Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3SqaR157l-G-_Pzkc8cqCOtHHBo.cer
File: 3SqaR157l-G-_Pzkc8cqCOtHHBo.cer (raw, json)
Hash identifier: Cc6GymbPFN/nxTisGuZaLCpPT/qcdvuwbwc61IYvFgc=
Subject key identifier: DD:2A:9A:47:5E:7B:97:E1:BE:FC:FC:E4:73:C7:2A:08:EB:47:1C:1A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0187222C7C840F34CA721D568F6B5FC097C1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/108/DD2A9A475E7B97E1BEFCFCE473C72A08EB471C1A.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/108
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Mon 27 Mar 2023 08:25:53 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 2.56.236.0/22
IP: 2.59.156.0/22
IP: 5.181.204.0/22
IP: 45.8.164.0/22
IP: 45.11.80.0/22
IP: 45.14.192.0/22
IP: 45.85.248.0/22
IP: 45.88.220.0/22
IP: 45.93.52.0/22
IP: 45.134.188.0/22
IP: 45.138.204.0/22
IP: 91.229.244.0/23
IP: 91.230.110.0/23
IP: 92.118.48.0/22
IP: 193.5.151.0/24
IP: 2a09:a6c0::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:22:2c:7c:84:0f:34:ca:72:1d:56:8f:6b:5f:c0:97:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 27 08:25:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd2a9a475e7b97e1befcfce473c72a08eb471c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ef:ed:9a:1e:ef:0c:1c:e2:b1:ba:14:73:95:
a8:9d:fc:f1:c9:50:10:de:bb:66:05:9a:39:7f:5b:
9d:a5:a4:5a:dc:06:bc:6a:b8:58:1d:b0:00:b6:a4:
86:a8:22:81:d0:dd:d7:ae:54:af:32:d3:30:3a:6d:
b1:d2:1f:af:e1:5b:34:54:7b:a5:c0:1d:d8:a3:36:
1b:2b:11:b4:09:39:64:40:1d:2a:a8:15:94:e3:65:
d8:a2:00:c5:73:9d:14:18:0f:15:4d:71:6c:24:4d:
5c:02:36:b6:e2:dd:94:d8:c1:ba:10:df:75:23:ed:
35:d1:18:a0:a9:16:0a:08:ab:1e:ca:8d:59:12:8c:
51:42:4c:f9:7a:de:38:34:74:ba:65:f5:ce:06:20:
e7:e4:82:55:fa:1e:49:e6:69:1d:28:95:f1:0f:81:
68:1a:a0:af:ed:44:3c:8a:2f:bd:9d:20:cc:6d:3c:
89:83:b9:65:41:7d:81:26:34:07:33:d6:70:c1:8e:
bb:d9:d1:95:fa:89:1b:bb:c1:7e:10:06:24:2f:07:
67:36:fc:26:70:b5:c8:78:8f:2d:d7:24:3d:2c:99:
2f:cf:1f:2b:aa:78:30:ca:69:38:dc:40:4d:90:75:
11:c9:c6:2f:4c:e3:56:e0:cb:a5:6a:96:31:49:f8:
c8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2A:9A:47:5E:7B:97:E1:BE:FC:FC:E4:73:C7:2A:08:EB:47:1C:1A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/108
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/108/DD2A9A475E7B97E1BEFCFCE473C72A08EB471C1A.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.236.0/22
2.59.156.0/22
5.181.204.0/22
45.8.164.0/22
45.11.80.0/22
45.14.192.0/22
45.85.248.0/22
45.88.220.0/22
45.93.52.0/22
45.134.188.0/22
45.138.204.0/22
91.229.244.0/23
91.230.110.0/23
92.118.48.0/22
193.5.151.0/24
IPv6:
2a09:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
58:0e:33:59:e2:3f:28:32:c1:27:30:9d:42:e8:d0:13:8e:3f:
