Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CnM1aPHQO4i87uVaRXauvNSdemM.cer
File: CnM1aPHQO4i87uVaRXauvNSdemM.cer (raw, json)
Hash identifier: FEnGenyv+4s8kgFhB4lUQCJk73vYbCmISboJKyHItik=
Subject key identifier: 0A:73:35:68:F1:D0:3B:88:BC:EE:E5:5A:45:76:AE:BC:D4:9D:7A:63
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018D22CC35DCED38580DDE1D4F4F3FBE6BBD
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.zappiehost.com/repo/HAZEL_UID_18860/3/0A733568F1D03B88BCEEE55A4576AEBCD49D7A63.mft
caRepository: rsync://rpki.zappiehost.com/repo/HAZEL_UID_18860/3/
Notify URL: https://rpki.zappiehost.com/rrdp/notification.xml
Certificate not before: Fri 19 Jan 2024 17:37:04 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 200242
Validation: Failed, certificate revoked on Sat 20 Jan 2024 19:50:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:22:cc:35:dc:ed:38:58:0d:de:1d:4f:4f:3f:be:6b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 19 17:37:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a733568f1d03b88bceee55a4576aebcd49d7a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:de:9c:d4:47:d5:6d:54:3e:b9:7a:c9:a6:f1:
2a:0c:26:97:f0:d5:1c:fc:48:79:b1:81:a5:e5:d9:
1a:f7:b7:84:12:64:b0:b6:23:62:97:1b:16:d4:68:
4e:ec:0b:cc:40:b4:41:29:cc:f2:f1:de:b0:89:e2:
27:ff:3d:8b:c5:fe:4e:7c:34:02:e0:20:42:42:61:
40:16:a2:7c:50:ae:56:e8:80:47:36:9b:b4:15:d9:
16:a4:64:ad:50:c7:4b:4c:b3:51:0c:15:6b:19:84:
4e:f4:5b:1f:72:5d:4d:88:e2:23:8f:22:bc:69:d1:
7b:4b:e3:c7:26:be:1b:4c:f4:f5:42:8c:e3:80:1f:
3c:66:03:6c:47:ec:ce:64:8b:37:dc:64:44:86:df:
0c:1e:14:68:23:75:12:78:3a:7a:04:28:d0:c6:b7:
97:ec:a4:c2:4d:7c:54:87:17:b2:c1:f8:3c:15:13:
61:10:2e:a0:bb:bc:64:51:ff:8f:cb:01:38:37:be:
6d:67:83:9e:f9:be:88:e8:6b:77:d3:62:2a:76:63:
11:5e:fe:7e:31:93:43:60:47:a6:27:f3:66:4a:1e:
2b:13:3c:ec:bd:d8:a3:f7:6d:e0:7e:07:f5:db:e7:
67:73:e7:ac:e8:f0:b3:5a:96:4c:bd:7b:07:fd:ae:
f4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:73:35:68:F1:D0:3B:88:BC:EE:E5:5A:45:76:AE:BC:D4:9D:7A:63
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.zappiehost.com/repo/HAZEL_UID_18860/3/
RPKI Manifest - URI:rsync://rpki.zappiehost.com/repo/HAZEL_UID_18860/3/0A733568F1D03B88BCEEE55A4576AEBCD49D7A63.mft
RPKI Notify - URI:https://rpki.zappiehost.com/rrdp/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200242
Signature Algorithm: sha256WithRSAEncryption
64:68:75:76:20:c4:0d:98:a4:ab:2d:89:39:19:2f:3f:41:8d:
