Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42o8vLZjXRQPaUsM2Z0c1iRW3i4.cer
File: 42o8vLZjXRQPaUsM2Z0c1iRW3i4.cer (raw, json)
Hash identifier: KRkajdJaLvQA54C9Z0ToBCb1D9eBdANd4917wvMzWUM=
Subject key identifier: E3:6A:3C:BC:B6:63:5D:14:0F:69:4B:0C:D9:9D:1C:D6:24:56:DE:2E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018C2F8BF4C6933E6E0502B90E56DCB488D0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.rp.ki/repo/misakaio/2/E36A3CBCB6635D140F694B0CD99D1CD62456DE2E.mft
caRepository: rsync://rsync.rp.ki/repo/misakaio/2/
Notify URL: https://rrdp.rp.ki/notification.xml
Certificate not before: Sun 03 Dec 2023 11:59:10 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 35487
AS: 47553
AS: 48386
AS: 50069
AS: 57578
AS: 57695
AS: 58313
AS: 58342
IP: 45.11.104.0/22
IP: 45.131.68.0/22
IP: 45.142.244.0/22
IP: 45.150.240.0/22
IP: 185.209.84.0/22
IP: 185.234.212.0/22
IP: 188.244.96.0/22
IP: 194.156.154.0/23
IP: 194.156.162.0/23
IP: 2a0b:4340::/29
IP: 2a0d:2900::/29
IP: 2a0d:5640::/29
IP: 2a0e:5c40::/29
IP: 2a0e:6900::/29
IP: 2a0f:3b00::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2f:8b:f4:c6:93:3e:6e:05:02:b9:0e:56:dc:b4:88:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Dec 3 11:59:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e36a3cbcb6635d140f694b0cd99d1cd62456de2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:88:64:ad:16:70:f3:7b:27:2a:fa:35:3e:fa:
b2:84:dc:02:55:ab:9b:bb:3f:28:55:c1:86:b2:5c:
6b:28:81:23:af:4f:bd:29:5a:ac:0d:8a:09:cd:6c:
ac:b0:00:1d:1c:53:30:d3:7b:4d:2c:c4:f1:70:bd:
c9:45:3c:be:8e:cb:55:4a:5a:45:26:11:1c:df:22:
75:be:93:94:48:43:17:38:f3:ec:54:7f:cf:af:01:
d2:00:3c:7d:a0:d4:97:a1:39:07:b9:3a:5a:43:08:
fc:e6:03:e5:98:97:11:9f:69:9f:62:4a:ec:1b:ac:
57:c0:43:bb:73:80:d6:59:9b:8c:64:a3:1c:07:bd:
05:3a:fb:9f:72:f0:02:33:0f:c8:cd:5a:45:0a:41:
9f:12:9a:09:1c:65:f6:e2:3a:f0:40:9a:d2:45:cb:
97:e8:75:e0:23:e8:fe:cc:b9:d0:a1:40:26:99:94:
89:00:de:ae:a7:9e:65:44:2c:08:d9:47:81:1c:17:
d8:b0:63:7b:5e:4c:a2:82:f6:57:e7:6a:d1:ad:4f:
c6:f3:f8:e1:c3:db:72:b0:8f:b8:8b:5e:cb:8f:5a:
2a:ed:72:ac:d4:f9:e6:d1:72:b5:51:02:44:73:af:
96:90:a5:c1:53:3d:6c:28:21:7a:b5:1b:5b:bc:fa:
2f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6A:3C:BC:B6:63:5D:14:0F:69:4B:0C:D9:9D:1C:D6:24:56:DE:2E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.rp.ki/repo/misakaio/2/
RPKI Manifest - URI:rsync://rsync.rp.ki/repo/misakaio/2/E36A3CBCB6635D140F694B0CD99D1CD62456DE2E.mft
RPKI Notify - URI:https://rrdp.rp.ki/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.104.0/22
45.131.68.0/22
45.142.244.0/22
45.150.240.0/22
185.209.84.0/22
185.234.212.0/22
188.244.96.0/22
194.156.154.0/23
194.156.162.0/23
IPv6:
2a0b:4340::/29
2a0d:2900::/29
2a0d:5640::/29
2a0e:5c40::/29
2a0e:6900::/29
2a0f:3b00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35487
47553
48386
50069
