Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3yKkq7kzn2XoH4cfxFSZX1vyoBY.cer
File: 3yKkq7kzn2XoH4cfxFSZX1vyoBY.cer (raw, json)
Hash identifier: LOgtlS0eRK09kRM+sLNRflTNmZxzY7tfsb9VUbvYhi8=
Subject key identifier: DF:22:A4:AB:B9:33:9F:65:E8:1F:87:1F:C4:54:99:5F:5B:F2:A0:16
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0186930863FF806AE0098D9BB4C5B046FA5E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/73/3363c0-63cc-4588-a03b-fdd081e779de/1/3yKkq7kzn2XoH4cfxFSZX1vyoBY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/73/3363c0-63cc-4588-a03b-fdd081e779de/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 27 Feb 2023 13:20:46 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 212.6.63.0/24
Validation: Failed, certificate revoked on Wed 16 Aug 2023 08:28:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:08:63:ff:80:6a:e0:09:8d:9b:b4:c5:b0:46:fa:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 27 13:20:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df22a4abb9339f65e81f871fc454995f5bf2a016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:91:0a:f3:09:da:b4:e0:c6:40:1f:d7:00:a4:
40:be:5a:0f:5b:52:8a:97:09:30:08:62:58:6a:c0:
8c:57:07:b9:f7:92:1c:04:0d:6a:59:33:77:70:3f:
28:9d:e5:20:de:ba:49:f1:a2:ee:9e:15:81:2e:48:
74:80:a2:04:73:6c:67:ec:62:c2:29:3e:45:44:20:
3c:7f:c9:d4:00:8d:24:fc:96:6e:08:8e:ab:21:6d:
d4:b2:cd:f2:ee:f5:52:bd:1f:b3:2d:8d:e0:e9:e5:
07:06:c0:46:89:80:1e:df:66:d7:c8:8b:bb:76:0f:
05:66:8b:fe:f2:5d:90:be:93:ea:46:3f:1f:ae:c9:
a4:33:e3:07:cb:bb:fe:13:1d:ee:d9:75:ea:65:0c:
2c:50:c8:41:8d:21:69:ab:36:ad:ef:5b:ab:07:60:
8e:59:94:61:8a:30:4d:c9:d0:7a:70:86:e2:74:63:
cf:f1:13:7c:01:bd:5a:05:06:75:96:a1:5b:f6:22:
78:64:bb:c3:d5:5f:f6:c2:ae:00:2a:3b:b0:ee:dc:
51:65:a6:ae:1f:8e:9f:ac:f0:97:8f:41:47:21:eb:
40:db:f7:c7:fc:77:02:7c:9a:6f:23:24:c8:aa:04:
23:15:2e:f2:95:35:38:ef:91:81:b6:ec:74:d8:a3:
e4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:22:A4:AB:B9:33:9F:65:E8:1F:87:1F:C4:54:99:5F:5B:F2:A0:16
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3363c0-63cc-4588-a03b-fdd081e779de/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3363c0-63cc-4588-a03b-fdd081e779de/1/3yKkq7kzn2XoH4cfxFSZX1vyoBY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.6.63.0/24
Signature Algorithm: sha256WithRSAEncryption
30:ca:d0:6c:83:73:7e:b0:e9:b0:d4:87:b5:ae:fc:cc:13:67:
01:67:9c:70:2e:96:15:1b:61:b9:2d:bf:81:19:cb:31:49:e1:
70:e6:db:81:f5:4d:8f:21:7c:b4:9f:78:0f:36:a3:9c:d9:c7:
fa:57:68:81:b3:7c:a2:df:38:d6:7f:c3:de:82:f9:77:15:e6:
1d:43:9b:34:c4:09:a1:07:61:e3:4d:7d:ba:e4:77:7d:cc:d1:
59:28:1d:00:ce:eb:28:29:c5:a8:37:47:9c:1b:ed:e2:8d:eb:
9f:f1:1b:97:48:59:1a:ff:10:69:15:53:00:87:d9:02:49:c2:
84:83:af:91:3e:6d:44:47:a8:a9:41:12:83:7a:8e:9c:6e:50:
dd:96:45:94:d9:07:86:ae:4c:18:c2:90:9f:c6:09:77:47:c0:
b2:a4:10:41:60:82:8f:f6:51:99:c8:fb:73:e3:d6:9f:d2:2a:
a5:c0:ce:61:04:02:75:22:92:58:8f:e1:99:5e:34:86:dc:09:
93:6b:e7:7b:c0:5c:7c:27:9e:f8:a5:85:91:5d:58:dc:b3:ed:
41:e5:89:80:79:37:90:95:3d:47:8a:15:a4:aa:b0:0e:26:e3:
78:49:a0:cf:d7:bc:ad:ac:80:43:5d:20:87:5e:7d:c6:47:2b:
1f:77:d9:c3
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYaTCGP/gGrgCY2btMWwRvpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMjI3MTMyMDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjIyYTRhYmI5MzM5ZjY1ZTgxZjg3MWZjNDU0OTk1ZjViZjJhMDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZEK8wnatODGQB/XAKRAvloPW1KK
lwkwCGJYasCMVwe595IcBA1qWTN3cD8oneUg3rpJ8aLunhWBLkh0gKIEc2xn7GLC
KT5FRCA8f8nUAI0k/JZuCI6rIW3Uss3y7vVSvR+zLY3g6eUHBsBGiYAe32bXyIu7
dg8FZov+8l2QvpPqRj8frsmkM+MHy7v+Ex3u2XXqZQwsUMhBjSFpqzat71urB2CO
WZRhijBNydB6cIbidGPP8RN8Ab1aBQZ1lqFb9iJ4ZLvD1V/2wq4AKjuw7txRZaau
H46frPCXj0FHIetA2/fH/HcCfJpvIyTIqgQjFS7ylTU475GBtux02KPkDwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFN8ipKu5M59l6B+HH8RUmV9b8qAWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzczLzMzNjNj
MC02M2NjLTQ1ODgtYTAzYi1mZGQwODFlNzc5ZGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMvMzM2M2Mw
LTYzY2MtNDU4OC1hMDNiLWZkZDA4MWU3NzlkZS8xLzN5S2txN2t6bjJYb0g0Y2Z4
RlNaWDF2eW9CWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQA1AY/MA0GCSqGSIb3DQEBCwUAA4IBAQAwytBs
g3N+sOmw1Ie1rvzME2cBZ5xwLpYVG2G5Lb+BGcsxSeFw5tuB9U2PIXy0n3gPNqOc
2cf6V2iBs3yi3zjWf8Pegvl3FeYdQ5s0xAmhB2HjTX265Hd9zNFZKB0AzusoKcWo
N0ecG+3ijeuf8RuXSFka/xBpFVMAh9kCScKEg6+RPm1ER6ipQRKDeo6cblDdlkWU
2QeGrkwYwpCfxgl3R8CypBBBYIKP9lGZyPtz49af0iqlwM5hBAJ1IpJYj+GZXjSG
3AmTa+d7wFx8J574pYWRXVjcs+1B5YmAeTeQlT1HihWkqrAOJuN4SaDP17ytrIBD
XSCHXn3GRysfd9nD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:49 2024 by rpki-client on console-ams.rpki-client.org