73:78:a4:e6:0d:17:d8:38:0b:07:8a:af:bf:82:ae:da:d4:97:
c6:b4:33:20:77:cb:bc:a7:b1:4c:5d:47:b1:0e:b2:d5:8f:e1:
ce:37:b9:1e:fb:98:14:47:b4:b4:03:84:ab:8f:73:aa:57:c2:
40:ba:d2:2a:a7:65:fb:c6:25:a7:05:0c:04:19:0c:de:8e:04:
13:59:54:be:5d:14:96:73:6e:27:3f:87:9d:a5:31:42:9a:a5:
32:4d:79:9e:b2:bd:6c:7d:8b:a4:38:68:3a:e8:65:ec:e5:c4:
c6:91:cf:be:71:99:6b:3a:bf:5d:00:26:1a:8a:09:6f:30:f5:
b6:0f:43:7a:9c:62:91:40:75:b4:6e:c7:b6:de:9e:4f:95:2d:
ea:85:eb:15:15:fb:ce:60:97:cd:b0:72:9c:73:87:a3:8f:98:
b3:b9:08:42:f1:07:c6:9d:54:e0:04:c2:53:10:cc:81:2c:1b:
14:5c:75:ca:3e:8e:ac:f7:b7:36:94:cb:cd:25:7b:31:96:14:
32:33:5e:5d:8b:e8:21:3d:8b:1a:ef:97:4a:1e:d3:1d:0d:e7:
37:9d:2a:fa:eb:e1:b1:40:bf:79:a2:d3:dd:00:85:93:e8:0c:
9d:b0:40:40
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAY0izDXc7ThYDd4dT08/vmu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTE5MTczNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTczMzU2OGYxZDAzYjg4YmNlZWU1NWE0NTc2YWViY2Q0OWQ3YTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA196c1EfVbVQ+uXrJpvEqDCaX8NUc
/Eh5sYGl5dka97eEEmSwtiNilxsW1GhO7AvMQLRBKczy8d6wieIn/z2Lxf5OfDQC
4CBCQmFAFqJ8UK5W6IBHNpu0FdkWpGStUMdLTLNRDBVrGYRO9Fsfcl1NiOIjjyK8
adF7S+PHJr4bTPT1QozjgB88ZgNsR+zOZIs33GREht8MHhRoI3USeDp6BCjQxreX
7KTCTXxUhxeywfg8FRNhEC6gu7xkUf+PywE4N75tZ4Oe+b6I6Gt302IqdmMRXv5+
MZNDYEemJ/NmSh4rEzzsvdij923gfgf12+dnc+es6PCzWpZMvXsH/a708wIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFApzNWjx0DuIvO7lWkV2rrzUnXpjMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgf0GCCsGAQUFBwELBIHwMIHtMD8GCCsGAQUFBzAFhjNyc3lu
YzovL3Jwa2kuemFwcGllaG9zdC5jb20vcmVwby9IQVpFTF9VSURfMTg4NjAvMy8w
awYIKwYBBQUHMAqGX3JzeW5jOi8vcnBraS56YXBwaWVob3N0LmNvbS9yZXBvL0hB
WkVMX1VJRF8xODg2MC8zLzBBNzMzNTY4RjFEMDNCODhCQ0VFRTU1QTQ1NzZBRUJD
RDQ5RDdBNjMubWZ0MD0GCCsGAQUFBzANhjFodHRwczovL3Jwa2kuemFwcGllaG9z
dC5jb20vcnJkcC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1
d0VISUpuSEMyUUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMOMjANBgkqhkiG9w0BAQsFAAOCAQEA
ZGh1diDEDZikqy2JORkvP0GNc3ik5g0X2DgLB4qvv4Ku2tSXxrQzIHfLvKexTF1H
sQ6y1Y/hzje5HvuYFEe0tAOEq49zqlfCQLrSKqdl+8YlpwUMBBkM3o4EE1lUvl0U
lnNuJz+HnaUxQpqlMk15nrK9bH2LpDhoOuhl7OXExpHPvnGZazq/XQAmGooJbzD1
tg9DepxikUB1tG7Htt6eT5Ut6oXrFRX7zmCXzbBynHOHo4+Ys7kIQvEHxp1U4ATC
UxDMgSwbFFx1yj6OrPe3NpTLzSV7MZYUMjNeXYvoIT2LGu+XSh7THQ3nN50q+uvh
sUC/eaLT3QCFk+gMnbBAQA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:31:06 2025 by rpki-client