Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0kxlbNkq7wWWnVr2CWvg35isw3A.cer
File: 0kxlbNkq7wWWnVr2CWvg35isw3A.cer (raw, json)
Hash identifier: cj6pGGt8SO3wlpJh+x9Wij8NtXokt0EHMAENQFc4tfo=
Subject key identifier: D2:4C:65:6C:D9:2A:EF:05:96:9D:5A:F6:09:6B:E0:DF:98:AC:C3:70
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856AF4F976F216C3725A2190E6986671BE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/18/7a109c-b418-41f1-b119-7dec6ba79218/1/0kxlbNkq7wWWnVr2CWvg35isw3A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/18/7a109c-b418-41f1-b119-7dec6ba79218/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 01:31:57 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 193.3.22.0/24
IP: 2a11:1740::/29
Validation: Failed, certificate revoked on Thu 14 Sep 2023 13:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:f4:f9:76:f2:16:c3:72:5a:21:90:e6:98:66:71:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:31:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d24c656cd92aef05969d5af6096be0df98acc370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2a:a3:00:27:55:30:13:b1:05:f5:e3:d5:fe:
14:75:4d:5b:f6:08:30:9f:c2:7c:a3:e8:da:47:f8:
e0:ea:0b:3d:53:60:e4:b5:13:e8:66:8a:0d:ad:09:
8d:a5:9f:f4:97:38:29:3d:f8:e9:58:fb:a2:de:42:
72:7e:bf:fb:fe:7b:4a:dc:76:b6:cd:db:10:1a:2a:
a7:ce:1a:0b:be:0c:91:b2:8d:0d:6e:0e:73:87:f2:
d9:6e:15:0c:4a:4f:41:ed:f9:c9:41:00:e9:e2:5a:
88:9c:d4:5a:3c:a9:24:24:f3:e6:86:fc:8e:1f:64:
e6:63:ab:66:7a:ef:44:47:ff:26:7f:5b:83:88:cf:
5a:76:a8:94:41:41:e9:5c:22:1a:7e:6e:7c:9c:d6:
3d:fc:77:2a:c4:7f:f7:c3:bc:24:db:76:28:50:93:
53:33:f5:65:88:8e:40:d2:a5:a4:b4:c9:73:58:bc:
83:41:f6:6d:85:ac:6e:4d:83:32:e4:ca:ab:6e:00:
30:75:71:37:d2:9a:2f:32:45:83:2d:55:95:ed:e8:
fd:74:9e:5f:35:f0:35:8a:cb:4d:89:de:8c:a1:7a:
9f:7d:11:6c:47:60:19:eb:14:d5:8f:2b:bb:e5:c0:
5d:cf:aa:bd:6e:84:30:41:73:0c:1e:e7:68:68:9a:
bd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:4C:65:6C:D9:2A:EF:05:96:9D:5A:F6:09:6B:E0:DF:98:AC:C3:70
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/7a109c-b418-41f1-b119-7dec6ba79218/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/7a109c-b418-41f1-b119-7dec6ba79218/1/0kxlbNkq7wWWnVr2CWvg35isw3A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.22.0/24
IPv6:
2a11:1740::/29
Signature Algorithm: sha256WithRSAEncryption
0c:71:07:89:a5:fc:78:ab:cd:97:2e:d1:5d:a0:1b:b8:ca:54:
26:4e:58:db:36:69:b1:6f:54:5d:20:dc:b0:78:fa:63:1c:19:
b1:02:04:c9:64:89:38:ef:93:bb:11:b4:3d:bd:89:93:9b:85:
8c:d3:53:5f:ba:d0:0a:1b:33:c8:17:b6:bf:8e:ea:a2:eb:e5:
52:67:2f:77:66:7d:77:49:a5:30:26:c0:54:d2:59:b9:88:0c:
48:6c:e1:d0:8b:ec:0e:12:8d:6a:ae:ae:47:38:bc:59:79:a6:
02:fc:14:77:2d:22:5b:96:a7:9f:8e:11:9f:40:ff:ae:f0:54:
e3:b3:c1:0e:70:2f:5a:a6:4d:95:ed:44:e1:1b:0d:22:3c:d1:
80:89:b6:f9:d5:6b:37:ab:d5:89:65:0e:1c:95:30:e3:05:b4:
e4:a5:a8:73:f8:a3:13:13:fb:30:4f:2b:9f:4e:c8:29:76:ad:
19:eb:c3:69:b5:24:76:5b:39:ed:aa:b8:f2:f6:ce:2d:4c:e8:
f7:db:3f:3e:91:e1:42:a2:bd:48:73:d5:a0:53:25:50:87:6f:
7b:df:05:69:00:01:17:4d:83:dd:ac:1f:7f:a6:5c:ac:05:d9:
fb:ff:17:9f:a4:07:84:8c:40:a9:8e:10:13:e5:a0:7a:19:0e:
5a:4c:a7:2c
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVq9Pl28hbDclohkOaYZnG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDEzMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjRjNjU2Y2Q5MmFlZjA1OTY5ZDVhZjYwOTZiZTBkZjk4YWNjMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCqjACdVMBOxBfXj1f4UdU1b9ggw
n8J8o+jaR/jg6gs9U2DktRPoZooNrQmNpZ/0lzgpPfjpWPui3kJyfr/7/ntK3Ha2
zdsQGiqnzhoLvgyRso0Nbg5zh/LZbhUMSk9B7fnJQQDp4lqInNRaPKkkJPPmhvyO
H2TmY6tmeu9ER/8mf1uDiM9adqiUQUHpXCIafm58nNY9/HcqxH/3w7wk23YoUJNT
M/VliI5A0qWktMlzWLyDQfZthaxuTYMy5MqrbgAwdXE30povMkWDLVWV7ej9dJ5f
NfA1istNid6MoXqffRFsR2AZ6xTVjyu75cBdz6q9boQwQXMMHudoaJq9qQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFNJMZWzZKu8Flp1a9glr4N+YrMNwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE4LzdhMTA5
Yy1iNDE4LTQxZjEtYjExOS03ZGVjNmJhNzkyMTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvN2ExMDlj
LWI0MTgtNDFmMS1iMTE5LTdkZWM2YmE3OTIxOC8xLzBreGxiTmtxN3dXV25WcjJD
V3ZnMzVpc3czQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwQMWMA0EAgACMAcDBQMqERdAMA0GCSqGSIb3
DQEBCwUAA4IBAQAMcQeJpfx4q82XLtFdoBu4ylQmTljbNmmxb1RdINywePpjHBmx
AgTJZIk475O7EbQ9vYmTm4WM01NfutAKGzPIF7a/juqi6+VSZy93Zn13SaUwJsBU
0lm5iAxIbOHQi+wOEo1qrq5HOLxZeaYC/BR3LSJblqefjhGfQP+u8FTjs8EOcC9a
pk2V7UThGw0iPNGAibb51Ws3q9WJZQ4clTDjBbTkpahz+KMTE/swTyufTsgpdq0Z
68NptSR2Wzntqrjy9s4tTOj32z8+keFCor1Ic9WgUyVQh2973wVpAAEXTYPdrB9/
plysBdn7/xefpAeEjECpjhAT5aB6GQ5aTKcs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:25 2024 by rpki-client on console-ams.rpki-client.org