Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/hG5FE7uXmCTe3TvoUcHgLCXWZvo.roa
File: hG5FE7uXmCTe3TvoUcHgLCXWZvo.roa (raw, json)
Hash identifier: qvRQldCH2B1CJhA76cwnrac41vS9jGtlHfcboGVj2m8=
Subject key identifier: 84:6E:45:13:BB:97:98:24:DE:DD:3B:E8:51:C1:E0:2C:25:D6:66:FA
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0CDB
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/hG5FE7uXmCTe3TvoUcHgLCXWZvo.roa
Signing time: Wed 01 Feb 2023 10:28:51 +0000
ROA not before: Wed 01 Feb 2023 10:28:51 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 192.72.248.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3291 (0xcdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 1 10:28:51 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=846E4513BB979824DEDD3BE851C1E02C25D666FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fc:04:df:55:0b:28:42:2b:50:1f:a4:ab:58:
b6:cf:2b:f3:ea:82:da:2d:44:dc:c1:33:8b:c7:e3:
7a:62:9a:94:59:8a:ef:93:e2:15:e6:f2:a4:c6:7e:
65:94:c9:02:7c:5d:bc:85:46:93:63:e8:6d:1b:16:
b0:16:94:c8:c7:34:52:aa:e1:ae:8d:bb:0a:5b:86:
a9:e9:f8:20:c6:e2:7a:0f:d1:57:d9:e7:59:ce:c1:
fc:e7:c5:da:cc:1c:ee:71:79:37:bb:57:9a:15:22:
c5:d4:2e:d5:ec:46:0c:b5:8f:e0:3f:04:08:11:f0:
de:57:f7:5e:e8:67:ac:c5:6b:59:74:89:44:a4:3a:
23:8c:39:55:01:df:ff:97:a0:27:96:90:be:21:f0:
a7:e4:aa:93:14:f0:5f:e7:1d:60:15:2a:37:00:3c:
44:cf:0f:d0:50:22:a7:af:17:62:79:42:ff:3e:4d:
1b:d7:16:5c:95:c1:d8:93:5a:d1:e9:bd:80:f3:48:
10:ab:46:4a:a7:69:8a:cf:f3:4d:3b:a7:86:c9:c0:
8a:b7:d4:97:c3:55:1c:1d:57:50:74:9a:25:47:ba:
5d:40:75:13:93:a6:3e:dd:8c:04:60:8a:3f:45:44:
3c:08:66:75:e6:fb:17:2e:ff:60:c2:24:d4:47:33:
f5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:6E:45:13:BB:97:98:24:DE:DD:3B:E8:51:C1:E0:2C:25:D6:66:FA
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/hG5FE7uXmCTe3TvoUcHgLCXWZvo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.248.0/22
Signature Algorithm: sha256WithRSAEncryption
88:2e:18:66:4f:a7:48:be:66:7c:e9:6e:c0:6f:83:f7:82:b6:
0e:e2:a5:a0:06:a3:be:40:e5:00:86:58:d8:96:b0:42:90:48:
ff:3e:b2:a8:1e:56:fa:67:bb:13:64:08:05:86:b8:8c:64:ba:
a1:d7:dd:c8:72:f4:63:8f:b4:38:66:bc:37:0b:e0:93:7c:31:
31:69:87:66:d8:3d:1d:69:b4:5a:0a:e1:e2:d8:05:f6:0c:fc:
f7:94:cc:2f:a4:e1:ad:e2:2e:07:8f:b0:ea:c0:17:d6:59:8c:
39:c1:43:7d:c1:ae:98:4b:96:06:12:13:8f:b0:f1:ff:4a:ee:
91:f5:a0:b8:1f:25:d2:c8:65:8a:93:bd:a6:bc:cf:c2:1c:7a:
01:86:65:db:41:b1:ad:39:0a:51:18:82:df:28:63:9e:0b:b5:
68:40:20:8c:cf:be:00:a2:d7:b5:b1:92:d8:05:5f:d1:25:d9:
30:5a:3e:ae:5e:33:6a:e5:7f:db:ad:69:7b:b3:a9:cf:c0:18:
b4:19:55:1a:67:88:31:9e:a0:98:4c:b0:1f:3b:d1:b6:da:e5:
97:09:97:7c:d0:5d:13:88:a5:da:71:14:2f:87:3b:7d:22:b1:
b7:68:61:fa:f0:1a:28:c5:6f:f8:6c:9f:13:cf:aa:17:2c:d6:
32:a2:50:ef
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzAyMDEx
MDI4NTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg0NkU0NTEzQkI5Nzk4
MjRERUREM0JFODUxQzFFMDJDMjVENjY2RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy/ATfVQsoQitQH6SrWLbPK/PqgtotRNzBM4vH43pimpRZiu+T
4hXm8qTGfmWUyQJ8XbyFRpNj6G0bFrAWlMjHNFKq4a6Nuwpbhqnp+CDG4noP0VfZ
51nOwfznxdrMHO5xeTe7V5oVIsXULtXsRgy1j+A/BAgR8N5X917oZ6zFa1l0iUSk
OiOMOVUB3/+XoCeWkL4h8KfkqpMU8F/nHWAVKjcAPETPD9BQIqevF2J5Qv8+TRvX
FlyVwdiTWtHpvYDzSBCrRkqnaYrP8007p4bJwIq31JfDVRwdV1B0miVHul1AdROT
pj7djARgij9FRDwIZnXm+xcu/2DCJNRHM/VZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhG5FE7uXmCTe3TvoUcHgLCXWZvowHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvaEc1RkU3dVhtQ1RlM1R2b1VjSGdM
Q1hXWnZvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsBI+DAN
BgkqhkiG9w0BAQsFAAOCAQEAiC4YZk+nSL5mfOluwG+D94K2DuKloAajvkDlAIZY
2JawQpBI/z6yqB5W+me7E2QIBYa4jGS6odfdyHL0Y4+0OGa8Nwvgk3wxMWmHZtg9
HWm0Wgrh4tgF9gz895TML6ThreIuB4+w6sAX1lmMOcFDfcGumEuWBhITj7Dx/0ru
kfWguB8l0shlipO9przPwhx6AYZl20GxrTkKURiC3yhjngu1aEAgjM++AKLXtbGS
2AVf0SXZMFo+rl4zauV/261pe7Opz8AYtBlVGmeIMZ6gmEywHzvRttrllwmXfNBd
E4il2nEUL4c7fSKxt2hh+vAaKMVv+GyfE8+qFyzWMqJQ7w==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:16 2023 by rpki-client on console-fra.rpki-client.org