Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/MpGfOOEAtX5uSED5odQHuI9mGxc.roa
File: MpGfOOEAtX5uSED5odQHuI9mGxc.roa (raw, json)
Hash identifier: VkWscr/Me+eYLvtVUqfnhNb6y5xunS4deffAUqhjZBw=
Subject key identifier: 32:91:9F:38:E1:00:B5:7E:6E:48:40:F9:A1:D4:07:B8:8F:66:1B:17
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0E07
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/MpGfOOEAtX5uSED5odQHuI9mGxc.roa
Signing time: Mon 26 Aug 2024 05:24:58 +0000
ROA not before: Mon 26 Aug 2024 05:24:58 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 124.150.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:59:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3591 (0xe07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Aug 26 05:24:58 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=32919F38E100B57E6E4840F9A1D407B88F661B17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:04:d2:d1:fc:54:ec:9e:8d:10:8a:05:15:4f:
f3:3f:ed:08:d1:21:3f:48:21:86:9b:95:4f:ee:b2:
0c:77:4d:bf:84:05:d7:5b:a0:de:22:dd:03:65:01:
ba:ea:f3:40:8d:7a:6f:66:b7:86:42:14:e9:be:31:
8d:1a:43:ae:a6:e1:f2:dd:80:93:e4:4b:1d:cd:78:
cb:fc:f6:cc:8d:61:30:70:80:63:5c:53:5f:ed:e7:
e6:3d:86:5d:9a:a8:e3:4d:12:c9:85:66:de:f8:ff:
96:e3:e3:91:c5:90:af:a2:16:c9:44:45:f4:94:3e:
68:bf:aa:78:b1:14:3b:f5:19:1b:23:06:2a:b9:1a:
23:84:b5:e4:c2:68:66:9d:40:fb:0c:fb:a5:22:b1:
a1:ca:a4:ec:7a:cb:e2:7a:7d:a5:bc:d9:a1:71:a1:
e0:e8:64:8a:04:04:30:5a:b4:09:d6:6a:ab:fa:b3:
5a:86:d9:9e:13:cb:83:71:80:ed:c1:5e:35:99:0a:
7e:33:a3:44:d4:85:24:c1:ef:f2:a0:ed:b7:35:72:
b8:34:33:f3:91:aa:57:4b:4a:1f:d7:96:59:d7:1e:
5b:2b:ae:3a:34:af:a1:d5:53:c5:4f:de:6e:d8:23:
d5:49:bd:c4:1b:7e:1e:8b:26:de:12:c1:93:df:9c:
8d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:91:9F:38:E1:00:B5:7E:6E:48:40:F9:A1:D4:07:B8:8F:66:1B:17
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/MpGfOOEAtX5uSED5odQHuI9mGxc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.150.133.0/24
Signature Algorithm: sha256WithRSAEncryption
87:14:6a:58:a4:57:79:97:aa:59:c2:94:59:c6:e7:21:b8:ce:
7e:b6:94:97:70:bc:fa:fc:6b:76:59:32:4e:f4:3c:c8:44:e1:
66:a7:f1:f7:0c:af:1d:f2:04:93:85:47:47:93:21:0f:da:a3:
99:a7:a4:0e:e8:fd:08:06:80:48:4c:89:0a:9a:ef:98:28:94:
9d:cc:26:1a:17:ba:72:35:10:6f:b4:eb:d8:a0:a9:51:c7:2e:
f4:da:93:61:92:b2:88:fa:9b:4f:ab:7f:aa:c3:34:ca:8b:8d:
22:a7:27:16:cf:c6:c3:ab:90:39:61:3e:8f:41:92:bf:a9:ec:
a1:9b:6c:16:0d:6c:d0:f8:5a:49:6a:01:b7:d2:5c:4d:49:1f:
82:97:d5:be:55:f1:cb:7e:a7:60:ee:c6:35:5c:70:ae:04:e8:
e4:ed:6b:83:bc:f1:8e:cb:ec:94:b4:f0:24:f2:ef:fd:3c:ed:
a9:d1:fe:fd:e9:a8:cb:76:9d:7b:1f:91:15:65:f0:cc:c3:ae:
28:43:d6:df:af:fd:15:0d:64:8d:63:28:23:5f:52:3d:44:a7:
12:a5:04:98:03:8d:58:6e:9b:16:01:0f:bf:2a:e3:55:95:8a:
2b:39:2d:24:39:c2:99:ae:ea:a3:98:5d:0f:8a:27:9a:bd:b8:
7e:db:8f:bd
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDgcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNDA4MjYw
NTI0NThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDMyOTE5RjM4RTEwMEI1
N0U2RTQ4NDBGOUExRDQwN0I4OEY2NjFCMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyBNLR/FTsno0QigUVT/M/7QjRIT9IIYablU/usgx3Tb+EBddb
oN4i3QNlAbrq80CNem9mt4ZCFOm+MY0aQ66m4fLdgJPkSx3NeMv89syNYTBwgGNc
U1/t5+Y9hl2aqONNEsmFZt74/5bj45HFkK+iFslERfSUPmi/qnixFDv1GRsjBiq5
GiOEteTCaGadQPsM+6UisaHKpOx6y+J6faW82aFxoeDoZIoEBDBatAnWaqv6s1qG
2Z4Ty4NxgO3BXjWZCn4zo0TUhSTB7/Kg7bc1crg0M/ORqldLSh/XllnXHlsrrjo0
r6HVU8VP3m7YI9VJvcQbfh6LJt4SwZPfnI33AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUMpGfOOEAtX5uSED5odQHuI9mGxcwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vTXBHZk9PRUF0WDV1U0VENW9kUUh1
STltR3hjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHyWhTAN
BgkqhkiG9w0BAQsFAAOCAQEAhxRqWKRXeZeqWcKUWcbnIbjOfraUl3C8+vxrdlky
TvQ8yEThZqfx9wyvHfIEk4VHR5MhD9qjmaekDuj9CAaASEyJCprvmCiUncwmGhe6
cjUQb7Tr2KCpUccu9NqTYZKyiPqbT6t/qsM0youNIqcnFs/Gw6uQOWE+j0GSv6ns
oZtsFg1s0PhaSWoBt9JcTUkfgpfVvlXxy36nYO7GNVxwrgTo5O1rg7zxjsvslLTw
JPLv/TztqdH+/emoy3adex+RFWXwzMOuKEPW36/9FQ1kjWMoI19SPUSnEqUEmAON
WG6bFgEPvyrjVZWKKzktJDnCma7qo5hdD4onmr24ftuPvQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:14:44 2025 by rpki-client