Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2dQdOQAKzchDYuf2jogCXPja_HM.cer
File: 2dQdOQAKzchDYuf2jogCXPja_HM.cer (raw, json)
Hash identifier: 4wOmCcHbJKIQ4qLAezCv4fdP4J+wRfcwTkkp2fYI7/o=
Subject key identifier: D9:D4:1D:39:00:0A:CD:C8:43:62:E7:F6:8E:88:02:5C:F8:DA:FC:73
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0187222C55C3E523CE2119870EA59EA8C1FB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/209/D9D41D39000ACDC84362E7F68E88025CF8DAFC73.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/209
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Mon 27 Mar 2023 08:25:43 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 109.234.79.0/24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:22:2c:55:c3:e5:23:ce:21:19:87:0e:a5:9e:a8:c1:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 27 08:25:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9d41d39000acdc84362e7f68e88025cf8dafc73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:33:60:b5:15:d0:f9:67:18:1a:f1:31:d8:28:
16:d6:2a:13:67:a8:ee:5b:ae:02:20:f4:2e:df:00:
0f:8b:58:bc:95:f0:c2:e2:d3:d5:f1:02:99:e4:58:
2b:4b:cb:58:26:bc:ad:50:a2:ea:a2:99:4c:d9:7c:
9c:bb:0f:a6:cb:a5:cf:ff:fe:72:70:d5:31:cb:52:
c3:16:19:19:a5:50:1d:af:33:ae:49:72:ab:1c:5f:
25:d8:f9:77:ba:a2:ab:c6:44:22:43:48:2f:4e:b8:
00:4f:4b:0c:53:e1:31:2e:fb:b3:93:7c:bb:85:6f:
3d:0d:a0:bd:b1:9a:46:d5:d5:af:ef:1e:5a:f7:4c:
1f:e2:5e:65:71:c4:e3:35:9f:06:a1:96:c6:33:6b:
d3:f1:78:fb:1c:1e:a9:4c:76:1b:5a:0d:65:10:33:
c9:22:a6:73:4a:e5:61:90:ce:f4:14:63:22:b8:b8:
2b:2c:55:30:35:e8:22:2c:1a:b8:a3:a4:cb:08:b9:
83:67:af:79:56:02:83:ca:d4:f3:2d:f6:c9:2a:24:
cf:72:77:4a:71:a4:0f:94:75:4f:62:2c:0c:de:80:
cd:18:40:45:aa:67:a8:0a:4e:57:0e:78:cb:5b:f9:
be:45:d6:58:eb:13:5b:a0:45:7e:86:79:0d:66:e1:
94:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D4:1D:39:00:0A:CD:C8:43:62:E7:F6:8E:88:02:5C:F8:DA:FC:73
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/209
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/209/D9D41D39000ACDC84362E7F68E88025CF8DAFC73.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.79.0/24
Signature Algorithm: sha256WithRSAEncryption
91:66:d3:22:15:ef:c0:43:0b:04:62:3a:13:c6:5a:7d:02:fe:
3c:59:5d:6b:96:a7:e3:47:50:1d:c1:f4:06:c5:b0:62:e1:6d:
60:c0:5d:f5:60:79:f6:fa:5b:21:67:d5:57:d2:e1:33:2f:52:
26:f6:36:4b:28:24:2b:41:fc:fc:46:0b:38:12:99:ef:28:38:
94:0d:eb:26:cf:10:a3:95:6a:71:ae:97:32:06:56:74:06:68:
77:97:df:76:7b:1f:2c:3a:04:56:18:2e:93:24:cd:44:27:95:
c8:97:ad:e5:57:50:a7:f7:b7:7f:8d:4d:fc:1e:09:c4:49:90:
7f:19:88:50:1f:64:5a:93:61:ee:ba:e2:8b:8d:79:62:98:7d:
c0:28:1a:97:54:a0:2e:ba:dc:3f:93:8b:94:f9:83:2b:02:b4:
c2:f2:1f:11:9a:0f:c9:f0:b3:46:35:1b:78:4e:af:c0:c6:30:
33:5d:bb:68:e3:4f:e5:8c:ac:8d:ec:32:26:34:bd:e9:37:ce:
0b:2d:33:72:14:72:1f:30:04:dc:7a:db:38:c0:24:54:c9:d1:
38:4f:55:51:02:98:94:72:94:be:9f:ee:ba:27:97:81:3b:bf:
dc:ba:f1:18:04:8b:16:95:33:2d:5c:7b:9e:cb:f5:3d:8e:81:
43:8c:7b:a4
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYciLFXD5SPOIRmHDqWeqMH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMzI3MDgyNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQ0MWQzOTAwMGFjZGM4NDM2MmU3ZjY4ZTg4MDI1Y2Y4ZGFmYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzNgtRXQ+WcYGvEx2CgW1ioTZ6ju
W64CIPQu3wAPi1i8lfDC4tPV8QKZ5FgrS8tYJrytUKLqoplM2Xycuw+my6XP//5y
cNUxy1LDFhkZpVAdrzOuSXKrHF8l2Pl3uqKrxkQiQ0gvTrgAT0sMU+ExLvuzk3y7
hW89DaC9sZpG1dWv7x5a90wf4l5lccTjNZ8GoZbGM2vT8Xj7HB6pTHYbWg1lEDPJ
IqZzSuVhkM70FGMiuLgrLFUwNegiLBq4o6TLCLmDZ695VgKDytTzLfbJKiTPcndK
caQPlHVPYiwM3oDNGEBFqmeoCk5XDnjLW/m+RdZY6xNboEV+hnkNZuGUVQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFNnUHTkACs3IQ2Ln9o6IAlz42vxzMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggFDBggrBgEFBQcBCwSCATUwggExMGAGCCsGAQUFBzAFhlRy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZlMzcw
OGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBiOTlhZi8yMDkwgY4GCCsGAQUFBzAK
hoGBcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9m
ZTM3MDhhMC02N2Q1LTRhYzItYWJjNC1hMzMyNTkwYjk5YWYvMjA5L0Q5RDQxRDM5
MDAwQUNEQzg0MzYyRTdGNjhFODgwMjVDRjhEQUZDNzMubWZ0MDwGCCsGAQUFBzAN
hjBodHRwczovL3JyZHAucGFhcy5ycGtpLnJpcGUubmV0L25vdGlmaWNhdGlvbi54
bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9z
aXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABt6k8wDQYJKoZIhvcNAQELBQADggEBAJFm0yIV78BDCwRiOhPGWn0C/jxZ
XWuWp+NHUB3B9AbFsGLhbWDAXfVgefb6WyFn1VfS4TMvUib2NksoJCtB/PxGCzgS
me8oOJQN6ybPEKOVanGulzIGVnQGaHeX33Z7Hyw6BFYYLpMkzUQnlciXreVXUKf3
t3+NTfweCcRJkH8ZiFAfZFqTYe664ouNeWKYfcAoGpdUoC663D+Ti5T5gysCtMLy
HxGaD8nws0Y1G3hOr8DGMDNdu2jjT+WMrI3sMiY0vek3zgstM3IUch8wBNx62zjA
JFTJ0ThPVVECmJRylL6f7ronl4E7v9y68RgEixaVMy1ce57L9T2OgUOMe6Q=
-----END CERTIFICATE-----
Generated at Thu Dec 21 14:28:09 2023 by rpki-client on console-fra.rpki-client.org