Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KrhR7TPKAjzGrm8izYKyDVepK0o.roa
File: KrhR7TPKAjzGrm8izYKyDVepK0o.roa (raw, json)
Hash identifier: t8SdxRVqpph4SPsE1uQpKRQrHi0KSA5LaBcsH9aOP74=
Subject key identifier: 2A:B8:51:ED:33:CA:02:3C:C6:AE:6F:22:CD:82:B2:0D:57:A9:2B:4A
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 1A95
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KrhR7TPKAjzGrm8izYKyDVepK0o.roa
Signing time: Fri 16 Dec 2022 04:08:30 +0000
ROA not before: Fri 16 Dec 2022 04:08:30 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24164
IP address blocks: 61.61.208.0/21 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6805 (0x1a95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Dec 16 04:08:30 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2AB851ED33CA023CC6AE6F22CD82B20D57A92B4A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:57:cd:ef:d4:3d:18:80:34:4f:ac:d3:59:42:
83:85:c7:15:8b:72:21:9f:a8:07:73:95:96:b8:b6:
44:8e:0b:d6:54:11:9e:8b:4a:b6:c0:f3:7c:76:25:
b7:39:80:2d:de:09:ae:cb:29:20:b1:07:bb:1d:62:
91:93:98:36:ee:5e:6a:db:13:76:71:57:a9:be:4e:
ca:5b:fe:ed:61:8c:fc:14:c0:4a:39:4c:4e:19:46:
81:ab:cb:13:aa:39:1c:79:76:72:05:ce:5a:2f:48:
aa:2c:e2:ab:5a:fa:0a:5a:03:5d:b7:83:f6:78:19:
57:0d:a0:19:8f:a7:da:27:01:68:8d:43:5c:58:12:
20:af:b7:e4:d3:ed:29:21:01:94:a0:41:8e:49:f8:
4b:54:11:9d:c7:bd:ba:8e:aa:61:a4:12:a8:89:75:
8c:bb:b4:43:a9:59:90:81:0a:14:69:e8:12:a3:06:
1c:05:c6:b6:b5:58:9f:80:1e:dc:17:3e:9b:d1:11:
41:95:6a:e0:61:06:b6:a6:fc:c8:76:5b:55:b4:44:
f1:32:ce:94:a0:5e:06:18:09:d7:c7:e1:d0:93:91:
f6:1c:e0:00:46:6f:ee:45:bc:f5:4b:f4:23:15:d6:
54:01:a0:44:19:22:32:94:dc:9b:0e:3d:e8:3a:98:
ba:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B8:51:ED:33:CA:02:3C:C6:AE:6F:22:CD:82:B2:0D:57:A9:2B:4A
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KrhR7TPKAjzGrm8izYKyDVepK0o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.208.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:2c:03:94:bf:0c:cd:21:df:5f:38:5e:97:a0:d5:28:f7:f0:
2e:02:50:b9:48:63:5f:08:32:bd:b6:f6:32:7c:92:f3:d9:a8:
5a:fd:43:18:bd:59:1d:bc:a2:72:2f:bc:85:0d:13:96:ca:68:
66:e8:f5:54:24:09:a5:ec:f0:62:f8:2f:27:54:63:43:96:2f:
dd:b3:20:00:08:55:c3:92:31:a3:24:95:6a:3e:20:24:ac:ad:
6d:e1:52:72:79:50:00:bb:c1:5c:90:9a:1c:06:ad:af:ec:bb:
93:c6:bc:ad:70:ca:ec:8a:be:f4:b1:fd:cb:01:b1:39:43:f4:
5a:34:aa:16:cf:a8:4c:52:65:96:41:9c:6c:26:19:76:ee:e4:
8b:bf:fb:1b:ca:da:3b:ed:c0:11:3a:74:86:64:34:bd:6b:76:
1b:68:2a:6e:8b:35:91:91:9d:77:2c:76:11:f3:ba:e1:d1:29:
63:a8:49:8d:a7:d3:55:31:61:b0:e4:b3:d5:6e:57:9f:71:10:
68:08:e4:40:fa:c9:70:a4:7b:34:88:21:32:c5:17:fd:af:1a:
53:44:cc:9a:9c:8e:f5:07:69:98:e9:36:c3:1a:33:5b:e1:64:
ea:6e:44:22:61:e5:56:1b:57:ca:ae:32:dc:5e:f2:74:b7:12:
1c:db:9c:a8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGpUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEyMTYw
NDA4MzBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJBQjg1MUVEMzNDQTAy
M0NDNkFFNkYyMkNEODJCMjBENTdBOTJCNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEV83v1D0YgDRPrNNZQoOFxxWLciGfqAdzlZa4tkSOC9ZUEZ6L
SrbA83x2Jbc5gC3eCa7LKSCxB7sdYpGTmDbuXmrbE3ZxV6m+Tspb/u1hjPwUwEo5
TE4ZRoGryxOqORx5dnIFzlovSKos4qta+gpaA123g/Z4GVcNoBmPp9onAWiNQ1xY
EiCvt+TT7SkhAZSgQY5J+EtUEZ3HvbqOqmGkEqiJdYy7tEOpWZCBChRp6BKjBhwF
xra1WJ+AHtwXPpvREUGVauBhBram/Mh2W1W0RPEyzpSgXgYYCdfH4dCTkfYc4ABG
b+5FvPVL9CMV1lQBoEQZIjKU3JsOPeg6mLrhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKrhR7TPKAjzGrm8izYKyDVepK0owHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0tyaFI3VFBLQWp6R3JtOGl6
WUt5RFZlcEswby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9
PdAwDQYJKoZIhvcNAQELBQADggEBAJosA5S/DM0h3184Xpeg1Sj38C4CULlIY18I
Mr229jJ8kvPZqFr9Qxi9WR28onIvvIUNE5bKaGbo9VQkCaXs8GL4LydUY0OWL92z
IAAIVcOSMaMklWo+ICSsrW3hUnJ5UAC7wVyQmhwGra/su5PGvK1wyuyKvvSx/csB
sTlD9Fo0qhbPqExSZZZBnGwmGXbu5Iu/+xvK2jvtwBE6dIZkNL1rdhtoKm6LNZGR
nXcsdhHzuuHRKWOoSY2n01UxYbDks9VuV59xEGgI5ED6yXCkezSIITLFF/2vGlNE
zJqcjvUHaZjpNsMaM1vhZOpuRCJh5VYbV8quMtxe8nS3EhzbnKg=
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:47:14 2023 by rpki-client on console-fra.rpki-client.org