Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1N2w5j7d8HNp9JPsfTEBNa3-2U8.cer
File: 1N2w5j7d8HNp9JPsfTEBNa3-2U8.cer (raw, json)
Hash identifier: FL0eJN99Y0gUOyKKJ5OragjJhzbTbiNstx5IJrZOAZU=
Subject key identifier: D4:DD:B0:E6:3E:DD:F0:73:69:F4:93:EC:7D:31:01:35:AD:FE:D9:4F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC7256F32832B98A521BBF695AD1AFFE5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/be/29accb-9c66-4eaf-8396-6dac96c16bf6/1/1N2w5j7d8HNp9JPsfTEBNa3-2U8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/be/29accb-9c66-4eaf-8396-6dac96c16bf6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 22:29:28 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 217.28.132.0/24
IP: 2a12:25c0::/29
Validation: Failed, certificate revoked on Tue 16 Apr 2024 15:04:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:6f:32:83:2b:98:a5:21:bb:f6:95:ad:1a:ff:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4ddb0e63eddf07369f493ec7d310135adfed94f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ba:8d:9a:74:87:19:29:be:82:ba:2e:11:59:
c6:7e:15:53:09:10:11:41:1f:7b:9a:b9:48:9d:7d:
c4:30:d8:ab:f2:70:41:d4:6b:26:c4:a6:91:25:7a:
93:44:fb:26:f8:b6:b2:07:f4:dc:76:45:91:36:05:
ec:71:b8:42:11:3b:f3:bc:35:bc:9a:f2:f4:0c:aa:
85:42:7c:2e:17:5d:e0:24:84:a2:b1:af:fe:77:1e:
f5:6a:0f:7b:18:b6:0e:f8:2d:e2:a5:cb:03:6e:9f:
a9:14:e1:2f:c4:bf:be:2a:cc:c6:ad:67:94:9f:b0:
c0:f2:7e:30:e3:24:af:f1:eb:4a:a1:cf:16:9c:d5:
2e:ec:cc:86:ea:ea:9e:b7:8d:c7:c0:32:7f:b7:b0:
81:76:f9:34:7e:69:89:32:b3:1a:ae:cc:40:f0:a2:
7f:fd:e6:21:18:72:0f:7b:74:40:99:02:dc:f6:16:
b4:a5:2f:ba:0d:29:90:ea:19:49:65:78:57:08:5c:
55:5a:c9:b7:48:7f:58:25:21:17:cd:5e:48:30:eb:
55:fe:f8:ee:30:63:e6:f3:97:d5:06:63:fc:c0:48:
28:58:b0:45:86:73:aa:f1:8b:6a:3d:12:e4:64:9b:
20:b2:04:e0:02:62:22:11:9a:b3:a4:b5:5c:68:14:
63:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:DD:B0:E6:3E:DD:F0:73:69:F4:93:EC:7D:31:01:35:AD:FE:D9:4F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/29accb-9c66-4eaf-8396-6dac96c16bf6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/29accb-9c66-4eaf-8396-6dac96c16bf6/1/1N2w5j7d8HNp9JPsfTEBNa3-2U8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.132.0/24
IPv6:
2a12:25c0::/29
Signature Algorithm: sha256WithRSAEncryption
74:17:5c:c5:4b:c0:46:69:a0:d7:cd:c9:b4:7d:f2:3f:e1:d6:
51:13:5b:f4:3f:9d:3a:19:4d:4d:6e:28:35:a0:b7:43:cb:bf:
c1:54:21:61:77:1b:40:28:ba:d5:b5:32:3b:49:a9:c9:7c:ad:
64:ce:1a:99:8f:2a:98:b5:5b:e4:e7:64:2c:b6:2f:12:24:d0:
8c:5f:da:43:ae:f7:a7:5a:11:d6:c4:d9:49:c6:df:33:d8:3e:
a5:97:f1:fe:d8:86:50:0a:a9:ea:de:35:4d:90:f5:28:53:83:
27:e1:0e:2f:b0:a2:23:00:fe:e7:e8:97:2e:55:e4:34:d0:30:
0b:ce:8b:f6:57:5e:64:9b:3f:bb:7c:07:d2:a2:55:f6:58:c4:
01:5e:30:b9:2e:3f:58:17:25:1e:fa:55:1f:5b:93:50:52:57:
8a:84:ba:d9:eb:a2:6d:91:ac:67:0c:f1:0b:72:32:f8:10:72:
59:24:3a:25:60:d9:ce:30:e6:c0:65:a8:57:39:28:7a:24:60:
54:01:6f:f2:e6:c0:dd:23:35:61:5a:e7:6f:b9:31:ba:09:3b:
56:3d:32:7a:fb:32:11:b8:6e:e6:15:3b:17:2b:bf:98:78:37:
48:b8:0e:17:42:ef:7e:e0:d3:24:37:94:cb:a4:32:29:74:f5:
5d:dd:99:5c
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzHJW8ygyuYpSG79pWtGv/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGRkYjBlNjNlZGRmMDczNjlmNDkzZWM3ZDMxMDEzNWFkZmVkOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLqNmnSHGSm+grouEVnGfhVTCRAR
QR97mrlInX3EMNir8nBB1GsmxKaRJXqTRPsm+LayB/TcdkWRNgXscbhCETvzvDW8
mvL0DKqFQnwuF13gJISisa/+dx71ag97GLYO+C3ipcsDbp+pFOEvxL++KszGrWeU
n7DA8n4w4ySv8etKoc8WnNUu7MyG6uqet43HwDJ/t7CBdvk0fmmJMrMarsxA8KJ/
/eYhGHIPe3RAmQLc9ha0pS+6DSmQ6hlJZXhXCFxVWsm3SH9YJSEXzV5IMOtV/vju
MGPm85fVBmP8wEgoWLBFhnOq8YtqPRLkZJsgsgTgAmIiEZqzpLVcaBRj7wIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFNTdsOY+3fBzafST7H0xATWt/tlPMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JlLzI5YWNj
Yi05YzY2LTRlYWYtODM5Ni02ZGFjOTZjMTZiZjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUvMjlhY2Ni
LTljNjYtNGVhZi04Mzk2LTZkYWM5NmMxNmJmNi8xLzFOMnc1ajdkOEhOcDlKUHNm
VEVCTmEzLTJVOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQA2RyEMA0EAgACMAcDBQMqEiXAMA0GCSqGSIb3
DQEBCwUAA4IBAQB0F1zFS8BGaaDXzcm0ffI/4dZRE1v0P506GU1Nbig1oLdDy7/B
VCFhdxtAKLrVtTI7SanJfK1kzhqZjyqYtVvk52Qsti8SJNCMX9pDrvenWhHWxNlJ
xt8z2D6ll/H+2IZQCqnq3jVNkPUoU4Mn4Q4vsKIjAP7n6JcuVeQ00DALzov2V15k
mz+7fAfSolX2WMQBXjC5Lj9YFyUe+lUfW5NQUleKhLrZ66JtkaxnDPELcjL4EHJZ
JDolYNnOMObAZahXOSh6JGBUAW/y5sDdIzVhWudvuTG6CTtWPTJ6+zIRuG7mFTsX
K7+YeDdIuA4XQu9+4NMkN5TLpDIpdPVd3Zlc
-----END CERTIFICATE-----
Generated at Tue Apr 16 19:31:14 2024 by rpki-client on console-ams.rpki-client.org