Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/n-BqlGhN6qbAlNrN7FwXQj8Kwag.roa
File: n-BqlGhN6qbAlNrN7FwXQj8Kwag.roa (raw, json)
Hash identifier: TWeTBa0lBGw/am75wOwaYa/dPdHsZ2b37rviuPxeJZ8=
Subject key identifier: 9F:E0:6A:94:68:4D:EA:A6:C0:94:DA:CD:EC:5C:17:42:3F:0A:C1:A8
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 11C7
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/n-BqlGhN6qbAlNrN7FwXQj8Kwag.roa
Signing time: Tue 15 Aug 2023 09:51:54 +0000
ROA not before: Tue 15 Aug 2023 09:51:54 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 198949
IP address blocks: 113.196.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4551 (0x11c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Aug 15 09:51:54 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=9FE06A94684DEAA6C094DACDEC5C17423F0AC1A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1f:94:c6:36:a5:89:e8:9c:16:f0:f1:65:41:
b3:ba:d8:80:9f:15:9c:90:a5:69:60:9b:d1:cb:83:
21:f0:39:e3:c7:63:39:40:ce:f0:cb:da:d1:b2:da:
57:ae:49:cb:c1:e5:a4:a8:9b:d6:aa:2e:29:53:29:
c2:02:4a:8f:42:24:4e:26:a9:03:c6:3d:5e:5a:74:
e6:b8:aa:e3:33:41:a9:b0:38:19:f0:19:b6:be:73:
d6:36:72:5f:05:a4:4f:fe:e2:b2:5f:11:27:7b:c3:
46:90:56:20:67:4b:7e:c7:f7:54:6c:9c:f6:db:49:
c7:2b:7d:a7:db:7a:33:ea:6a:ea:6b:84:2d:31:a0:
ab:d4:51:5f:98:30:e5:ae:0c:37:9c:b4:47:df:45:
4f:d8:c6:4e:00:c0:6a:fd:ab:16:24:27:e5:10:0a:
28:6b:c6:5d:e5:06:e5:33:b8:ca:c8:58:38:e3:da:
2d:00:61:5a:ac:6d:bb:74:f6:74:7c:3b:4a:75:54:
f0:aa:f4:19:18:cf:a6:d6:a5:7e:1e:57:cd:07:1f:
a1:db:47:80:aa:85:bf:c3:0b:18:ee:d5:f4:69:33:
1f:ac:35:52:e5:d1:09:24:15:3e:56:00:7b:45:9f:
6b:e8:cc:5c:ba:4d:1e:ec:db:4f:1b:13:68:5c:50:
e7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E0:6A:94:68:4D:EA:A6:C0:94:DA:CD:EC:5C:17:42:3F:0A:C1:A8
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/n-BqlGhN6qbAlNrN7FwXQj8Kwag.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.196.245.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:69:ca:ff:50:f0:c1:d7:90:f8:b3:1a:16:5e:05:22:e6:3b:
a0:5d:fa:3b:5f:25:17:43:2a:7d:65:00:48:fd:74:46:3c:10:
64:8a:38:58:05:3f:54:e0:17:4a:82:3f:87:b7:27:ae:f9:67:
83:10:1e:5d:d9:b1:22:46:70:de:85:ce:a5:e3:09:8c:bf:9b:
e4:46:d2:b1:1d:fd:09:30:c1:a3:9b:1c:6b:a5:14:87:55:25:
11:48:bc:ee:92:81:94:97:c4:4e:1a:d1:1c:b3:fd:ad:10:db:
84:2d:74:75:9a:55:8a:3c:e0:67:91:6d:6b:aa:9d:bf:ed:4a:
ea:62:72:7c:5d:59:d7:9a:85:84:78:1a:72:cc:16:65:c6:82:
f5:2c:3f:7a:a4:84:0e:f2:c0:a9:0a:8a:79:95:16:ea:b9:38:
50:35:e7:60:37:45:49:d3:2b:ef:fc:1d:f2:74:db:45:77:2e:
3b:1f:aa:c9:5a:b0:6a:12:4d:d6:05:ac:a3:d8:fa:e0:54:a3:
69:91:08:ee:b8:5e:11:81:a5:fe:31:4f:30:43:87:27:4b:fc:
6f:44:09:09:07:6a:0c:47:85:9a:79:3f:1f:39:18:73:9b:d4:
45:d6:c7:11:aa:97:0b:5d:1e:5b:33:a4:6c:e6:4c:b2:76:49:
52:2d:db:1d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEccwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzA4MTUw
OTUxNTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDlGRTA2QTk0Njg0REVB
QTZDMDk0REFDREVDNUMxNzQyM0YwQUMxQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuH5TGNqWJ6JwW8PFlQbO62ICfFZyQpWlgm9HLgyHwOePHYzlA
zvDL2tGy2leuScvB5aSom9aqLilTKcICSo9CJE4mqQPGPV5adOa4quMzQamwOBnw
Gba+c9Y2cl8FpE/+4rJfESd7w0aQViBnS37H91RsnPbbSccrfafbejPqauprhC0x
oKvUUV+YMOWuDDectEffRU/Yxk4AwGr9qxYkJ+UQCihrxl3lBuUzuMrIWDjj2i0A
YVqsbbt09nR8O0p1VPCq9BkYz6bWpX4eV80HH6HbR4Cqhb/DCxju1fRpMx+sNVLl
0QkkFT5WAHtFn2vozFy6TR7s208bE2hcUOdxAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUn+BqlGhN6qbAlNrN7FwXQj8KwagwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvbi1CcWxHaE42cWJBbE5yTjdGd1hR
ajhLd2FnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHHE9TAN
BgkqhkiG9w0BAQsFAAOCAQEATGnK/1DwwdeQ+LMaFl4FIuY7oF36O18lF0MqfWUA
SP10RjwQZIo4WAU/VOAXSoI/h7cnrvlngxAeXdmxIkZw3oXOpeMJjL+b5EbSsR39
CTDBo5sca6UUh1UlEUi87pKBlJfEThrRHLP9rRDbhC10dZpVijzgZ5Fta6qdv+1K
6mJyfF1Z15qFhHgacswWZcaC9Sw/eqSEDvLAqQqKeZUW6rk4UDXnYDdFSdMr7/wd
8nTbRXcuOx+qyVqwahJN1gWso9j64FSjaZEI7rheEYGl/jFPMEOHJ0v8b0QJCQdq
DEeFmnk/HzkYc5vURdbHEaqXC10eWzOkbOZMsnZJUi3bHQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:51 2023 by rpki-client on console-ams.rpki-client.org