Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/g9EwhX9CMnVCvLLtR0m41ojwQ4I.roa
File: g9EwhX9CMnVCvLLtR0m41ojwQ4I.roa (raw, json)
Hash identifier: x43xXFKp9SjFiQeF397bIwY3MQIRPIRUmIA2NhBK58g=
Subject key identifier: 83:D1:30:85:7F:42:32:75:42:BC:B2:ED:47:49:B8:D6:88:F0:43:82
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10CE
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/g9EwhX9CMnVCvLLtR0m41ojwQ4I.roa
Signing time: Wed 01 Feb 2023 10:29:03 +0000
ROA not before: Wed 01 Feb 2023 10:29:03 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131627
IP address blocks: 218.210.116.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4302 (0x10ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:03 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=83D130857F42327542BCB2ED4749B8D688F04382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:30:07:88:e3:5b:6d:75:43:8a:35:e7:58:ef:
46:08:3f:e0:4a:55:9a:da:87:f5:17:27:1b:6d:94:
0a:ab:fd:a5:8d:3d:1c:e4:a9:1f:4f:58:dd:51:ad:
63:e5:19:0d:c1:56:cd:c9:8a:84:dc:6b:f2:65:d3:
6e:c4:11:48:e2:f2:78:33:5d:8a:b4:76:7c:76:68:
30:88:38:9d:f4:15:31:2e:2e:0a:b4:46:6e:ad:42:
ad:1a:0e:51:03:5a:f4:9e:45:59:74:bc:da:32:07:
b2:5f:6c:1f:0c:50:63:5f:78:9b:9e:7a:0e:50:30:
03:ee:ae:ca:39:3d:da:64:0e:6a:e5:bd:df:7e:cd:
ea:41:b6:b9:aa:4d:36:a2:13:29:16:f1:0b:37:aa:
a1:de:d0:b4:12:cc:d9:2f:ae:98:17:34:07:59:cc:
d7:90:b5:88:c3:d4:c1:e6:41:58:81:44:8f:80:be:
7e:05:b7:57:ae:99:d9:54:29:23:07:d1:98:26:64:
ee:e3:42:14:b1:c8:74:a6:61:77:a9:ac:89:c8:fe:
d1:7a:fd:98:8f:b8:45:5f:75:a6:4d:1b:dc:12:a5:
58:4a:4d:af:f1:6f:3f:96:76:5d:e9:f0:bf:5b:da:
87:c1:32:b3:84:31:c7:97:9a:0f:17:f4:11:38:32:
23:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D1:30:85:7F:42:32:75:42:BC:B2:ED:47:49:B8:D6:88:F0:43:82
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/g9EwhX9CMnVCvLLtR0m41ojwQ4I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.210.116.0/23
Signature Algorithm: sha256WithRSAEncryption
61:4d:ee:fa:13:07:23:39:0e:11:d3:7d:d7:ba:5b:bc:e7:3b:
62:04:73:94:47:ff:5a:b9:3c:fd:19:12:dd:85:93:17:9d:33:
ad:6b:dc:6d:c6:1e:50:ef:f2:f7:57:10:62:8b:92:97:6c:7a:
37:ea:0f:c3:de:9a:b8:fa:b4:60:30:5e:af:cd:bd:96:ec:21:
92:2c:bb:ac:28:81:92:88:a3:2b:76:49:06:2b:4c:5f:6a:0d:
ce:0f:c0:87:21:16:30:98:f6:2d:af:9d:fc:e5:11:c7:2e:50:
3c:8a:18:04:d0:56:e5:0a:44:f0:d7:42:d4:a1:41:5c:a5:a7:
d8:3a:b3:7d:cd:0d:3c:e4:8c:7b:6a:d5:11:9b:35:52:a1:b9:
27:f7:bf:9c:61:96:c6:e7:2d:58:69:55:b3:38:4c:39:40:dc:
be:fb:13:40:52:8d:c0:1a:dc:7c:83:d9:6b:f7:14:78:44:56:
44:15:b1:96:1e:e4:a6:1a:1f:25:0d:97:98:34:c1:70:99:a5:
7e:ac:2a:4a:d0:55:8e:b4:2d:af:d2:aa:5f:12:4c:ca:98:d9:
d9:40:88:ee:e5:c8:12:39:e6:80:05:c2:87:b4:ea:0e:89:30:
42:a0:a0:64:bb:5d:e4:07:50:27:92:0e:5f:7f:b0:9d:87:97:
0d:79:2e:05
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEM4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MDNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDgzRDEzMDg1N0Y0MjMy
NzU0MkJDQjJFRDQ3NDlCOEQ2ODhGMDQzODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcMAeI41ttdUOKNedY70YIP+BKVZrah/UXJxttlAqr/aWNPRzk
qR9PWN1RrWPlGQ3BVs3JioTca/Jl027EEUji8ngzXYq0dnx2aDCIOJ30FTEuLgq0
Rm6tQq0aDlEDWvSeRVl0vNoyB7JfbB8MUGNfeJueeg5QMAPurso5PdpkDmrlvd9+
zepBtrmqTTaiEykW8Qs3qqHe0LQSzNkvrpgXNAdZzNeQtYjD1MHmQViBRI+Avn4F
t1eumdlUKSMH0ZgmZO7jQhSxyHSmYXeprInI/tF6/ZiPuEVfdaZNG9wSpVhKTa/x
bz+Wdl3p8L9b2ofBMrOEMceXmg8X9BE4MiMnAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUg9EwhX9CMnVCvLLtR0m41ojwQ4IwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvZzlFd2hYOUNNblZDdkxMdFIwbTQx
b2p3UTRJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdrSdDAN
BgkqhkiG9w0BAQsFAAOCAQEAYU3u+hMHIzkOEdN917pbvOc7YgRzlEf/Wrk8/RkS
3YWTF50zrWvcbcYeUO/y91cQYouSl2x6N+oPw96auPq0YDBer829luwhkiy7rCiB
koijK3ZJBitMX2oNzg/AhyEWMJj2La+d/OURxy5QPIoYBNBW5QpE8NdC1KFBXKWn
2Dqzfc0NPOSMe2rVEZs1UqG5J/e/nGGWxuctWGlVszhMOUDcvvsTQFKNwBrcfIPZ
a/cUeERWRBWxlh7kphofJQ2XmDTBcJmlfqwqStBVjrQtr9KqXxJMypjZ2UCI7uXI
EjnmgAXCh7TqDokwQqCgZLtd5AdQJ5IOX3+wnYeXDXkuBQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:51 2023 by rpki-client on console-ams.rpki-client.org