Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/d76_VKID3s_U7AiAX6C6szVVm40.roa
File: d76_VKID3s_U7AiAX6C6szVVm40.roa (raw, json)
Hash identifier: R1rCHHdya4Y9gdiIjsWnd5R/GCpj+zOSrf08wyhp2VE=
Subject key identifier: 77:BE:BF:54:A2:03:DE:CF:D4:EC:08:80:5F:A0:BA:B3:35:55:9B:8D
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1104
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/d76_VKID3s_U7AiAX6C6szVVm40.roa
Signing time: Wed 01 Feb 2023 10:29:22 +0000
ROA not before: Wed 01 Feb 2023 10:29:22 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18419
IP address blocks: 106.105.24.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4356 (0x1104)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:22 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=77BEBF54A203DECFD4EC08805FA0BAB335559B8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1e:d7:45:99:bf:b7:72:19:17:52:b2:0a:5f:
28:ef:7c:bf:83:2d:b2:25:93:f3:5c:e9:b2:66:d3:
ec:67:21:4f:1b:02:12:2d:99:89:53:59:d3:47:08:
e1:a2:74:69:33:d5:bc:70:56:8b:07:f5:05:85:cd:
5e:e4:88:85:dc:2d:34:82:da:f0:af:5f:4e:b9:3b:
82:35:f9:a4:a0:0b:d5:06:a9:dd:c8:01:5e:61:2a:
39:0a:c8:9a:1f:62:db:f9:dd:3b:62:ef:21:68:1f:
c4:13:f9:29:4b:b3:e7:7a:dd:d0:67:4f:39:3e:4c:
66:7d:b7:9d:c1:c9:f0:49:fb:c9:3a:27:d1:28:c4:
2c:26:61:6d:ca:a9:a6:11:29:61:0f:d8:c7:21:9f:
01:0c:41:13:2c:61:bd:77:bc:09:ba:4a:85:f0:4f:
ce:ff:de:ca:67:29:02:e5:29:47:9c:39:d3:e9:7a:
be:8e:a2:ec:6d:0f:69:75:a5:b8:73:c2:59:63:87:
2e:21:f1:83:60:22:2a:3e:a8:d9:0c:88:bf:90:82:
56:93:5b:8b:53:79:cb:03:c3:60:69:fb:44:6a:5e:
6b:ec:8a:ca:90:2c:69:a6:83:d5:68:44:b2:0d:7c:
31:e8:a3:9a:3b:e7:29:52:ee:11:28:54:c4:e9:fa:
cb:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:BE:BF:54:A2:03:DE:CF:D4:EC:08:80:5F:A0:BA:B3:35:55:9B:8D
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/d76_VKID3s_U7AiAX6C6szVVm40.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.105.24.0/21
Signature Algorithm: sha256WithRSAEncryption
71:e1:a3:a8:2e:65:00:6d:52:1a:4e:8f:db:00:2a:2a:09:6f:
0a:22:99:a7:80:d7:2c:dc:1d:b1:e2:5a:2f:d5:a6:83:fc:13:
d8:a6:c4:b0:06:fb:c7:0a:46:f3:19:2f:0a:1b:f9:31:a3:34:
33:a4:1b:89:33:5e:28:67:63:16:08:15:86:91:d8:7d:21:5c:
1d:1a:8d:fe:ee:5e:19:30:27:31:35:2b:cc:4d:16:53:25:8f:
b9:c6:dd:50:5b:a8:25:e7:f1:e4:6c:8a:99:31:5a:30:6d:9b:
78:83:37:d6:ad:46:42:5a:12:0f:d6:ca:94:86:bc:a9:0b:f7:
b1:37:85:75:6e:39:df:46:5a:f2:97:ba:84:1f:92:4d:91:e1:
e7:b1:d6:de:25:c2:9a:72:3e:6f:c4:c0:c7:01:63:48:21:37:
c0:9f:d8:2a:b7:8c:b8:42:3d:42:04:b9:c3:a8:25:e0:ea:65:
c2:aa:8a:81:94:cd:20:7c:e4:ba:17:83:42:48:12:90:36:3f:
fd:62:4e:30:94:03:5d:e1:52:43:98:09:99:ed:ec:e6:a3:82:
a8:f1:d0:99:59:00:36:62:c7:98:aa:e0:81:07:12:51:1a:a2:
fa:27:5d:9e:7f:e0:36:a1:52:7c:f0:00:29:ac:45:a4:54:78:
11:13:5a:3b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEQQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MjJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDc3QkVCRjU0QTIwM0RF
Q0ZENEVDMDg4MDVGQTBCQUIzMzU1NTlCOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdHtdFmb+3chkXUrIKXyjvfL+DLbIlk/Nc6bJm0+xnIU8bAhIt
mYlTWdNHCOGidGkz1bxwVosH9QWFzV7kiIXcLTSC2vCvX065O4I1+aSgC9UGqd3I
AV5hKjkKyJofYtv53Tti7yFoH8QT+SlLs+d63dBnTzk+TGZ9t53ByfBJ+8k6J9Eo
xCwmYW3KqaYRKWEP2MchnwEMQRMsYb13vAm6SoXwT87/3spnKQLlKUecOdPper6O
ouxtD2l1pbhzwlljhy4h8YNgIio+qNkMiL+QglaTW4tTecsDw2Bp+0RqXmvsisqQ
LGmmg9VoRLINfDHoo5o75ylS7hEoVMTp+ssNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUd76/VKID3s/U7AiAX6C6szVVm40wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvZDc2X1ZLSUQzc19VN0FpQVg2QzZz
elZWbTQwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2ppGDAN
BgkqhkiG9w0BAQsFAAOCAQEAceGjqC5lAG1SGk6P2wAqKglvCiKZp4DXLNwdseJa
L9Wmg/wT2KbEsAb7xwpG8xkvChv5MaM0M6QbiTNeKGdjFggVhpHYfSFcHRqN/u5e
GTAnMTUrzE0WUyWPucbdUFuoJefx5GyKmTFaMG2beIM31q1GQloSD9bKlIa8qQv3
sTeFdW4530Za8pe6hB+STZHh57HW3iXCmnI+b8TAxwFjSCE3wJ/YKreMuEI9QgS5
w6gl4OplwqqKgZTNIHzkuheDQkgSkDY//WJOMJQDXeFSQ5gJme3s5qOCqPHQmVkA
NmLHmKrggQcSURqi+iddnn/gNqFSfPAAKaxFpFR4ERNaOw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:16 2023 by rpki-client on console-fra.rpki-client.org