Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5HScM2e6bn6fdzVKVdOIN5E13w4.cer
File: 5HScM2e6bn6fdzVKVdOIN5E13w4.cer (raw, json)
Hash identifier: JNzauumzVdXTP3HsLMPF2hTmLV5SWRtikk+fLzBXN+k=
Subject key identifier: E4:74:9C:33:67:BA:6E:7E:9F:77:35:4A:55:D3:88:37:91:35:DF:0E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8DF2B3C60F34D76861CC6F0A173CAF2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1b/a7df4a-77a9-43d8-bfd7-a853144879f3/1/5HScM2e6bn6fdzVKVdOIN5E13w4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1b/a7df4a-77a9-43d8-bfd7-a853144879f3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 06:31:58 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 35662
IP: 5.152.192.0/19
IP: 31.3.224.0/19
IP: 37.157.240.0/21
IP: 37.220.0.0/19
IP: 77.245.64.0/20
IP: 79.143.80.0/22
IP: 80.84.48.0/20
IP: 80.243.176.0/20
IP: 81.94.192.0/20
IP: 82.102.8.0/21
IP: 88.150.128.0/17
IP: 109.73.64.0/20
IP: 109.200.0.0/19
IP: 149.3.128.0/20
IP: 176.227.192.0/19
IP: 185.5.0.0/22
IP: 185.20.96.0/22
IP: 188.227.160.0/19
IP: 2a02:2658::/32
Validation: Failed, certificate revoked on Tue 04 Jun 2024 13:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:2b:3c:60:f3:4d:76:86:1c:c6:f0:a1:73:ca:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:31:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4749c3367ba6e7e9f77354a55d388379135df0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:7a:06:0b:29:f7:0a:f9:5f:37:f3:22:6e:c5:
9c:ff:32:27:19:bf:5f:2c:0a:ca:c0:13:79:38:31:
6c:57:8b:45:86:b7:bb:91:15:b7:5d:ec:49:36:a6:
47:d8:c3:9f:39:aa:e9:3d:e4:a2:ec:a9:5d:44:d9:
ad:a8:9d:c0:e8:7d:ee:42:2c:1f:46:9f:39:0a:b0:
a3:6e:b2:cc:01:3e:73:bc:0a:60:6e:50:10:11:12:
92:82:df:24:02:ce:aa:7f:3c:51:51:38:ba:50:c7:
57:3b:0d:46:4f:09:e1:c8:0b:61:f9:96:bb:0f:28:
54:16:08:88:40:ba:6f:dc:a6:90:c1:57:d4:65:6a:
44:75:b0:eb:28:12:e8:6d:ea:b9:39:b9:27:a8:a5:
05:01:a2:04:1a:94:d7:f5:0c:06:70:a1:ac:07:25:
4c:6b:cc:f4:36:ef:3a:a1:46:03:90:55:c1:19:c5:
a3:33:b9:fd:f1:ba:3f:f2:89:5c:7c:e8:23:13:ac:
29:d2:9e:14:6f:68:80:e2:b2:c4:dc:20:f3:14:5d:
0c:51:87:2b:af:d4:0f:1d:b7:8f:df:c0:62:fe:17:
8c:5e:5c:b3:dd:82:89:f3:88:7b:d5:3f:87:09:2d:
6b:12:57:c7:8f:f0:9a:9b:37:8c:71:ac:49:36:34:
3b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:74:9C:33:67:BA:6E:7E:9F:77:35:4A:55:D3:88:37:91:35:DF:0E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/a7df4a-77a9-43d8-bfd7-a853144879f3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/a7df4a-77a9-43d8-bfd7-a853144879f3/1/5HScM2e6bn6fdzVKVdOIN5E13w4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.192.0/19
31.3.224.0/19
37.157.240.0/21
37.220.0.0/19
77.245.64.0/20
79.143.80.0/22
80.84.48.0/20
80.243.176.0/20
81.94.192.0/20
82.102.8.0/21