57578
57695
58313
58342
Signature Algorithm: sha256WithRSAEncryption
5e:6d:e9:16:17:2c:30:84:e7:de:aa:9a:e2:68:11:04:8d:a6:
46:89:f9:ec:8d:ee:8d:cf:51:60:77:f5:fc:e3:90:3c:aa:e1:
62:57:ac:10:8a:12:de:72:33:ec:ee:62:8a:46:15:09:d5:bc:
6c:70:77:51:ae:5d:bd:7a:b4:2f:f9:78:da:22:92:56:f2:9a:
7d:0f:9d:18:21:8a:35:41:37:ef:42:0e:eb:26:f9:b9:b0:45:
d8:4d:0c:05:d0:c1:1f:b2:c6:6c:98:8a:e4:4b:10:af:1d:83:
14:7a:16:96:4e:c3:88:c9:69:59:63:63:2a:e4:fb:b5:c9:24:
f5:bb:1f:51:be:0b:a2:95:a1:ee:43:e1:a6:f3:c1:54:18:4e:
eb:b2:f1:6d:ab:24:5b:28:5a:eb:d0:7e:aa:7b:3d:c8:35:ec:
fa:dc:8a:4a:eb:0c:b1:4b:5f:da:b4:47:47:19:0b:b9:78:2a:
a5:54:b5:9a:a5:84:98:09:c4:9e:23:c3:67:bb:fd:36:50:82:
eb:77:3c:a8:5e:fc:b2:72:f6:be:f9:3b:5f:b4:0a:3a:e7:5a:
39:63:01:36:01:38:8f:cd:43:b1:1b:54:a3:b2:af:60:5d:c0:
67:8c:72:ed:31:5d:24:5b:b5:dc:4b:8d:9c:11:3e:43:a3:81:
36:35:05:c6
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYwvi/TGkz5uBQK5DlbctIjQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMxMjAzMTE1OTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzZhM2NiY2I2NjM1ZDE0MGY2OTRiMGNkOTlkMWNkNjI0NTZkZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyohkrRZw83snKvo1PvqyhNwCVaub
uz8oVcGGslxrKIEjr0+9KVqsDYoJzWyssAAdHFMw03tNLMTxcL3JRTy+jstVSlpF
JhEc3yJ1vpOUSEMXOPPsVH/PrwHSADx9oNSXoTkHuTpaQwj85gPlmJcRn2mfYkrs
G6xXwEO7c4DWWZuMZKMcB70FOvufcvACMw/IzVpFCkGfEpoJHGX24jrwQJrSRcuX
6HXgI+j+zLnQoUAmmZSJAN6up55lRCwI2UeBHBfYsGN7XkyigvZX52rRrU/G8/jh
w9tysI+4i17Lj1oq7XKs1Pnm0XK1UQJEc6+WkKXBUz1sKCF6tRtbvPov2wIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFONqPLy2Y10UD2lLDNmdHNYkVt4uMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgdEGCCsGAQUFBwELBIHEMIHBMDAGCCsGAQUFBzAFhiRyc3lu
YzovL3JzeW5jLnJwLmtpL3JlcG8vbWlzYWthaW8vMi8wXAYIKwYBBQUHMAqGUHJz
eW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8yL0UzNkEzQ0JDQjY2MzVE
MTQwRjY5NEIwQ0Q5OUQxQ0Q2MjQ1NkRFMkUubWZ0MC8GCCsGAQUFBzANhiNodHRw
czovL3JyZHAucnAua2kvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBK
hkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28z
VlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjCBgQYIKwYBBQUHAQcBAf8EcjBwMDwEAgABMDYDBAItC2gDBAItg0QDBAIt
jvQDBAItlvADBAK50VQDBAK56tQDBAK89GADBAHCnJoDBAHCnKIwMAQCAAIwKgMF
AyoLQ0ADBQMqDSkAAwUDKg1WQAMFAyoOXEADBQMqDmkAAwUDKg87ADA9BggrBgEF
BQcBCAEB/wQuMCygKjAoAgMAip8CAwC5wQIDAL0CAgMAw5UCAwDg6gIDAOFfAgMA
48kCAwDj5jANBgkqhkiG9w0BAQsFAAOCAQEAXm3pFhcsMITn3qqa4mgRBI2mRon5
7I3ujc9RYHf1/OOQPKrhYlesEIoS3nIz7O5iikYVCdW8bHB3Ua5dvXq0L/l42iKS
VvKafQ+dGCGKNUE370IO6yb5ubBF2E0MBdDBH7LGbJiK5EsQrx2DFHoWlk7DiMlp
WWNjKuT7tckk9bsfUb4LopWh7kPhpvPBVBhO67LxbaskWyha69B+qns9yDXs+tyK
SusMsUtf2rRHRxkLuXgqpVS1mqWEmAnEniPDZ7v9NlCC63c8qF78snL2vvk7X7QK
OudaOWMBNgE4j81DsRtUo7KvYF3AZ4xy7TFdJFu13EuNnBE+Q6OBNjUFxg==
-----END CERTIFICATE-----
Generated at Sun Dec 3 22:11:15 2023 by rpki-client on console-fra.rpki-client.org