Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1OcWO-4eGkF8rWZYK05ygTCR-Ts.cer
File: 1OcWO-4eGkF8rWZYK05ygTCR-Ts.cer (raw, json)
Hash identifier: RXf4XQul5ZXhne1GwAj8AKVdfebloXsT3HQdqeBTZjY=
Subject key identifier: D4:E7:16:3B:EE:1E:1A:41:7C:AD:66:58:2B:4E:72:81:30:91:F9:3B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018EEC029D53B2F65CAF5853C8CDA1DF63FB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/3/D4E7163BEE1E1A417CAD66582B4E72813091F93B.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/3/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Wed 17 Apr 2024 12:22:58 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 215086
Validation: Failed, certificate revoked on Fri 24 May 2024 13:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:02:9d:53:b2:f6:5c:af:58:53:c8:cd:a1:df:63:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 17 12:22:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4e7163bee1e1a417cad66582b4e72813091f93b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:28:83:5a:49:5e:cf:f7:c7:f9:39:7d:96:d7:
28:1e:71:fd:de:f4:3d:d4:b5:3c:d7:0b:4c:2f:09:
c4:33:33:ed:c9:19:7c:a5:2a:35:74:d3:91:a6:26:
f7:5c:66:c1:41:b1:b6:d1:8d:e8:5c:ed:89:c3:56:
68:f9:a3:24:3b:2a:d1:d0:17:5d:4e:25:57:f3:36:
32:6e:80:80:aa:78:02:f7:2e:f0:44:e7:72:66:fa:
b0:7b:fb:2c:2b:0b:de:f4:00:6f:3e:ee:12:16:91:
72:76:29:cd:32:c5:0b:f5:be:f4:7d:56:a9:80:4e:
1a:ee:85:36:87:2c:5e:ff:22:d4:7d:64:2f:3b:82:
87:22:cb:47:e8:26:88:9e:21:03:04:da:af:40:ac:
b1:49:1b:72:77:06:a0:98:ac:90:4b:56:45:36:4d:
40:e7:c2:05:74:1c:ac:54:4c:35:ec:95:96:19:2f:
d6:94:f1:3e:21:a2:24:a7:83:5d:70:c8:ab:c2:02:
7c:ef:57:04:a5:59:4d:0a:26:18:b7:30:e2:c0:12:
07:d3:f6:10:a9:8e:d5:be:bb:e8:88:74:bc:a9:cb:
f6:c6:aa:59:33:e4:69:ca:f3:d6:fa:79:56:01:4d:
45:c6:99:51:de:fb:b5:c6:24:45:99:a4:62:4c:fe:
21:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E7:16:3B:EE:1E:1A:41:7C:AD:66:58:2B:4E:72:81:30:91:F9:3B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/3/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/3/D4E7163BEE1E1A417CAD66582B4E72813091F93B.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
215086
Signature Algorithm: sha256WithRSAEncryption
30:dc:d4:23:34:44:3c:47:fe:e4:7a:a6:c4:af:dd:f5:86:b5:
b1:58:54:e6:66:72:5c:e6:1e:09:79:e0:6e:02:fc:e5:07:12:
e1:1a:57:28:74:d5:79:db:3d:e2:2e:03:ad:8c:49:de:5c:b5:
6b:a8:22:29:64:a1:37:88:f6:e6:c4:8b:b3:74:b7:49:9a:77:
46:ed:7b:bc:e7:4c:9b:ae:ed:2c:a0:d2:bb:81:64:e1:2f:de:
cf:13:0f:fc:6b:df:47:75:f5:fe:b6:17:26:c1:6a:35:cc:8d:
96:8b:41:29:1a:50:5c:9e:00:71:98:ed:1a:55:43:56:d0:ab:
a7:29:06:d7:25:d1:ff:68:39:4d:e9:bd:ca:40:ce:26:9c:53:
d6:d2:50:f1:fd:07:39:7a:10:fa:4c:8e:59:07:95:8a:ab:7b:
f4:d4:4e:07:da:a4:24:6f:52:38:a1:c5:71:9e:7c:82:c2:35:
3c:16:79:57:98:8f:cc:2b:63:35:c3:d9:71:1c:2d:c4:69:08:
07:50:7f:18:8f:c4:54:a9:dc:42:82:a8:3d:f7:91:46:c4:82:
2c:3b:24:d5:6f:7f:d4:f0:13:81:2d:1c:18:2b:bc:c0:8e:bc:
82:d0:de:ff:e2:02:33:47:0e:5a:db:d2:3d:59:23:f2:42:8e:
83:8b:46:05
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAY7sAp1TsvZcr1hTyM2h32P7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNDE3MTIyMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGU3MTYzYmVlMWUxYTQxN2NhZDY2NTgyYjRlNzI4MTMwOTFmOTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCiDWklez/fH+Tl9ltcoHnH93vQ9
1LU81wtMLwnEMzPtyRl8pSo1dNORpib3XGbBQbG20Y3oXO2Jw1Zo+aMkOyrR0Bdd
TiVX8zYyboCAqngC9y7wROdyZvqwe/ssKwve9ABvPu4SFpFydinNMsUL9b70fVap
gE4a7oU2hyxe/yLUfWQvO4KHIstH6CaIniEDBNqvQKyxSRtydwagmKyQS1ZFNk1A
58IFdBysVEw17JWWGS/WlPE+IaIkp4NdcMirwgJ871cEpVlNCiYYtzDiwBIH0/YQ
qY7VvrvoiHS8qcv2xqpZM+RpyvPW+nlWAU1FxplR3vu1xiRFmaRiTP4hrQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFNTnFjvuHhpBfK1mWCtOcoEwkfk7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzQ5MWE0
M2JjLTc2ZWMtNGFiZS1iYTdkLWU3M2U5MGQ2NjJjYi8zLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDkx
YTQzYmMtNzZlYy00YWJlLWJhN2QtZTczZTkwZDY2MmNiLzMvRDRFNzE2M0JFRTFF
MUE0MTdDQUQ2NjU4MkI0RTcyODEzMDkxRjkzQi5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDSC4w
DQYJKoZIhvcNAQELBQADggEBADDc1CM0RDxH/uR6psSv3fWGtbFYVOZmclzmHgl5
4G4C/OUHEuEaVyh01XnbPeIuA62MSd5ctWuoIilkoTeI9ubEi7N0t0mad0bte7zn
TJuu7Syg0ruBZOEv3s8TD/xr30d19f62FybBajXMjZaLQSkaUFyeAHGY7RpVQ1bQ
q6cpBtcl0f9oOU3pvcpAziacU9bSUPH9Bzl6EPpMjlkHlYqre/TUTgfapCRvUjih
xXGefILCNTwWeVeYj8wrYzXD2XEcLcRpCAdQfxiPxFSp3EKCqD33kUbEgiw7JNVv
f9TwE4EtHBgrvMCOvILQ3v/iAjNHDlrb0j1ZI/JCjoOLRgU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:29 2024 by rpki-client on console-ams.rpki-client.org