Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/4whkDrh6cNC16skBEzXw696tJPk.roa
File: 4whkDrh6cNC16skBEzXw696tJPk.roa (raw, json)
Hash identifier: oMNwoxVTaqfWLNLUx8AC7FeiHZqtzybbTlyTSsyqhO4=
Subject key identifier: E3:08:64:0E:B8:7A:70:D0:B5:EA:C9:01:13:35:F0:EB:DE:AD:24:F9
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 18F1
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/4whkDrh6cNC16skBEzXw696tJPk.roa
Signing time: Sat 22 Oct 2022 06:05:55 +0000
ROA not before: Sat 22 Oct 2022 06:05:55 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24163
IP address blocks: 180.218.240.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6385 (0x18f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Oct 22 06:05:55 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=E308640EB87A70D0B5EAC9011335F0EBDEAD24F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:10:9e:3a:11:bc:87:ed:dd:58:c6:e7:ff:d8:
c9:2e:b9:21:3c:7d:7e:bf:99:5e:52:e6:3e:70:e4:
a5:5a:ab:ab:04:df:95:bb:d5:83:84:02:de:f5:ef:
05:bc:4d:45:1c:35:22:3e:97:81:51:2d:63:04:62:
e4:24:5f:6a:28:52:17:e2:4c:be:ac:f4:c7:c3:25:
8b:be:39:f3:25:48:93:05:0b:97:40:44:36:ed:ea:
96:1e:88:0d:98:c7:7f:96:cb:b7:24:e0:df:4b:7a:
c0:37:62:d8:05:67:89:af:f4:20:0d:fc:d5:02:83:
61:62:c5:23:b0:61:6a:14:65:84:15:3f:51:3c:e9:
06:8c:07:92:0d:86:60:d3:db:4b:e6:67:11:fc:45:
a1:80:7f:f1:fe:fd:2b:b9:a6:39:91:8d:ae:25:0d:
92:b5:25:56:6f:48:99:4d:f2:57:a9:05:5f:74:5b:
ee:e6:85:0d:21:75:9c:31:ef:f1:c9:39:de:ab:15:
be:a7:96:02:e4:b6:30:6a:91:b3:15:ab:c1:48:23:
f8:ac:6c:56:83:84:56:5e:6a:9f:5f:63:f9:77:50:
70:9e:15:1d:46:7e:02:5d:2f:76:d8:4c:30:29:b4:
b5:51:f0:b7:02:28:18:d7:64:6c:fd:67:b9:11:fd:
03:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:08:64:0E:B8:7A:70:D0:B5:EA:C9:01:13:35:F0:EB:DE:AD:24:F9
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/4whkDrh6cNC16skBEzXw696tJPk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.218.240.0/21
Signature Algorithm: sha256WithRSAEncryption
91:1c:24:9b:34:30:c8:36:7a:69:c7:44:fa:fb:05:a5:bd:de:
42:a0:04:21:b0:98:b5:c3:1e:47:3a:1c:91:03:31:1f:1c:07:
36:26:aa:a8:37:89:83:ea:7b:66:51:08:9a:6d:5b:52:46:08:
b6:b1:07:d4:7a:39:d3:db:a7:a5:01:8a:1e:25:59:74:f6:93:
36:f0:d8:58:5b:7c:d0:55:2b:96:d1:42:ad:ad:f2:a2:ad:be:
e4:0c:25:fa:76:4b:32:c4:f6:df:c5:3f:f6:54:33:69:de:60:
fa:92:05:88:50:5f:6f:2c:00:e5:82:46:a9:22:db:5b:82:5b:
16:33:52:bd:86:bb:5e:a8:80:d9:6b:1b:a5:a3:a0:ea:1f:1c:
49:af:fb:54:39:d0:9b:9e:48:f7:cd:66:d5:0b:ed:e9:1c:1e:
44:b0:f4:da:be:49:67:be:cb:ca:64:50:35:cd:b3:2f:60:9a:
1c:df:5c:b6:54:e6:93:aa:48:c0:14:02:20:ec:f9:ef:06:b4:
32:04:c5:58:0b:1e:aa:20:04:18:21:e4:fd:b6:4f:c0:08:29:
b2:31:69:c2:5b:61:bb:4d:89:31:ea:11:88:c1:e5:3f:b3:82:
ff:6c:77:4f:2d:0f:a5:de:de:1d:3a:4d:83:38:34:4a:f6:53:
df:f2:70:84
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NjA1NTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEUzMDg2NDBFQjg3QTcw
RDBCNUVBQzkwMTEzMzVGMEVCREVBRDI0RjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzEJ46EbyH7d1Yxuf/2MkuuSE8fX6/mV5S5j5w5KVaq6sE35W7
1YOEAt717wW8TUUcNSI+l4FRLWMEYuQkX2ooUhfiTL6s9MfDJYu+OfMlSJMFC5dA
RDbt6pYeiA2Yx3+Wy7ck4N9LesA3YtgFZ4mv9CAN/NUCg2FixSOwYWoUZYQVP1E8
6QaMB5INhmDT20vmZxH8RaGAf/H+/Su5pjmRja4lDZK1JVZvSJlN8lepBV90W+7m
hQ0hdZwx7/HJOd6rFb6nlgLktjBqkbMVq8FII/isbFaDhFZeap9fY/l3UHCeFR1G
fgJdL3bYTDAptLVR8LcCKBjXZGz9Z7kR/QMPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4whkDrh6cNC16skBEzXw696tJPkwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVULzR3aGtEcmg2Y05DMTZza0JF
elh3Njk2dEpQay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO0
2vAwDQYJKoZIhvcNAQELBQADggEBAJEcJJs0MMg2emnHRPr7BaW93kKgBCGwmLXD
Hkc6HJEDMR8cBzYmqqg3iYPqe2ZRCJptW1JGCLaxB9R6OdPbp6UBih4lWXT2kzbw
2FhbfNBVK5bRQq2t8qKtvuQMJfp2SzLE9t/FP/ZUM2neYPqSBYhQX28sAOWCRqki
21uCWxYzUr2Gu16ogNlrG6WjoOofHEmv+1Q50JueSPfNZtUL7ekcHkSw9Nq+SWe+
y8pkUDXNsy9gmhzfXLZU5pOqSMAUAiDs+e8GtDIExVgLHqogBBgh5P22T8AIKbIx
acJbYbtNiTHqEYjB5T+zgv9sd08tD6Xe3h06TYM4NEr2U9/ycIQ=
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:47:13 2023 by rpki-client on console-fra.rpki-client.org