Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3Q_rml-gQDQeoYU0xbau1-zSoN4.cer
File: 3Q_rml-gQDQeoYU0xbau1-zSoN4.cer (raw, json)
Hash identifier: KPWh5uyLh2Fm9di9LiJWoVcP3X8X7L2GzZzoMCBFIm8=
Subject key identifier: DD:0F:EB:9A:5F:A0:40:34:1E:A1:85:34:C5:B6:AE:D7:EC:D2:A0:DE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC86F97DE2B698A216861BEFEF6F793B6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d2/6d0270-95ab-4da3-abf5-8dc0d833f54b/1/3Q_rml-gQDQeoYU0xbau1-zSoN4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d2/6d0270-95ab-4da3-abf5-8dc0d833f54b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 04:30:05 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 195.64.126.0/24
IP: 2a0d:e080::/29
Validation: Failed, certificate revoked on Thu 01 Feb 2024 13:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:97:de:2b:69:8a:21:68:61:be:fe:f6:f7:93:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 04:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd0feb9a5fa040341ea18534c5b6aed7ecd2a0de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fc:7f:cb:d9:85:ba:c1:16:c6:ab:1e:15:bc:
f9:2d:5e:5d:ea:15:1e:5e:a4:6a:bd:d5:cf:0d:30:
1e:07:4d:d4:ec:23:52:a9:ca:3b:1b:b5:1c:34:ff:
06:60:db:9d:3d:f8:e1:20:6a:22:32:fc:75:2a:cc:
16:c2:34:07:82:a5:40:49:02:a1:d1:1d:08:f7:26:
36:99:48:e2:d6:76:6c:ed:2a:69:cb:92:f0:33:60:
3e:0d:24:5e:e2:ff:4a:7d:d3:b8:83:b8:d9:e7:3e:
01:82:83:96:53:c3:9d:d3:24:f2:a2:b1:45:f5:24:
b8:ab:85:81:5d:a1:41:25:b5:3f:db:e4:3c:60:26:
38:02:27:8c:3f:25:15:ad:5e:d6:47:a0:c8:dc:10:
ef:d9:cb:70:f1:25:a0:b5:b3:70:51:61:3c:7c:6d:
53:cb:ed:d7:7a:7f:21:9e:8a:e9:b6:45:7e:ac:c0:
c2:d9:4e:c1:5f:f9:2f:2e:b0:da:e4:78:5a:72:74:
0a:48:bb:d6:b0:f5:b9:72:32:db:21:13:2c:a9:a2:
d0:c2:5d:cb:85:ff:9b:42:1b:f4:1e:5c:5d:38:52:
fd:e8:3f:11:9f:60:b9:ee:e2:74:69:fe:44:45:4b:
c8:6e:47:42:d9:b9:b7:15:b4:db:ab:12:67:e4:3c:
22:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0F:EB:9A:5F:A0:40:34:1E:A1:85:34:C5:B6:AE:D7:EC:D2:A0:DE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/6d0270-95ab-4da3-abf5-8dc0d833f54b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/6d0270-95ab-4da3-abf5-8dc0d833f54b/1/3Q_rml-gQDQeoYU0xbau1-zSoN4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.126.0/24
IPv6:
2a0d:e080::/29
Signature Algorithm: sha256WithRSAEncryption
6a:4c:e3:7f:21:9e:28:09:a1:77:0d:3b:43:26:3b:44:ba:41:
a3:86:67:f1:f2:ba:d3:70:c1:2b:39:b6:2d:4d:a9:0f:f3:e5:
ff:a9:cc:55:02:09:8e:c8:63:07:15:86:9a:4e:70:27:08:53:
68:18:a4:44:b2:ed:61:21:ae:fa:d3:0b:67:e3:d2:2b:37:e5:
44:58:5a:1d:42:cd:53:e3:6b:60:fa:0e:e2:2f:88:53:84:e7:
1f:de:90:76:81:0e:1d:48:15:20:28:7f:88:e3:47:8e:ce:de:
4d:b9:e7:04:cf:a2:07:77:4d:1e:33:dd:1f:80:eb:cd:75:52:
2b:c3:3a:30:c1:c5:07:6e:52:10:9a:44:a0:8b:09:17:68:00:
eb:08:eb:23:3f:72:be:71:da:19:e0:31:c9:95:1e:60:77:8a:
98:28:69:d9:91:e7:cb:5f:1f:69:26:be:1d:a8:e2:52:20:d7:
78:b8:66:6c:e4:b1:3a:ae:0b:c3:8f:ca:c6:01:e8:f9:f3:92:
b6:05:b9:c2:8a:86:e0:ab:79:d7:be:1c:cf:78:01:fc:2e:9a:
88:66:68:2b:b8:b5:f3:bb:42:67:a0:53:a4:22:53:14:ec:97:
a3:56:d4:ff:99:05:94:3d:14:e5:17:a3:24:fd:d0:26:de:07:
72:38:f1:6d
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzIb5feK2mKIWhhvv7295O2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBmZWI5YTVmYTA0MDM0MWVhMTg1MzRjNWI2YWVkN2VjZDJhMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fx/y9mFusEWxqseFbz5LV5d6hUe
XqRqvdXPDTAeB03U7CNSqco7G7UcNP8GYNudPfjhIGoiMvx1KswWwjQHgqVASQKh
0R0I9yY2mUji1nZs7Sppy5LwM2A+DSRe4v9KfdO4g7jZ5z4BgoOWU8Od0yTyorFF
9SS4q4WBXaFBJbU/2+Q8YCY4AieMPyUVrV7WR6DI3BDv2ctw8SWgtbNwUWE8fG1T
y+3Xen8hnorptkV+rMDC2U7BX/kvLrDa5HhacnQKSLvWsPW5cjLbIRMsqaLQwl3L
hf+bQhv0HlxdOFL96D8Rn2C57uJ0af5ERUvIbkdC2bm3FbTbqxJn5DwiqwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFN0P65pfoEA0HqGFNMW2rtfs0qDeMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QyLzZkMDI3
MC05NWFiLTRkYTMtYWJmNS04ZGMwZDgzM2Y1NGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIvNmQwMjcw
LTk1YWItNGRhMy1hYmY1LThkYzBkODMzZjU0Yi8xLzNRX3JtbC1nUURRZW9ZVTB4
YmF1MS16U29ONC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAw0B+MA0EAgACMAcDBQMqDeCAMA0GCSqGSIb3
DQEBCwUAA4IBAQBqTON/IZ4oCaF3DTtDJjtEukGjhmfx8rrTcMErObYtTakP8+X/
qcxVAgmOyGMHFYaaTnAnCFNoGKREsu1hIa760wtn49IrN+VEWFodQs1T42tg+g7i
L4hThOcf3pB2gQ4dSBUgKH+I40eOzt5NuecEz6IHd00eM90fgOvNdVIrwzowwcUH
blIQmkSgiwkXaADrCOsjP3K+cdoZ4DHJlR5gd4qYKGnZkefLXx9pJr4dqOJSINd4
uGZs5LE6rgvDj8rGAej585K2BbnCiobgq3nXvhzPeAH8LpqIZmgruLXzu0JnoFOk
IlMU7JejVtT/mQWUPRTlF6Mk/dAm3gdyOPFt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:45 2024 by rpki-client on console-ams.rpki-client.org