Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/YBc2peu0zQGuNnkcParqfln1skg.roa
File: YBc2peu0zQGuNnkcParqfln1skg.roa (raw, json)
Hash identifier: l5tnPDCjLwyMg3XSGNIwk1zEE001kVzJNcz9nZzBOCg=
Subject key identifier: 60:17:36:A5:EB:B4:CD:01:AE:36:79:1C:3D:AA:EA:7E:59:F5:B2:48
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10D6
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/YBc2peu0zQGuNnkcParqfln1skg.roa
Signing time: Wed 01 Feb 2023 10:29:06 +0000
ROA not before: Wed 01 Feb 2023 10:29:06 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18049
IP address blocks: 106.107.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4310 (0x10d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:06 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=601736A5EBB4CD01AE36791C3DAAEA7E59F5B248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7c:df:14:92:e3:d5:2c:ea:a1:01:c2:e9:69:
eb:6c:d6:3f:22:03:0e:29:1b:00:13:af:e4:94:f8:
32:50:50:fe:80:2b:9b:17:0e:82:6d:c5:26:60:fe:
20:28:d2:cb:75:01:aa:ea:b0:cd:fc:3a:52:8d:64:
69:4a:a1:be:8a:11:fa:72:9e:72:da:ef:5c:5f:09:
f2:e5:44:63:a1:14:44:4e:a2:79:0a:b5:3b:5f:5c:
d3:a6:b1:e2:1a:5b:c1:e8:c3:91:7f:28:ea:76:31:
e7:21:14:ea:70:ff:07:af:ba:ac:26:a4:61:0c:17:
5a:54:76:e0:03:2f:84:e3:42:04:29:2c:d0:b9:27:
d4:64:cd:ef:5c:12:81:84:78:b6:0b:0b:81:16:ee:
ed:65:9c:f0:38:3d:4f:e6:1b:f4:d9:e5:af:73:c4:
b7:d5:e1:06:3a:2f:8a:40:d0:32:09:42:75:eb:97:
02:06:84:74:d7:de:42:2d:e6:d0:14:02:c7:2f:aa:
33:82:9d:fa:c1:3f:ed:fb:48:43:62:ce:19:ad:17:
9f:b5:24:12:61:77:3a:ab:f1:73:4e:ec:45:e3:3c:
2c:30:23:c3:2e:35:7d:f2:80:84:cd:c3:ab:11:c2:
f9:98:18:fd:84:23:89:65:5c:07:32:b7:2b:83:77:
70:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:17:36:A5:EB:B4:CD:01:AE:36:79:1C:3D:AA:EA:7E:59:F5:B2:48
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/YBc2peu0zQGuNnkcParqfln1skg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.107.175.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:ab:80:df:80:4a:f7:17:ac:a5:a0:80:ce:65:fa:d1:79:a9:
f9:02:25:e1:e7:9a:02:23:57:7e:08:d1:fe:25:34:94:38:d2:
f6:a1:f0:fc:33:5e:02:6e:02:85:86:a6:12:b2:87:95:47:fc:
9c:ef:31:99:97:46:73:53:74:dc:77:8c:b5:a4:7c:21:01:92:
35:15:e0:88:09:af:e9:30:ad:4c:92:32:95:80:e6:9e:98:31:
df:37:15:3c:ac:75:6c:cc:01:70:5e:28:a1:99:75:2c:c1:4f:
4d:eb:c2:7c:a3:8a:34:0c:20:f4:d0:d5:5c:17:8c:0a:61:3b:
ea:c2:a9:10:1e:d2:3b:97:66:0a:19:95:de:f9:82:30:ba:d4:
1e:c2:09:23:4a:12:61:c1:72:35:5d:a7:02:e0:0e:c7:2c:e2:
e3:29:6c:45:70:0b:13:e0:17:0c:bc:f4:3f:6b:58:d8:93:c4:
06:24:1e:73:3a:3b:15:8c:50:81:74:13:67:29:2f:06:27:a1:
1d:45:83:d5:1f:90:cc:eb:4e:59:b4:23:07:87:88:79:ae:e5:
f7:0e:be:73:e4:0b:d2:85:28:ca:dd:df:ef:ea:cb:0b:9d:71:
6d:36:87:99:b6:03:7f:b2:5b:dd:62:d1:e9:9e:64:85:aa:17:
f1:c3:26:97
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICENYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYwMTczNkE1RUJCNENE
MDFBRTM2NzkxQzNEQUFFQTdFNTlGNUIyNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCefN8UkuPVLOqhAcLpaets1j8iAw4pGwATr+SU+DJQUP6AK5sX
DoJtxSZg/iAo0st1AarqsM38OlKNZGlKob6KEfpynnLa71xfCfLlRGOhFEROonkK
tTtfXNOmseIaW8How5F/KOp2MechFOpw/wevuqwmpGEMF1pUduADL4TjQgQpLNC5
J9Rkze9cEoGEeLYLC4EW7u1lnPA4PU/mG/TZ5a9zxLfV4QY6L4pA0DIJQnXrlwIG
hHTX3kIt5tAUAscvqjOCnfrBP+37SENizhmtF5+1JBJhdzqr8XNO7EXjPCwwI8Mu
NX3ygITNw6sRwvmYGP2EI4llXAcytyuDd3CTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYBc2peu0zQGuNnkcParqfln1skgwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWUJjMnBldTB6UUd1Tm5rY1BhcnFm
bG4xc2tnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGprrzAN
BgkqhkiG9w0BAQsFAAOCAQEAsauA34BK9xespaCAzmX60Xmp+QIl4eeaAiNXfgjR
/iU0lDjS9qHw/DNeAm4ChYamErKHlUf8nO8xmZdGc1N03HeMtaR8IQGSNRXgiAmv
6TCtTJIylYDmnpgx3zcVPKx1bMwBcF4ooZl1LMFPTevCfKOKNAwg9NDVXBeMCmE7
6sKpEB7SO5dmChmV3vmCMLrUHsIJI0oSYcFyNV2nAuAOxyzi4ylsRXALE+AXDLz0
P2tY2JPEBiQeczo7FYxQgXQTZykvBiehHUWD1R+QzOtOWbQjB4eIea7l9w6+c+QL
0oUoyt3f7+rLC51xbTaHmbYDf7Jb3WLR6Z5khaoX8cMmlw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org