==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:50 2023 by rpki-client on console-ams.rpki-client.org