Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5iH2js7aVvMw5QZ-0-pSx7mCqK4.cer
File: 5iH2js7aVvMw5QZ-0-pSx7mCqK4.cer (raw, json)
Hash identifier: FltdepRCaMGGSztJqKZ10Umgy2dUreW7HkIf9NTFMDM=
Subject key identifier: E6:21:F6:8E:CE:DA:56:F3:30:E5:06:7E:D3:EA:52:C7:B9:82:A8:AE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856EFAD70F917F4AECC447DF9B1106DF3B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/60/f26afa-f76a-4474-9223-cd0fa1063e13/1/5iH2js7aVvMw5QZ-0-pSx7mCqK4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/60/f26afa-f76a-4474-9223-cd0fa1063e13/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 20:16:50 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 37.16.76.0/24
IP: 2a11:6300::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:fa:d7:0f:91:7f:4a:ec:c4:47:df:9b:11:06:df:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 20:16:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e621f68eceda56f330e5067ed3ea52c7b982a8ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c1:c0:f2:c6:bc:1c:20:ae:ca:50:99:e3:34:
22:ff:9e:74:85:10:3b:ae:eb:f0:04:bb:6a:fa:e0:
ac:21:3e:85:d4:84:2d:a8:89:d1:9d:2e:d0:74:08:
11:49:5d:02:64:07:4c:ea:de:44:88:30:b7:31:95:
a6:9e:ef:cb:e9:49:de:eb:85:69:86:f7:80:b8:5c:
d4:0d:c5:60:2f:ea:3a:db:a8:3d:57:5d:cf:52:63:
08:9d:7e:c1:67:8c:5f:3f:2c:8e:bb:4a:2f:aa:74:
69:85:03:8c:e0:6e:0e:df:19:eb:f2:55:32:fe:33:
e7:00:d9:c3:7b:45:a0:1e:f4:e9:7b:35:a5:59:7f:
51:d4:90:9f:11:48:c7:bf:89:d5:05:07:5b:5c:d7:
66:39:a1:19:e8:fe:71:5d:54:89:2e:41:bb:3e:3e:
39:8c:c2:3a:b2:d1:53:f4:3e:d1:10:b2:32:c3:10:
29:9a:57:ab:fe:12:82:c7:fd:db:74:21:2d:fd:fe:
9d:7a:f0:06:34:0e:1a:a8:82:33:28:0d:36:e4:e3:
4e:c3:b5:f5:3d:1a:9b:67:84:78:ad:89:3c:53:9e:
39:70:cc:eb:23:70:c4:39:e6:58:8b:58:a7:f9:27:
d2:50:d0:d8:05:ee:4a:68:cf:15:e4:c1:74:38:b8:
a3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:21:F6:8E:CE:DA:56:F3:30:E5:06:7E:D3:EA:52:C7:B9:82:A8:AE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f26afa-f76a-4474-9223-cd0fa1063e13/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f26afa-f76a-4474-9223-cd0fa1063e13/1/5iH2js7aVvMw5QZ-0-pSx7mCqK4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.76.0/24
IPv6:
2a11:6300::/29
Signature Algorithm: sha256WithRSAEncryption
32:78:a6:c8:04:22:4e:d7:88:94:11:ba:d5:66:52:02:2d:b3:
fe:e9:ad:30:77:29:5c:4d:df:a8:31:c9:92:0b:d5:88:cb:a5:
b7:58:0a:53:b9:96:84:92:42:52:14:ea:e5:99:96:9a:8e:cb:
c4:ed:22:b0:6f:72:61:d0:59:34:3c:46:cb:73:58:32:2a:c6:
15:0d:e9:d4:80:24:14:25:80:44:25:26:35:cd:c0:80:e2:a2:
32:74:0a:b6:ac:93:c1:a6:ab:89:6c:a7:13:3e:4d:72:88:fb:
7d:c2:ed:ca:1c:e2:2c:68:a0:c7:ab:db:ed:9e:08:85:e9:5a:
f2:e4:7d:4b:82:8f:0d:d2:df:76:1e:36:39:aa:43:08:00:bd:
26:88:f0:cb:97:16:af:0e:ec:30:16:0c:e8:7f:d9:bc:c9:10:
6e:f3:ce:a8:a0:20:e0:67:b4:1c:1a:67:55:4e:29:e0:af:cd:
51:dd:49:bb:6b:51:33:81:53:04:01:c3:a0:20:e4:69:a0:94:
62:58:91:22:e2:4b:fc:d5:bb:69:71:38:d2:6b:b0:f7:66:bb:
5a:9c:65:14:a4:c4:ef:7a:fa:f3:b1:49:29:c9:36:12:61:ee:
d9:53:5d:28:f7:66:a3:d5:fe:a6:28:15:24:c7:4d:f2:1e:bb:
b7:d3:41:9c
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVu+tcPkX9K7MRH35sRBt87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjAxNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjIxZjY4ZWNlZGE1NmYzMzBlNTA2N2VkM2VhNTJjN2I5ODJhOGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksHA8sa8HCCuylCZ4zQi/550hRA7
ruvwBLtq+uCsIT6F1IQtqInRnS7QdAgRSV0CZAdM6t5EiDC3MZWmnu/L6Une64Vp
hveAuFzUDcVgL+o626g9V13PUmMInX7BZ4xfPyyOu0ovqnRphQOM4G4O3xnr8lUy
/jPnANnDe0WgHvTpezWlWX9R1JCfEUjHv4nVBQdbXNdmOaEZ6P5xXVSJLkG7Pj45
jMI6stFT9D7RELIywxApmler/hKCx/3bdCEt/f6devAGNA4aqIIzKA025ONOw7X1
PRqbZ4R4rYk8U545cMzrI3DEOeZYi1in+SfSUNDYBe5KaM8V5MF0OLijjQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFOYh9o7O2lbzMOUGftPqUse5gqiuMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYwL2YyNmFm
YS1mNzZhLTQ0NzQtOTIyMy1jZDBmYTEwNjNlMTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAvZjI2YWZh
LWY3NmEtNDQ3NC05MjIzLWNkMGZhMTA2M2UxMy8xLzVpSDJqczdhVnZNdzVRWi0w
LXBTeDdtQ3FLNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAJRBMMA0EAgACMAcDBQMqEWMAMA0GCSqGSIb3
DQEBCwUAA4IBAQAyeKbIBCJO14iUEbrVZlICLbP+6a0wdylcTd+oMcmSC9WIy6W3
WApTuZaEkkJSFOrlmZaajsvE7SKwb3Jh0Fk0PEbLc1gyKsYVDenUgCQUJYBEJSY1
zcCA4qIydAq2rJPBpquJbKcTPk1yiPt9wu3KHOIsaKDHq9vtngiF6Vry5H1Lgo8N
0t92HjY5qkMIAL0miPDLlxavDuwwFgzof9m8yRBu886ooCDgZ7QcGmdVTingr81R
3Um7a1EzgVMEAcOgIORpoJRiWJEi4kv81btpcTjSa7D3ZrtanGUUpMTvevrzsUkp
yTYSYe7ZU10o92aj1f6mKBUkx03yHru300Gc
-----END CERTIFICATE-----
Generated at Tue Aug 8 11:46:00 2023 by rpki-client on console-ams.rpki-client.org