Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/O7fO5G3-KxYZDohYKogZxXnR7Jg.roa
File: O7fO5G3-KxYZDohYKogZxXnR7Jg.roa (raw, json)
Hash identifier: Zi1QdF/29xetT8vRU63s2F8kWVu/KTpKRQgNOaMxRvY=
Subject key identifier: 3B:B7:CE:E4:6D:FE:2B:16:19:0E:88:58:2A:88:19:C5:79:D1:EC:98
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 1979
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/O7fO5G3-KxYZDohYKogZxXnR7Jg.roa
Signing time: Sat 22 Oct 2022 06:06:34 +0000
ROA not before: Sat 22 Oct 2022 06:06:34 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24164
IP address blocks: 49.158.32.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6521 (0x1979)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Oct 22 06:06:34 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3BB7CEE46DFE2B16190E88582A8819C579D1EC98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f7:bf:17:d2:f6:21:00:69:be:86:1c:d5:ce:
c1:66:89:4e:5c:59:64:ac:bd:59:3c:50:45:88:74:
10:82:f1:53:ae:f0:ca:c8:44:29:0e:b2:ac:c4:ef:
9b:b0:3f:68:a5:8f:27:92:d2:4a:3b:1c:a9:24:d9:
e9:9a:13:c0:2d:6d:c4:f3:50:e3:03:76:94:a7:5b:
dd:89:71:b5:e1:e2:0e:0e:61:6a:22:42:13:53:50:
20:2d:67:88:f3:c2:1b:08:db:07:57:bd:46:d5:f2:
f5:97:6b:66:e8:e8:cc:e7:fc:41:8e:0c:45:a7:95:
00:6b:d6:fe:12:f0:34:67:9f:07:b6:f7:d8:c7:9b:
b4:78:d3:33:97:dc:f8:92:75:95:fd:d3:88:ea:ae:
5b:a2:63:3e:18:47:08:7d:86:b9:1a:b0:81:1b:03:
81:a9:f9:72:7a:a9:19:9b:00:44:2f:9c:c4:94:da:
19:32:41:6d:35:6b:31:39:56:39:8e:6b:92:93:48:
51:73:4f:e1:b9:09:28:bf:40:10:3d:dc:60:3d:8f:
b8:b4:37:dc:0e:b4:b0:d8:20:a1:75:9a:de:23:f1:
93:1d:ba:2d:7a:77:4c:9f:09:60:f3:e9:01:b4:85:
70:c2:fb:4e:ad:c4:73:26:9c:a5:58:29:07:15:d3:
a6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B7:CE:E4:6D:FE:2B:16:19:0E:88:58:2A:88:19:C5:79:D1:EC:98
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/O7fO5G3-KxYZDohYKogZxXnR7Jg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.158.32.0/21
Signature Algorithm: sha256WithRSAEncryption
2a:60:e8:29:6c:0e:c1:33:6b:c5:92:7c:98:9a:35:2f:36:3e:
65:17:83:fd:9f:71:0a:73:48:3a:7a:6e:9d:76:ca:ca:7f:63:
fc:c9:ec:4c:cf:86:e1:bf:01:51:1f:87:31:c7:ec:69:3b:ef:
06:e0:a5:72:de:3b:3d:ec:eb:f1:cf:bf:13:cc:4b:c0:bc:2f:
b5:3f:c7:b5:0d:b9:39:39:b3:84:3e:dd:f9:e7:6a:f1:c4:56:
ac:8c:12:98:32:5a:86:0d:23:5a:14:dd:49:14:e5:33:46:dc:
55:85:da:f4:b0:60:c9:34:f7:25:69:5c:a2:56:59:26:66:00:
a6:33:ac:d9:0e:87:8a:e2:bc:66:68:e7:f1:ff:5e:a2:db:62:
85:69:6f:f6:84:77:b3:08:39:6c:f1:86:0c:89:c0:55:9d:f1:
31:ce:74:f5:0c:4c:f6:3d:17:2c:54:2d:b6:40:25:71:53:45:
06:ee:21:39:4a:1c:53:65:d8:1d:81:b8:8a:95:04:30:3e:2d:
78:0c:7e:ae:71:87:86:b2:ed:bf:65:72:79:53:94:3b:1e:06:
a2:54:8c:7d:d0:31:d3:5a:78:be:66:97:5e:9e:84:a6:6c:f5:
8d:c3:f5:67:71:80:d9:b1:ac:7d:72:bc:85:dc:37:77:e7:2e:
66:d3:06:69
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGXkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NjA2MzRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNCQjdDRUU0NkRGRTJC
MTYxOTBFODg1ODJBODgxOUM1NzlEMUVDOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF978X0vYhAGm+hhzVzsFmiU5cWWSsvVk8UEWIdBCC8VOu8MrI
RCkOsqzE75uwP2iljyeS0ko7HKkk2emaE8AtbcTzUOMDdpSnW92JcbXh4g4OYWoi
QhNTUCAtZ4jzwhsI2wdXvUbV8vWXa2bo6Mzn/EGODEWnlQBr1v4S8DRnnwe299jH
m7R40zOX3PiSdZX904jqrluiYz4YRwh9hrkasIEbA4Gp+XJ6qRmbAEQvnMSU2hky
QW01azE5VjmOa5KTSFFzT+G5CSi/QBA93GA9j7i0N9wOtLDYIKF1mt4j8ZMdui16
d0yfCWDz6QG0hXDC+06txHMmnKVYKQcV06Z7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUO7fO5G3+KxYZDohYKogZxXnR7JgwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL083Zk81RzMtS3hZWkRvaFlL
b2daeFhuUjdKZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
niAwDQYJKoZIhvcNAQELBQADggEBACpg6ClsDsEza8WSfJiaNS82PmUXg/2fcQpz
SDp6bp12ysp/Y/zJ7EzPhuG/AVEfhzHH7Gk77wbgpXLeOz3s6/HPvxPMS8C8L7U/
x7UNuTk5s4Q+3fnnavHEVqyMEpgyWoYNI1oU3UkU5TNG3FWF2vSwYMk09yVpXKJW
WSZmAKYzrNkOh4rivGZo5/H/XqLbYoVpb/aEd7MIOWzxhgyJwFWd8THOdPUMTPY9
FyxULbZAJXFTRQbuITlKHFNl2B2BuIqVBDA+LXgMfq5xh4ay7b9lcnlTlDseBqJU
jH3QMdNaeL5ml16ehKZs9Y3D9WdxgNmxrH1yvIXcN3fnLmbTBmk=
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:47:15 2023 by rpki-client on console-fra.rpki-client.org