Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/vLqOzDfy3R7TGAFZO3YnWZu6LKU.roa
File: vLqOzDfy3R7TGAFZO3YnWZu6LKU.roa (raw, json)
Hash identifier: /s4pRDs6jaRdJtZxNPtCxJMzJGPI7raFN/rLPhhQDgw=
Subject key identifier: BC:BA:8E:CC:37:F2:DD:1E:D3:18:01:59:3B:76:27:59:9B:BA:2C:A5
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10DD
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/vLqOzDfy3R7TGAFZO3YnWZu6LKU.roa
Signing time: Wed 01 Feb 2023 10:29:08 +0000
ROA not before: Wed 01 Feb 2023 10:29:08 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18049
IP address blocks: 123.205.0.0/17 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4317 (0x10dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:08 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=BCBA8ECC37F2DD1ED31801593B7627599BBA2CA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:81:2e:f6:b8:d1:3d:1c:0d:ec:59:35:8a:5f:
53:52:cb:78:9a:7f:8c:e6:ee:fe:b4:cc:ed:34:1f:
69:56:ad:27:54:53:1b:59:2e:48:1c:bd:1b:1c:5c:
34:52:50:59:0f:e1:64:f1:ee:1f:9b:2a:05:c8:10:
ff:7e:e5:83:ec:ad:73:45:41:4a:fa:85:a2:6e:fc:
b7:95:a3:c3:be:a4:a7:ca:7b:72:e5:72:84:03:80:
e2:c7:cc:b3:aa:ba:88:16:47:9e:47:58:20:36:53:
fa:1d:b4:bc:2f:a3:2e:45:78:7f:a4:a8:74:c4:2c:
19:d1:9f:82:4e:e5:cd:b6:8a:59:64:d3:83:44:cd:
e4:03:13:7d:b8:2e:30:41:ce:ba:13:cb:42:06:74:
d4:88:72:aa:4b:f7:20:66:0b:d4:a3:de:fe:c3:f7:
b2:00:5e:d6:09:9c:d9:45:01:18:0d:15:95:67:4e:
44:50:5c:c5:8d:3a:3e:ec:fd:2e:df:75:5f:88:88:
ad:e7:74:78:9d:af:f6:43:3b:f7:d1:41:6d:a0:17:
79:ad:9a:47:55:d3:00:fe:f0:6e:65:96:fc:07:54:
8d:10:2b:de:b6:26:22:0d:11:b3:20:81:d2:4e:11:
e5:9d:04:cd:69:16:de:0e:e3:f0:cb:aa:b5:b8:a9:
3d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:BA:8E:CC:37:F2:DD:1E:D3:18:01:59:3B:76:27:59:9B:BA:2C:A5
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/vLqOzDfy3R7TGAFZO3YnWZu6LKU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.205.0.0/17
Signature Algorithm: sha256WithRSAEncryption
51:d9:05:db:94:b4:1c:7a:76:c6:c5:b2:e1:ac:5d:2f:ee:21:
2f:36:10:9e:46:3d:f2:a0:09:b1:e7:b2:b4:0c:e4:c4:97:7b:
af:6c:f6:a2:fb:5b:5f:84:49:35:7a:cb:ae:70:61:50:f5:1d:
f4:49:f8:ce:c9:f8:58:9a:6f:ab:b6:ec:ed:63:bd:9f:d1:67:
31:bb:26:e9:8e:35:8b:ef:98:a9:5f:59:8e:e3:aa:d8:fb:f1:
47:ec:80:e4:ec:c9:0f:db:99:76:1f:75:6d:94:76:1c:bc:c9:
6b:37:4c:a8:47:8e:21:0c:77:e6:49:2d:d4:37:02:27:5f:d7:
25:03:c3:c2:81:e3:5c:4b:cd:e2:0b:94:d0:82:95:cd:d0:4b:
63:b5:d7:1b:03:5e:5d:92:ee:da:d5:13:34:3c:d8:04:91:91:
5b:4d:68:d5:d8:6e:0d:be:7c:fd:d7:34:c0:06:03:da:e5:10:
ec:4d:52:62:0e:5d:c5:46:72:b0:f0:a3:59:15:7c:58:ca:eb:
33:e4:7a:40:10:6e:83:61:ae:83:84:94:26:39:55:91:a3:67:
b6:05:97:ab:0e:5a:a5:f9:32:12:91:b5:1b:d3:ae:5e:9d:10:
54:87:ec:60:01:d1:a0:59:9f:3d:60:8d:ff:8e:fd:23:e2:87:
8a:30:59:cb
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEN0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEJDQkE4RUNDMzdGMkRE
MUVEMzE4MDE1OTNCNzYyNzU5OUJCQTJDQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCngS72uNE9HA3sWTWKX1NSy3iaf4zm7v60zO00H2lWrSdUUxtZ
LkgcvRscXDRSUFkP4WTx7h+bKgXIEP9+5YPsrXNFQUr6haJu/LeVo8O+pKfKe3Ll
coQDgOLHzLOquogWR55HWCA2U/odtLwvoy5FeH+kqHTELBnRn4JO5c22illk04NE
zeQDE324LjBBzroTy0IGdNSIcqpL9yBmC9Sj3v7D97IAXtYJnNlFARgNFZVnTkRQ
XMWNOj7s/S7fdV+IiK3ndHidr/ZDO/fRQW2gF3mtmkdV0wD+8G5llvwHVI0QK962
JiINEbMggdJOEeWdBM1pFt4O4/DLqrW4qT1BAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUvLqOzDfy3R7TGAFZO3YnWZu6LKUwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvdkxxT3pEZnkzUjdUR0FGWk8zWW5X
WnU2TEtVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB3vNADAN
BgkqhkiG9w0BAQsFAAOCAQEAUdkF25S0HHp2xsWy4axdL+4hLzYQnkY98qAJseey
tAzkxJd7r2z2ovtbX4RJNXrLrnBhUPUd9En4zsn4WJpvq7bs7WO9n9FnMbsm6Y41
i++YqV9ZjuOq2PvxR+yA5OzJD9uZdh91bZR2HLzJazdMqEeOIQx35kkt1DcCJ1/X
JQPDwoHjXEvN4guU0IKVzdBLY7XXGwNeXZLu2tUTNDzYBJGRW01o1dhuDb58/dc0
wAYD2uUQ7E1SYg5dxUZysPCjWRV8WMrrM+R6QBBug2Gug4SUJjlVkaNntgWXqw5a
pfkyEpG1G9OuXp0QVIfsYAHRoFmfPWCN/479I+KHijBZyw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:16 2023 by rpki-client on console-fra.rpki-client.org