Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85kEnvkp-jb41tGw2andBxBlfNs.cer
File: 85kEnvkp-jb41tGw2andBxBlfNs.cer (raw, json)
Hash identifier: 5fsAxXI4ZY7XK/c4i4leI1yHHnKRSbg8lYgmzCKw17Q=
Subject key identifier: F3:99:04:9E:F9:29:FA:36:F8:D6:D1:B0:D9:A9:DD:07:10:65:7C:DB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856ED324BA34B30D99DB2D7F097F56D838
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/90/c75011-e2ba-4bf9-b4bd-ba350fddfb7b/1/85kEnvkp-jb41tGw2andBxBlfNs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/90/c75011-e2ba-4bf9-b4bd-ba350fddfb7b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 19:33:29 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 176.97.208.0/24
IP: 2a11:db40::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d3:24:ba:34:b3:0d:99:db:2d:7f:09:7f:56:d8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:33:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f399049ef929fa36f8d6d1b0d9a9dd0710657cdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a5:d1:31:a6:7a:f8:e7:b6:43:34:7b:f7:15:
03:b2:a4:fc:97:90:d8:1c:17:07:12:c9:61:66:82:
57:cf:7a:c2:58:bc:30:ed:35:ec:40:42:cb:5c:95:
e5:61:2c:45:06:3e:c8:86:ac:48:fa:1d:84:2a:eb:
8a:fd:e9:88:3d:c8:7d:4c:99:15:b8:db:f6:a0:0c:
5a:2a:97:93:e4:ed:30:df:42:5c:80:19:e0:eb:28:
9d:45:f3:5c:2c:71:1c:c4:b4:30:a1:ba:6d:b0:f0:
ee:47:2d:c5:30:3f:09:b4:5e:96:21:d5:36:29:68:
bf:53:bd:50:27:2e:c4:39:37:95:ab:aa:a4:c6:a3:
3a:b6:dd:dd:8b:c0:67:9a:8d:c7:95:07:cc:7c:b0:
04:74:2e:2d:26:37:13:5c:c3:6b:f2:0f:f5:60:47:
15:1d:a2:ec:34:13:ac:99:97:21:f6:9b:30:0b:85:
56:35:8e:f2:0d:03:f6:87:05:b5:24:0c:20:47:60:
b7:16:54:52:95:be:bd:cb:66:e7:cf:43:25:2f:d3:
07:cb:9d:3b:21:5c:13:d6:a1:3b:47:4d:0a:40:3a:
ff:ca:d0:08:d1:b4:62:cf:65:a0:95:81:52:23:64:
d2:35:91:56:f9:25:04:75:13:e6:5b:9c:92:08:00:
7c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:99:04:9E:F9:29:FA:36:F8:D6:D1:B0:D9:A9:DD:07:10:65:7C:DB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c75011-e2ba-4bf9-b4bd-ba350fddfb7b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c75011-e2ba-4bf9-b4bd-ba350fddfb7b/1/85kEnvkp-jb41tGw2andBxBlfNs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.208.0/24
IPv6:
2a11:db40::/29
Signature Algorithm: sha256WithRSAEncryption
44:37:85:30:4a:ac:01:10:49:3f:ce:38:a6:bb:69:cf:f8:3e:
62:d1:1f:4c:8c:69:07:af:d7:a3:85:7a:47:dc:b7:97:43:30:
1f:fe:cc:c9:07:46:d8:e0:46:a8:ae:2d:46:cc:1d:7f:25:fd:
2f:99:95:85:3f:7e:70:91:fd:5d:3c:e6:16:1e:db:7a:99:88:
6d:31:49:17:97:14:7b:2c:ec:34:fb:62:9b:2a:02:13:32:0e:
6b:a1:6f:10:30:38:31:e6:2f:8e:a2:9c:1c:04:eb:dc:37:77:
1d:62:2a:b1:ba:6a:b7:ba:71:3f:71:58:28:5e:89:3d:43:78:
e3:d3:26:16:6d:74:b3:07:c0:bb:ba:3d:f6:af:ae:55:cb:f6:
90:7d:46:55:46:ae:e8:76:3d:5e:53:a0:37:30:28:df:d8:46:
be:5e:b1:7e:e9:bb:b5:c2:78:03:c0:be:75:98:cd:fe:d7:30:
52:ce:c2:fd:3d:96:c0:23:34:78:10:a2:ba:17:dc:7f:b1:3c:
cb:74:cd:fe:ab:ea:6a:24:96:3e:b8:2b:2b:c6:59:f3:0e:6d:
bb:0d:1a:0c:cc:97:0b:35:9f:39:27:9e:39:09:3e:6c:5f:ff:
d9:a8:98:7c:45:8f:69:05:cb:a8:94:6b:02:e7:85:6b:1f:17:
70:55:b4:d7
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVu0yS6NLMNmdstfwl/Vtg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTkzMzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzk5MDQ5ZWY5MjlmYTM2ZjhkNmQxYjBkOWE5ZGQwNzEwNjU3Y2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6XRMaZ6+Oe2QzR79xUDsqT8l5DY
HBcHEslhZoJXz3rCWLww7TXsQELLXJXlYSxFBj7IhqxI+h2EKuuK/emIPch9TJkV
uNv2oAxaKpeT5O0w30JcgBng6yidRfNcLHEcxLQwobptsPDuRy3FMD8JtF6WIdU2
KWi/U71QJy7EOTeVq6qkxqM6tt3di8Bnmo3HlQfMfLAEdC4tJjcTXMNr8g/1YEcV
HaLsNBOsmZch9pswC4VWNY7yDQP2hwW1JAwgR2C3FlRSlb69y2bnz0MlL9MHy507
IVwT1qE7R00KQDr/ytAI0bRiz2WglYFSI2TSNZFW+SUEdRPmW5ySCAB8BQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFPOZBJ75Kfo2+NbRsNmp3QcQZXzbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkwL2M3NTAx
MS1lMmJhLTRiZjktYjRiZC1iYTM1MGZkZGZiN2IvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAvYzc1MDEx
LWUyYmEtNGJmOS1iNGJkLWJhMzUwZmRkZmI3Yi8xLzg1a0VudmtwLWpiNDF0R3cy
YW5kQnhCbGZOcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAsGHQMA0EAgACMAcDBQMqEdtAMA0GCSqGSIb3
DQEBCwUAA4IBAQBEN4UwSqwBEEk/zjimu2nP+D5i0R9MjGkHr9ejhXpH3LeXQzAf
/szJB0bY4Eaori1GzB1/Jf0vmZWFP35wkf1dPOYWHtt6mYhtMUkXlxR7LOw0+2Kb
KgITMg5roW8QMDgx5i+OopwcBOvcN3cdYiqxumq3unE/cVgoXok9Q3jj0yYWbXSz
B8C7uj32r65Vy/aQfUZVRq7odj1eU6A3MCjf2Ea+XrF+6bu1wngDwL51mM3+1zBS
zsL9PZbAIzR4EKK6F9x/sTzLdM3+q+pqJJY+uCsrxlnzDm27DRoMzJcLNZ85J545
CT5sX//ZqJh8RY9pBcuolGsC54VrHxdwVbTX
-----END CERTIFICATE-----
Generated at Fri Oct 27 15:32:43 2023 by rpki-client on console-ams.rpki-client.org