Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/lcJwbT0ENMCRt7XV3y4iXJurkOE.roa
File: lcJwbT0ENMCRt7XV3y4iXJurkOE.roa (raw, json)
Hash identifier: DnKZ4StOAFfT5kueEqxYiN0b4ljpUyAEuHZKYebX1N4=
Subject key identifier: 95:C2:70:6D:3D:04:34:C0:91:B7:B5:D5:DF:2E:22:5C:9B:AB:90:E1
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0BA9
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/lcJwbT0ENMCRt7XV3y4iXJurkOE.roa
Signing time: Thu 15 Sep 2022 02:42:30 +0000
ROA not before: Thu 15 Sep 2022 02:42:30 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38843
IP address blocks: 223.27.58.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2985 (0xba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 15 02:42:30 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=95C2706D3D0434C091B7B5D5DF2E225C9BAB90E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cc:45:8e:b4:f8:ab:04:11:97:cd:55:0a:d3:
2f:cb:7c:69:2d:67:2f:b8:84:08:46:a0:47:7d:b9:
a8:77:5d:06:d2:5e:b9:29:3f:0d:9c:7d:58:7d:89:
5d:c8:10:7e:8d:cc:cf:85:17:0b:49:6a:23:d0:2d:
1c:a7:8c:66:db:3d:aa:75:7e:c9:9b:4e:f5:e1:ca:
36:04:a2:9d:4e:3b:7a:44:a5:92:d4:5e:6c:3b:c4:
f5:06:be:52:f7:31:fe:98:8f:8b:c3:b2:b1:57:ad:
88:58:33:fc:00:55:cb:e0:37:4d:34:08:4e:19:ab:
c7:bd:bc:d9:7f:e8:78:2a:29:1e:6a:bd:ea:88:41:
ac:27:ee:af:03:e1:31:63:1a:d5:c2:c5:80:99:ce:
5a:2d:17:4e:d4:e5:84:ec:74:0b:cb:62:f4:aa:de:
38:ff:63:56:4c:f0:e5:26:b6:d9:dd:9b:63:a4:61:
2b:62:46:0f:12:b4:53:4f:9f:68:6d:91:74:1e:79:
df:7b:86:af:3b:5b:d3:9c:42:91:ac:8a:98:68:63:
88:b1:ad:bd:0a:6d:66:0f:7f:a6:5e:20:7c:88:bb:
53:08:a2:b0:36:09:5f:2e:7c:d3:bc:23:d4:95:6a:
d5:57:e9:5d:87:52:d4:4f:df:11:b4:74:39:de:5c:
9b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C2:70:6D:3D:04:34:C0:91:B7:B5:D5:DF:2E:22:5C:9B:AB:90:E1
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/lcJwbT0ENMCRt7XV3y4iXJurkOE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.58.0/24
Signature Algorithm: sha256WithRSAEncryption
49:7c:98:03:fb:ba:24:03:d7:3e:8d:8a:c1:78:24:33:68:68:
2f:13:e8:1f:b8:c8:8f:a4:88:68:b0:82:d3:7a:59:e7:77:a9:
2d:17:5c:0c:c4:22:0f:d7:36:14:f3:05:2e:f7:89:21:f0:9c:
4e:db:6c:62:2f:d3:0a:f6:67:89:37:93:c2:eb:a2:39:49:53:
80:1e:65:2f:cf:e7:c5:42:d5:ae:cc:39:e2:f4:ee:34:a7:1d:
03:a3:7c:ea:af:28:e6:8c:a2:88:84:cc:05:b0:3d:d4:7d:4c:
4c:16:7f:09:b7:18:62:ac:e0:81:7c:cf:4a:2d:01:00:1e:58:
9b:4f:96:db:61:27:eb:43:fc:5a:c8:b9:d7:a0:35:f7:32:46:
2e:3b:c9:a8:31:cb:98:cf:77:29:84:3a:a9:a5:99:bb:bf:4d:
3e:64:10:02:e7:19:3d:55:82:99:36:01:16:a7:ed:cb:0c:4d:
71:d9:37:08:2d:e3:d3:cc:5b:59:13:5b:f2:dc:06:8f:ec:71:
d2:f1:ce:38:9b:97:8c:22:1b:13:38:8c:36:9a:f7:06:40:16:
cf:54:4d:0e:b8:ee:9c:fd:cc:f4:85:c0:55:31:1c:1e:54:02:
2b:49:dd:8d:04:79:e6:05:f0:99:c3:b7:09:d9:88:b5:c7:09:
b0:1c:91:af
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMjA5MTUw
MjQyMzBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk1QzI3MDZEM0QwNDM0
QzA5MUI3QjVENURGMkUyMjVDOUJBQjkwRTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9zEWOtPirBBGXzVUK0y/LfGktZy+4hAhGoEd9uah3XQbSXrkp
Pw2cfVh9iV3IEH6NzM+FFwtJaiPQLRynjGbbPap1fsmbTvXhyjYEop1OO3pEpZLU
Xmw7xPUGvlL3Mf6Yj4vDsrFXrYhYM/wAVcvgN000CE4Zq8e9vNl/6HgqKR5qveqI
Qawn7q8D4TFjGtXCxYCZzlotF07U5YTsdAvLYvSq3jj/Y1ZM8OUmttndm2OkYSti
Rg8StFNPn2htkXQeed97hq87W9OcQpGsiphoY4ixrb0KbWYPf6ZeIHyIu1MIorA2
CV8ufNO8I9SVatVX6V2HUtRP3xG0dDneXJt/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUlcJwbT0ENMCRt7XV3y4iXJurkOEwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vbGNKd2JUMEVOTUNSdDdYVjN5NGlY
SnVya09FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bOjAN
BgkqhkiG9w0BAQsFAAOCAQEASXyYA/u6JAPXPo2KwXgkM2hoLxPoH7jIj6SIaLCC
03pZ53epLRdcDMQiD9c2FPMFLveJIfCcTttsYi/TCvZniTeTwuuiOUlTgB5lL8/n
xULVrsw54vTuNKcdA6N86q8o5oyiiITMBbA91H1MTBZ/CbcYYqzggXzPSi0BAB5Y
m0+W22En60P8Wsi516A19zJGLjvJqDHLmM93KYQ6qaWZu79NPmQQAucZPVWCmTYB
FqftywxNcdk3CC3j08xbWRNb8twGj+xx0vHOOJuXjCIbEziMNpr3BkAWz1RNDrju
nP3M9IXAVTEcHlQCK0ndjQR55gXwmcO3CdmItccJsByRrw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:21:50 2023 by rpki-client on console-ams.rpki-client.org