Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/LcMgvOV8I_WbDrYbMfOi4z0YPpU.roa
File: LcMgvOV8I_WbDrYbMfOi4z0YPpU.roa (raw, json)
Hash identifier: lZ4OP62V1EPTh5NU8QnweutWNNu6PG2Vm8m1iRp8E+I=
Subject key identifier: 2D:C3:20:BC:E5:7C:23:F5:9B:0E:B6:1B:31:F3:A2:E3:3D:18:3E:95
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 223E
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/LcMgvOV8I_WbDrYbMfOi4z0YPpU.roa
Signing time: Fri 25 Nov 2022 04:40:56 +0000
ROA not before: Fri 25 Nov 2022 04:40:56 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38841
IP address blocks: 123.195.150.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8766 (0x223e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Nov 25 04:40:56 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2DC320BCE57C23F59B0EB61B31F3A2E33D183E95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3c:08:f3:6a:e7:a0:8e:f1:1b:36:e7:94:50:
88:db:a9:48:92:ca:4d:ed:58:d2:21:bb:4a:46:86:
4a:66:dd:9a:87:92:48:7e:b9:2c:b9:65:ef:ed:8c:
a9:cb:9e:5c:96:41:23:0e:89:e8:22:ad:1d:dd:e9:
6a:aa:07:bf:9b:73:7b:66:68:85:ff:b1:d1:15:36:
45:95:ec:2b:be:be:67:53:56:6a:4a:96:e1:18:67:
2c:99:90:b9:0d:c7:5d:1f:15:b3:15:91:4f:a8:fa:
0d:26:87:8c:0a:cd:9e:e3:11:74:be:4e:e0:bd:64:
ab:62:1f:4b:ca:5f:72:81:9e:fa:21:e6:be:fe:bb:
b2:d2:7a:a4:fd:fb:49:47:40:5b:75:24:1a:06:00:
fb:42:36:c0:59:46:c9:3a:29:0f:ab:c5:a6:b8:63:
97:a6:b2:4d:90:42:01:49:35:83:aa:a0:22:47:39:
50:de:89:a5:b4:8a:de:92:2a:19:f3:ee:6f:7c:87:
d8:e9:d9:de:f0:f8:ed:1e:2f:99:45:83:ea:33:6f:
6b:66:83:b2:7e:46:54:92:c3:c1:3b:9c:44:ec:f8:
1a:3d:3e:91:80:e0:2f:5f:c3:51:5c:0d:04:89:c3:
2d:a7:e9:2d:dd:fc:6f:0b:d0:b9:3e:99:50:07:50:
88:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C3:20:BC:E5:7C:23:F5:9B:0E:B6:1B:31:F3:A2:E3:3D:18:3E:95
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/LcMgvOV8I_WbDrYbMfOi4z0YPpU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.195.150.0/24
Signature Algorithm: sha256WithRSAEncryption
08:fc:0d:2b:b0:fc:45:06:1a:64:1f:b8:5c:46:f5:4f:05:7f:
63:55:21:5e:4d:f3:a9:52:e4:f4:77:44:56:fa:e7:49:c3:54:
e0:89:26:6e:3a:a9:51:ba:de:6f:e7:67:0f:24:4c:1d:58:90:
97:fb:e9:85:4f:b7:f3:36:1c:26:ca:6d:cf:01:7a:41:47:89:
f4:38:5b:a1:00:10:e0:d6:62:83:0a:23:88:92:f4:e9:1e:29:
a9:c1:dd:a6:1f:7f:42:7c:a3:b8:65:62:8e:40:57:cf:f0:8f:
56:42:66:cf:09:a7:5d:a6:de:fe:3a:4e:da:35:b0:9b:96:2c:
73:4e:7c:49:c7:1a:3a:4a:fa:77:e7:21:65:c4:05:bc:f8:56:
06:7c:12:ae:5f:38:cb:35:76:90:5a:b6:b9:3d:90:aa:bf:0d:
1d:57:40:ad:b9:e9:6d:22:65:f8:d5:43:a9:bd:b9:16:e5:a0:
2b:0f:40:94:79:b9:6e:a8:46:83:8c:53:5b:59:a7:ea:6e:92:
a9:d0:5d:7a:40:5e:63:89:ea:6a:b3:28:02:53:20:f8:fe:91:
c0:cc:a8:bb:59:eb:e4:ec:c7:b6:be:a3:ba:f9:67:23:d7:5a:
64:85:1a:3b:07:fb:45:95:04:19:23:86:3b:81:fe:54:f7:b4:
b2:82:a8:a1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIj4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjExMjUw
NDQwNTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJEQzMyMEJDRTU3QzIz
RjU5QjBFQjYxQjMxRjNBMkUzM0QxODNFOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxPAjzauegjvEbNueUUIjbqUiSyk3tWNIhu0pGhkpm3ZqHkkh+
uSy5Ze/tjKnLnlyWQSMOiegirR3d6WqqB7+bc3tmaIX/sdEVNkWV7Cu+vmdTVmpK
luEYZyyZkLkNx10fFbMVkU+o+g0mh4wKzZ7jEXS+TuC9ZKtiH0vKX3KBnvoh5r7+
u7LSeqT9+0lHQFt1JBoGAPtCNsBZRsk6KQ+rxaa4Y5emsk2QQgFJNYOqoCJHOVDe
iaW0it6SKhnz7m98h9jp2d7w+O0eL5lFg+ozb2tmg7J+RlSSw8E7nETs+Bo9PpGA
4C9fw1FcDQSJwy2n6S3d/G8L0Lk+mVAHUIgNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQULcMgvOV8I/WbDrYbMfOi4z0YPpUwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL0xjTWd2T1Y4SV9XYkRyWWJN
Zk9pNHowWVBwVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB7
w5YwDQYJKoZIhvcNAQELBQADggEBAAj8DSuw/EUGGmQfuFxG9U8Ff2NVIV5N86lS
5PR3RFb650nDVOCJJm46qVG63m/nZw8kTB1YkJf76YVPt/M2HCbKbc8BekFHifQ4
W6EAEODWYoMKI4iS9OkeKanB3aYff0J8o7hlYo5AV8/wj1ZCZs8Jp12m3v46Tto1
sJuWLHNOfEnHGjpK+nfnIWXEBbz4VgZ8Eq5fOMs1dpBatrk9kKq/DR1XQK256W0i
ZfjVQ6m9uRbloCsPQJR5uW6oRoOMU1tZp+pukqnQXXpAXmOJ6mqzKAJTIPj+kcDM
qLtZ6+Tsx7a+o7r5ZyPXWmSFGjsH+0WVBBkjhjuB/lT3tLKCqKE=
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:47:03 2023 by rpki-client on console-fra.rpki-client.org