88.150.128.0/17
109.73.64.0/20
109.200.0.0/19
149.3.128.0/20
176.227.192.0/19
185.5.0.0/22
185.20.96.0/22
188.227.160.0/19
IPv6:
2a02:2658::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35662
Signature Algorithm: sha256WithRSAEncryption
0c:ae:e7:51:37:39:6f:f5:44:37:6c:2f:4a:dd:20:af:e7:8d:
00:33:53:93:79:0f:ab:fe:06:80:56:8e:4f:bd:e8:2c:16:af:
da:48:8a:8f:68:45:60:61:c3:7e:b2:38:22:54:c1:91:be:6b:
b2:93:06:d2:f9:b3:2f:b9:1d:15:e9:14:33:1a:47:00:46:f5:
dc:f6:bb:39:d2:8d:ae:b1:7b:7a:88:53:63:93:0a:ff:22:a9:
af:3e:96:34:30:84:08:23:b4:db:45:85:fb:63:33:4f:0c:7d:
92:40:d7:28:cc:7d:5b:63:ff:26:66:81:ca:f0:83:92:45:e6:
1f:f9:a1:3f:26:dc:4a:7e:b6:99:ac:94:32:9f:c1:86:81:a3:
8f:ca:46:0f:58:19:d4:ba:bd:4e:54:62:33:9c:25:77:3c:0e:
3a:be:16:c3:bb:85:4d:80:19:84:09:53:01:fa:56:6f:6f:db:
e5:83:71:11:c4:1c:17:66:87:d8:ef:47:fd:4a:e4:e5:54:60:
d7:94:44:09:ae:ac:39:67:7c:16:04:b9:c6:99:5d:7f:4a:00:
99:ec:0c:03:bd:fc:25:f0:17:70:82:58:cb:41:8c:d1:10:a9:
dd:07:54:62:88:48:23:7b:34:7d:17:83:21:86:5e:e0:34:44:
f5:54:7c:e5
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgISAYzI3ys8YPNNdoYcxvChc8ryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDc0OWMzMzY3YmE2ZTdlOWY3NzM1NGE1NWQzODgzNzkxMzVkZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+HoGCyn3CvlfN/MibsWc/zInGb9f
LArKwBN5ODFsV4tFhre7kRW3XexJNqZH2MOfOarpPeSi7KldRNmtqJ3A6H3uQiwf
Rp85CrCjbrLMAT5zvApgblAQERKSgt8kAs6qfzxRUTi6UMdXOw1GTwnhyAth+Za7
DyhUFgiIQLpv3KaQwVfUZWpEdbDrKBLobeq5ObknqKUFAaIEGpTX9QwGcKGsByVM
a8z0Nu86oUYDkFXBGcWjM7n98bo/8olcfOgjE6wp0p4Ub2iA4rLE3CDzFF0MUYcr
r9QPHbeP38Bi/heMXlyz3YKJ84h71T+HCS1rElfHj/CamzeMcaxJNjQ7RwIDAQAB
o4IDGDCCAxQwHQYDVR0OBBYEFOR0nDNnum5+n3c1SlXTiDeRNd8OMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFiL2E3ZGY0
YS03N2E5LTQzZDgtYmZkNy1hODUzMTQ0ODc5ZjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIvYTdkZjRh
LTc3YTktNDNkOC1iZmQ3LWE4NTMxNDQ4NzlmMy8xLzVIU2NNMmU2Ym42ZmR6VktW
ZE9JTjVFMTN3NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGWBggrBgEF
BQcBBwEB/wSBhjCBgzByBAIAATBsAwQFBZjAAwQFHwPgAwQDJZ3wAwQFJdwAAwQE
TfVAAwQCT49QAwQEUFQwAwQEUPOwAwQEUV7AAwQDUmYIAwQHWJaAAwQEbUlAAwQF
bcgAAwQElQOAAwQFsOPAAwQCuQUAAwQCuRRgAwQFvOOgMA0EAgACMAcDBQAqAiZY
MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCLTjANBgkqhkiG9w0BAQsFAAOCAQEA
DK7nUTc5b/VEN2wvSt0gr+eNADNTk3kPq/4GgFaOT73oLBav2kiKj2hFYGHDfrI4
IlTBkb5rspMG0vmzL7kdFekUMxpHAEb13Pa7OdKNrrF7eohTY5MK/yKprz6WNDCE
CCO020WF+2MzTwx9kkDXKMx9W2P/JmaByvCDkkXmH/mhPybcSn62mayUMp/BhoGj
j8pGD1gZ1Lq9TlRiM5wldzwOOr4Ww7uFTYAZhAlTAfpWb2/b5YNxEcQcF2aH2O9H
/Urk5VRg15RECa6sOWd8FgS5xpldf0oAmewMA738JfAXcIJYy0GM0RCp3QdUYohI
I3s0fReDIYZe4DRE9VR85Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:29 2024 by rpki-client on console-ams.rpki-client.org