Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/bHZuz6jjbPiV-KK1quW9xg-bTzw.roa
File: bHZuz6jjbPiV-KK1quW9xg-bTzw.roa (raw, json)
Hash identifier: g2mFxW9XvQhj1mmAiu/7n3QTId6Cz1t3lfQES9HW5Sk=
Subject key identifier: 6C:76:6E:CF:A8:E3:6C:F8:95:F8:A2:B5:AA:E5:BD:C6:0F:9B:4F:3C
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10E9
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/bHZuz6jjbPiV-KK1quW9xg-bTzw.roa
Signing time: Wed 01 Feb 2023 10:29:12 +0000
ROA not before: Wed 01 Feb 2023 10:29:12 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 220.229.128.0/17 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4329 (0x10e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:12 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=6C766ECFA8E36CF895F8A2B5AAE5BDC60F9B4F3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:be:62:c6:bc:e8:25:07:35:70:4f:7c:0e:7a:
da:81:56:16:bc:23:71:17:87:e6:c7:6f:2d:7e:d2:
b1:53:d2:b7:d2:bd:70:a5:32:d1:f8:a3:bf:07:bc:
e2:a9:d7:0f:5a:1a:95:89:c2:7d:8b:62:4e:fb:11:
2b:0c:e8:36:08:cc:93:88:e6:2f:9a:85:0c:59:7b:
52:8e:2a:4e:76:e3:67:dc:09:f1:79:0c:cf:cd:7a:
a7:91:a9:d0:7a:32:33:ee:c2:4a:db:db:a1:f7:7d:
36:80:fe:59:05:6f:a8:18:0f:85:b0:8f:fb:d5:17:
ed:11:ce:24:8f:0a:27:51:5a:0d:f7:3e:19:a4:16:
53:ac:cf:e3:b4:15:97:37:f5:01:76:49:31:29:89:
88:52:31:ac:2c:87:7f:c9:f2:18:88:8c:33:02:cd:
e6:ee:44:d3:f3:5c:93:35:66:45:db:dc:8d:d9:12:
12:c0:5c:34:ee:82:14:7a:01:55:55:6b:44:f7:93:
ab:ac:4a:fb:67:c8:f9:15:a4:fa:be:11:0b:bf:9d:
0f:4e:ab:c1:25:b9:91:54:58:66:64:4a:69:c0:a5:
fe:18:82:3d:d9:5b:8f:59:9e:5b:c5:3b:12:2e:e2:
22:3b:f4:cf:18:3b:72:c7:a9:80:70:9b:80:c5:d0:
a9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:76:6E:CF:A8:E3:6C:F8:95:F8:A2:B5:AA:E5:BD:C6:0F:9B:4F:3C
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/bHZuz6jjbPiV-KK1quW9xg-bTzw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.128.0/17
Signature Algorithm: sha256WithRSAEncryption
8d:da:bb:53:64:22:78:1e:84:14:7b:0f:fe:09:63:0d:02:6f:
b3:2e:c1:7a:a1:3a:e2:7d:0e:0b:a3:c2:ec:c1:c3:26:1a:8f:
94:ae:44:f0:df:80:ba:8d:ae:8a:e2:21:d9:ee:99:01:5b:e1:
28:28:3e:3e:8a:ec:5a:76:6d:8d:f1:60:09:a9:e4:f1:41:7c:
94:36:23:0e:fe:54:c8:ca:d2:bb:26:a3:75:44:be:c4:1f:cb:
00:2a:f1:d3:53:96:ca:2f:ee:ca:58:e0:85:fa:db:cc:c9:4f:
96:7a:c9:bd:88:8b:5c:64:90:e4:e4:08:00:f0:b2:2a:03:0b:
98:8d:b4:b2:be:55:bd:db:c6:3f:9f:8a:9a:89:1e:9e:ee:34:
74:6e:03:54:3f:09:48:b6:fc:9a:57:65:15:fe:0f:23:81:fa:
84:c6:d3:2e:17:c4:58:96:2e:19:93:3d:4a:f8:cf:f0:60:68:
d6:26:94:a2:4c:68:15:f9:b3:9f:13:93:90:f9:d2:06:7f:68:
36:53:cc:c4:e9:56:d8:ff:0d:ad:4f:40:1d:5e:88:53:89:b9:
4c:d4:96:4f:bf:cc:ab:d1:a5:c4:47:77:1f:8a:a2:84:23:7a:
2e:98:50:65:c7:b4:32:63:86:fa:ff:df:78:a5:02:b6:3d:3b:
b1:57:9d:4a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEOkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDZDNzY2RUNGQThFMzZD
Rjg5NUY4QTJCNUFBRTVCREM2MEY5QjRGM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlvmLGvOglBzVwT3wOetqBVha8I3EXh+bHby1+0rFT0rfSvXCl
MtH4o78HvOKp1w9aGpWJwn2LYk77ESsM6DYIzJOI5i+ahQxZe1KOKk5242fcCfF5
DM/NeqeRqdB6MjPuwkrb26H3fTaA/lkFb6gYD4Wwj/vVF+0RziSPCidRWg33Phmk
FlOsz+O0FZc39QF2STEpiYhSMawsh3/J8hiIjDMCzebuRNPzXJM1ZkXb3I3ZEhLA
XDTughR6AVVVa0T3k6usSvtnyPkVpPq+EQu/nQ9Oq8EluZFUWGZkSmnApf4Ygj3Z
W49ZnlvFOxIu4iI79M8YO3LHqYBwm4DF0KkBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUbHZuz6jjbPiV+KK1quW9xg+bTzwwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvYkhadXo2ampiUGlWLUtLMXF1Vzl4
Zy1iVHp3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9zlgDAN
BgkqhkiG9w0BAQsFAAOCAQEAjdq7U2QieB6EFHsP/gljDQJvsy7BeqE64n0OC6PC
7MHDJhqPlK5E8N+Auo2uiuIh2e6ZAVvhKCg+PorsWnZtjfFgCank8UF8lDYjDv5U
yMrSuyajdUS+xB/LACrx01OWyi/uyljghfrbzMlPlnrJvYiLXGSQ5OQIAPCyKgML
mI20sr5VvdvGP5+Kmokenu40dG4DVD8JSLb8mldlFf4PI4H6hMbTLhfEWJYuGZM9
SvjP8GBo1iaUokxoFfmznxOTkPnSBn9oNlPMxOlW2P8NrU9AHV6IU4m5TNSWT7/M
q9GlxEd3H4qihCN6LphQZce0MmOG+v/feKUCtj07sVedSg==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org