Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/1kLdBKw8Jie3wKLvzUvnB578VmE.roa
File: 1kLdBKw8Jie3wKLvzUvnB578VmE.roa (raw, json)
Hash identifier: cVIscnTpjD+XKnKic8Mh6k2dLSpakiESOGHwEYGC2Kw=
Subject key identifier: D6:42:DD:04:AC:3C:26:27:B7:C0:A2:EF:CD:4B:E7:07:9E:FC:56:61
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0B4D
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/1kLdBKw8Jie3wKLvzUvnB578VmE.roa
Signing time: Fri 01 Sep 2023 10:00:51 +0000
ROA not before: Fri 01 Sep 2023 10:00:51 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 211622
IP address blocks: 2403:7f40:e000::/48 maxlen: 64
Validation: Failed, certificate revoked on Thu 15 Aug 2024 16:38:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2893 (0xb4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Sep 1 10:00:51 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=D642DD04AC3C2627B7C0A2EFCD4BE7079EFC5661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7e:8b:f5:9b:e0:06:d9:0f:8e:95:05:99:92:
6d:7c:0e:23:6d:bc:9b:15:a3:ea:f3:0b:e1:c9:26:
09:1e:ea:17:8a:11:1d:11:38:87:21:de:56:5e:ae:
2c:02:c4:ef:1b:87:be:e8:f9:f5:9c:e1:c0:4a:7b:
44:e8:a5:f9:4d:a6:12:50:fd:de:ee:11:88:24:28:
d6:c7:10:ba:65:a0:b3:2a:8e:2c:69:29:59:75:8d:
58:13:6d:80:8c:b7:76:d7:88:9d:d3:f2:f5:12:42:
79:af:df:a9:af:ae:57:53:8d:ff:8a:72:07:21:f7:
41:ba:85:50:70:88:5c:ca:80:c6:56:8e:3e:fa:e9:
1b:91:50:c0:38:b3:28:86:24:b9:77:23:40:35:85:
56:6c:20:2c:31:33:4e:74:67:df:29:a3:55:b8:3e:
09:49:80:61:28:2f:c5:58:4a:c6:bf:9e:38:2a:42:
84:c4:e6:54:9f:8b:45:4b:58:09:40:e7:10:c9:da:
af:87:86:e2:18:58:04:3d:3f:e1:ee:c6:ba:2f:82:
02:a5:4e:97:48:a7:65:9a:cc:14:d2:c7:c0:53:e9:
c4:8a:15:1a:b2:ac:ad:af:bb:e2:7f:73:2b:a9:49:
5b:ea:7a:23:6e:4e:ef:a5:b9:d8:a7:1e:f9:9a:5f:
60:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:42:DD:04:AC:3C:26:27:B7:C0:A2:EF:CD:4B:E7:07:9E:FC:56:61
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/1kLdBKw8Jie3wKLvzUvnB578VmE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:7f40:e000::/48
Signature Algorithm: sha256WithRSAEncryption
67:8c:2d:05:9d:11:05:82:8d:a6:42:26:7b:fb:c7:d5:9d:bf:
a1:06:63:55:ac:bc:b1:cb:53:79:98:eb:99:46:dc:e8:d4:e3:
6b:78:9e:2d:51:24:20:25:a6:b7:a7:26:a6:73:29:d8:ec:1a:
bc:81:e1:08:21:15:d5:de:f7:84:c8:8e:30:bf:97:17:4e:93:
33:43:bb:bc:a3:5f:e5:46:03:96:8c:91:15:81:ff:38:81:26:
f5:4e:c0:12:5a:89:05:98:7c:85:de:2f:90:bf:57:15:8e:0c:
5c:fe:e6:49:67:ba:ca:a6:99:e2:70:33:5d:81:4f:50:de:48:
f7:db:45:a1:0e:2d:06:c9:74:f8:56:b0:34:3a:d6:b2:bd:13:
da:c1:d8:22:33:3b:9b:72:f7:64:d6:ec:73:f3:fd:ff:2d:ea:
43:ed:51:dd:6a:49:91:17:56:b2:36:03:16:5b:97:4f:c2:be:
21:37:49:5a:cf:93:e2:e7:fb:08:c9:f9:9f:52:34:92:fa:e2:
24:21:4e:76:b4:2d:63:d9:7e:99:03:eb:6f:53:0f:42:2d:62:
7a:98:2f:11:2d:2d:5a:48:d2:a7:ac:fd:e3:da:c5:38:f3:7d:
18:54:61:80:8a:65:ac:3d:76:76:f5:86:26:f4:f0:cb:95:28:
17:b8:35:26
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICC00wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMzA5MDEx
MDAwNTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ2NDJERDA0QUMzQzI2
MjdCN0MwQTJFRkNENEJFNzA3OUVGQzU2NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZfov1m+AG2Q+OlQWZkm18DiNtvJsVo+rzC+HJJgke6heKER0R
OIch3lZeriwCxO8bh77o+fWc4cBKe0TopflNphJQ/d7uEYgkKNbHELploLMqjixp
KVl1jVgTbYCMt3bXiJ3T8vUSQnmv36mvrldTjf+Kcgch90G6hVBwiFzKgMZWjj76
6RuRUMA4syiGJLl3I0A1hVZsICwxM050Z98po1W4PglJgGEoL8VYSsa/njgqQoTE
5lSfi0VLWAlA5xDJ2q+HhuIYWAQ9P+HuxrovggKlTpdIp2WazBTSx8BT6cSKFRqy
rK2vu+J/cyupSVvqeiNuTu+ludinHvmaX2BTAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU1kLdBKw8Jie3wKLvzUvnB578VmEwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElILzFrTGRCS3c4SmllM3dLTHZ6VXZuQjU3
OFZtRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A4AAw
DQYJKoZIhvcNAQELBQADggEBAGeMLQWdEQWCjaZCJnv7x9Wdv6EGY1WsvLHLU3mY
65lG3OjU42t4ni1RJCAlprenJqZzKdjsGryB4QghFdXe94TIjjC/lxdOkzNDu7yj
X+VGA5aMkRWB/ziBJvVOwBJaiQWYfIXeL5C/VxWODFz+5klnusqmmeJwM12BT1De
SPfbRaEOLQbJdPhWsDQ61rK9E9rB2CIzO5ty92TW7HPz/f8t6kPtUd1qSZEXVrI2
AxZbl0/CviE3SVrPk+Ln+wjJ+Z9SNJL64iQhTna0LWPZfpkD629TD0ItYnqYLxEt
LVpI0qes/ePaxTjzfRhUYYCKZaw9dnb1hib08MuVKBe4NSY=
-----END CERTIFICATE-----
Generated at Thu Aug 15 19:31:58 2024 by rpki-client on console-ams.rpki-client.org