31:67:e2:dc:97:ad:85:fc:63:90:f5:72:f0:0f:35:0c:68:b4:
fc:d7:1d:db:d2:5f:22:51:6c:ec:55:21:2e:4e:94:24:b7:fd:
20:c7:85:86:05:b2:00:5a:9d:af:4d:2c:fe:e3:47:84:8d:ee:
7f:47:ab:ef:68:bf:f5:4a:22:f2:aa:2d:10:f7:29:fc:32:a3:
5c:42:44:60:0b:83:82:74:27:1d:01:0a:47:1f:44:bf:9b:a8:
c5:86:5b:ca:6a:d5:d5:b7:65:e1:65:af:16:78:2c:e6:87:11:
57:ea:e6:cd:85:b0:8f:a2:4b:f4:f2:58:72:9d:10:a3:b0:00:
0f:dc:35:06:20:85:a4:a5:63:24:49:cc:82:3b:6f:b8:48:47:
a5:e2:ed:ce:fc:33:f2:79:70:62:62:b7:03:1e:83:f0:bd:34:
53:f7:37:e3:05:63:18:4e:a8:20:fe:ac:9c:f8:00:94:c2:85:
be:16:4d:7e:1f:e6:a5:c4:c1:12:ba:42:ed:ac:37:23:b0:6c:
a6:83:dd:3f:0e:a5:49:01:fa:19:5e:5b:d3:29:2c:e6:31:8b:
e8:2d:de:bc:8b:77:54:34:34:4c:bf:c5:c9:6f:1b:3c:8d:aa:
6d:cb:96:0d
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAYciLHyEDzTKch1Wj2tfwJfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMzI3MDgyNTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDJhOWE0NzVlN2I5N2UxYmVmY2ZjZTQ3M2M3MmEwOGViNDcxYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+/tmh7vDBzisboUc5WonfzxyVAQ
3rtmBZo5f1udpaRa3Aa8arhYHbAAtqSGqCKB0N3XrlSvMtMwOm2x0h+v4Vs0VHul
wB3YozYbKxG0CTlkQB0qqBWU42XYogDFc50UGA8VTXFsJE1cAja24t2U2MG6EN91
I+010RigqRYKCKseyo1ZEoxRQkz5et44NHS6ZfXOBiDn5IJV+h5J5mkdKJXxD4Fo
GqCv7UQ8ii+9nSDMbTyJg7llQX2BJjQHM9ZwwY672dGV+okbu8F+EAYkLwdnNvwm
cLXIeI8t1yQ9LJkvzx8rqngwymk43EBNkHURycYvTONW4MulapYxSfjIjwIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFN0qmkdee5fhvvz85HPHKgjrRxwaMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggFDBggrBgEFBQcBCwSCATUwggExMGAGCCsGAQUFBzAFhlRy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZlMzcw
OGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBiOTlhZi8xMDgwgY4GCCsGAQUFBzAK
hoGBcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9m
ZTM3MDhhMC02N2Q1LTRhYzItYWJjNC1hMzMyNTkwYjk5YWYvMTA4L0REMkE5QTQ3
NUU3Qjk3RTFCRUZDRkNFNDczQzcyQTA4RUI0NzFDMUEubWZ0MDwGCCsGAQUFBzAN
hjBodHRwczovL3JyZHAucGFhcy5ycGtpLnJpcGUubmV0L25vdGlmaWNhdGlvbi54
bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9z
aXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgYIGCCsGAQUFBwEHAQH/BHMwcTBgBAIA
ATBaAwQCAjjsAwQCAjucAwQCBbXMAwQCLQikAwQCLQtQAwQCLQ7AAwQCLVX4AwQC
LVjcAwQCLV00AwQCLYa8AwQCLYrMAwQBW+X0AwQBW+ZuAwQCXHYwAwQAwQWXMA0E
AgACMAcDBQMqCabAMA0GCSqGSIb3DQEBCwUAA4IBAQBYDjNZ4j8oMsEnMJ1C6NAT
jj8xZ+Lcl62F/GOQ9XLwDzUMaLT81x3b0l8iUWzsVSEuTpQkt/0gx4WGBbIAWp2v
TSz+40eEje5/R6vvaL/1SiLyqi0Q9yn8MqNcQkRgC4OCdCcdAQpHH0S/m6jFhlvK
atXVt2XhZa8WeCzmhxFX6ubNhbCPokv08lhynRCjsAAP3DUGIIWkpWMkScyCO2+4
SEel4u3O/DPyeXBiYrcDHoPwvTRT9zfjBWMYTqgg/qyc+ACUwoW+Fk1+H+alxMES
ukLtrDcjsGymg90/DqVJAfoZXlvTKSzmMYvoLd68i3dUNDRMv8XJbxs8japty5YN
-----END CERTIFICATE-----
Generated at Wed Sep 27 12:48:16 2023 by rpki-client on console-ams.rpki-client.org