Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/lh-1Dw6TvxvDW2mWDLihySDWYXI.roa
File: lh-1Dw6TvxvDW2mWDLihySDWYXI.roa (raw, json)
Hash identifier: Fk6IV2KSNEDARXbqWTeXcN4Ia1qkLtnwnnq4GGsocZA=
Subject key identifier: 96:1F:B5:0F:0E:93:BF:1B:C3:5B:69:96:0C:B8:A1:C9:20:D6:61:72
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1112
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/lh-1Dw6TvxvDW2mWDLihySDWYXI.roa
Signing time: Wed 01 Feb 2023 10:29:25 +0000
ROA not before: Wed 01 Feb 2023 10:29:25 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 218.210.0.0/15 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4370 (0x1112)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:25 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=961FB50F0E93BF1BC35B69960CB8A1C920D66172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:01:61:50:3b:6e:19:61:d3:a7:ee:60:cb:2b:
c7:23:3e:e4:18:7e:c2:d5:4c:cb:b3:20:8e:14:3c:
41:db:33:05:e4:21:89:a6:82:e1:40:3e:97:90:ef:
35:f5:38:87:5c:f6:31:de:2b:a9:f2:ae:78:70:85:
fa:2d:ba:d4:a8:ee:97:15:ef:21:e3:6f:6e:b6:23:
48:9b:1b:6c:64:79:48:63:84:1e:29:bd:14:70:21:
fa:8f:3a:11:66:18:c0:08:98:17:ea:8d:e6:2f:78:
0d:f2:dc:3f:fa:fc:d4:4a:02:6a:0e:bc:8c:7c:a4:
d4:ca:70:40:24:8e:73:25:b3:73:b0:7a:18:d5:eb:
f9:8e:8d:72:43:be:e7:65:41:a5:56:e7:cd:9a:85:
6b:51:ea:26:be:83:2b:48:fa:0a:05:a1:be:fb:2b:
95:ec:95:8a:3b:02:93:d0:a1:95:78:0b:53:17:41:
00:7b:45:39:bd:6b:10:e7:5f:1c:0a:5d:04:4a:53:
63:a8:bd:47:7d:ab:4d:6c:ae:6f:d5:44:9f:42:4d:
e5:01:e3:6c:96:f4:67:94:8f:c0:7a:dd:53:54:b9:
6b:5c:99:72:be:50:c4:ce:53:84:3a:20:00:96:bb:
34:e1:38:a2:9c:00:9c:63:2d:5b:01:6f:3e:a9:04:
75:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:1F:B5:0F:0E:93:BF:1B:C3:5B:69:96:0C:B8:A1:C9:20:D6:61:72
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/lh-1Dw6TvxvDW2mWDLihySDWYXI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.210.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6a:55:c6:1b:95:bb:70:45:e7:f3:a5:48:2e:c0:57:8a:ac:07:
8d:d8:0f:b2:04:14:b1:21:57:e1:ba:a2:3c:0d:e5:3f:85:a6:
d4:fa:64:d6:55:9d:6e:d4:5b:4d:32:f9:52:ab:52:c1:2d:b4:
0a:cc:85:a1:57:4f:82:88:78:b1:e4:5f:a9:24:68:51:51:76:
01:f8:2f:6d:1f:34:e3:d9:36:d4:70:a5:a6:a9:81:d3:c3:04:
18:44:33:87:ab:49:5b:cb:16:22:ab:1d:f7:cc:fc:22:73:98:
74:16:b8:72:f0:21:32:9b:1d:59:c8:d7:74:ae:62:79:8b:f8:
9d:00:88:ac:92:b9:df:2a:7b:7a:98:68:58:f7:11:7e:f9:24:
b9:48:c7:07:62:ad:2c:67:39:36:5c:7f:70:db:40:29:4e:e6:
1a:70:32:8e:52:2b:de:a3:3a:0f:b3:d0:ad:72:21:fa:39:6c:
c6:bd:67:42:fd:16:37:5d:0c:94:bf:f0:a6:6a:83:a4:9a:d8:
37:e2:78:a4:ed:8f:f7:89:03:d5:16:31:b4:f5:2b:e7:62:d7:
aa:32:08:94:1c:47:81:b1:1d:48:18:12:c2:5f:81:83:40:1b:
d2:b2:3a:a8:f3:d8:a0:21:31:b1:90:f0:fa:d0:33:0c:7e:06:
4f:11:8f:a0
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICERIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk2MUZCNTBGMEU5M0JG
MUJDMzVCNjk5NjBDQjhBMUM5MjBENjYxNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtAWFQO24ZYdOn7mDLK8cjPuQYfsLVTMuzII4UPEHbMwXkIYmm
guFAPpeQ7zX1OIdc9jHeK6nyrnhwhfotutSo7pcV7yHjb262I0ibG2xkeUhjhB4p
vRRwIfqPOhFmGMAImBfqjeYveA3y3D/6/NRKAmoOvIx8pNTKcEAkjnMls3OwehjV
6/mOjXJDvudlQaVW582ahWtR6ia+gytI+goFob77K5XslYo7ApPQoZV4C1MXQQB7
RTm9axDnXxwKXQRKU2OovUd9q01srm/VRJ9CTeUB42yW9GeUj8B63VNUuWtcmXK+
UMTOU4Q6IACWuzThOKKcAJxjLVsBbz6pBHUtAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUlh+1Dw6TvxvDW2mWDLihySDWYXIwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvbGgtMUR3NlR2eHZEVzJtV0RMaWh5
U0RXWVhJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAdrSMA0G
CSqGSIb3DQEBCwUAA4IBAQBqVcYblbtwRefzpUguwFeKrAeN2A+yBBSxIVfhuqI8
DeU/habU+mTWVZ1u1FtNMvlSq1LBLbQKzIWhV0+CiHix5F+pJGhRUXYB+C9tHzTj
2TbUcKWmqYHTwwQYRDOHq0lbyxYiqx33zPwic5h0Frhy8CEymx1ZyNd0rmJ5i/id
AIiskrnfKnt6mGhY9xF++SS5SMcHYq0sZzk2XH9w20ApTuYacDKOUiveozoPs9Ct
ciH6OWzGvWdC/RY3XQyUv/CmaoOkmtg34nik7Y/3iQPVFjG09SvnYteqMgiUHEeB
sR1IGBLCX4GDQBvSsjqo89igITGxkPD60DMMfgZPEY+g
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:16 2023 by rpki-client on console-fra.rpki-client.org