Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AfmlTfZ5b9LXqTb2R3WfcyeWXhM.cer
File: AfmlTfZ5b9LXqTb2R3WfcyeWXhM.cer (raw, json)
Hash identifier: fzGSqwWSMntI5d8ba4tJuWm3ipsWOFown2mo8ztm3ZM=
Subject key identifier: 01:F9:A5:4D:F6:79:6F:D2:D7:A9:36:F6:47:75:9F:73:27:96:5E:13
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856BD140C2C9C6E6AC927B0A6E2CFD0E95
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0e/f94ad8-67dd-4d5b-b27e-81a628dc4382/1/AfmlTfZ5b9LXqTb2R3WfcyeWXhM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0e/f94ad8-67dd-4d5b-b27e-81a628dc4382/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 05:32:33 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 45.140.116.0/22
Validation: Failed, certificate revoked on Wed 22 Mar 2023 12:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d1:40:c2:c9:c6:e6:ac:92:7b:0a:6e:2c:fd:0e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:32:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01f9a54df6796fd2d7a936f647759f7327965e13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9f:90:2d:06:3f:74:55:67:20:23:fb:7f:cf:
6d:19:86:41:c0:93:2a:0b:5a:37:ab:49:02:61:fc:
07:a5:3b:04:8c:84:89:0b:22:cd:5d:11:81:60:b0:
d2:bb:8b:dd:d6:82:ea:62:dc:80:4e:4e:4a:95:16:
55:1e:44:31:e0:4f:1a:94:71:1e:fb:b2:d8:ee:49:
65:c5:d8:cf:6e:c9:15:10:0a:13:20:ce:8c:e6:a4:
9c:65:7d:25:5d:ba:b5:e8:fe:b8:39:76:ba:f8:29:
d7:61:89:04:1f:0c:46:67:42:26:5d:53:79:6b:08:
f8:b7:fa:cb:e9:bf:2e:77:1f:07:23:ac:52:4e:87:
b2:e2:79:7f:81:1b:54:f4:b1:fc:8f:6d:4b:9c:f3:
e3:cb:8f:78:89:aa:be:53:48:5e:a0:ad:5b:24:6b:
7b:8c:ee:bd:26:4f:01:02:e2:28:32:7d:7a:9a:9c:
a1:a0:be:47:4a:4c:f6:3b:80:77:d0:18:63:0f:7c:
a9:4c:00:9f:bf:30:55:5d:ad:92:28:2a:74:25:f9:
f8:d0:eb:99:84:4e:27:34:0f:ca:92:7f:22:5b:06:
ae:7f:2e:42:c4:db:3d:ba:43:09:6b:e8:2a:13:4c:
24:31:09:bb:a7:ec:23:4d:4b:f5:02:84:19:aa:f9:
ee:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F9:A5:4D:F6:79:6F:D2:D7:A9:36:F6:47:75:9F:73:27:96:5E:13
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/f94ad8-67dd-4d5b-b27e-81a628dc4382/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/f94ad8-67dd-4d5b-b27e-81a628dc4382/1/AfmlTfZ5b9LXqTb2R3WfcyeWXhM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.116.0/22
Signature Algorithm: sha256WithRSAEncryption
52:1e:21:8b:6d:03:3e:38:d0:de:ce:3a:b2:80:ae:bc:72:df:
7d:0f:08:07:4f:2b:45:67:84:5b:2a:01:91:d2:43:15:2f:59:
1d:f3:25:ed:24:bd:77:2b:c2:d0:9d:d0:7d:da:70:6d:b7:eb:
35:27:4f:ff:a5:fc:c8:be:e6:cd:84:76:a1:cb:13:3f:68:45:
80:75:81:ba:d3:44:5b:e5:60:39:26:55:fc:a7:61:31:d7:b2:
d2:ec:8d:3a:b4:91:2e:ec:d1:19:96:6d:89:da:c8:bf:1f:e0:
14:00:de:bc:e9:f4:3d:da:e4:d7:ed:3a:ed:cb:ae:f9:90:a6:
bc:5f:c5:d4:77:83:5f:b3:8c:50:db:83:3e:fb:86:84:ba:b2:
fd:db:a2:2d:48:67:d7:21:8d:86:e7:3c:a1:81:ce:7d:99:74:
99:e7:51:5c:36:0d:38:3a:0d:3d:d4:c1:53:2b:3e:30:31:34:
33:96:1a:82:70:e3:cd:5d:f4:1b:0e:db:6e:96:03:64:81:a0:
48:9f:4b:d0:77:92:0a:78:87:42:11:e4:e1:6d:49:a5:63:41:
db:15:17:84:58:92:95:ab:8d:5c:2f:5f:71:2e:17:4e:7e:3f:
85:4a:c9:0b:e7:8d:17:34:57:36:f3:f6:6f:5b:a7:4c:f8:c3:
96:a9:f3:f2
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVr0UDCycbmrJJ7Cm4s/Q6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDUzMjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY5YTU0ZGY2Nzk2ZmQyZDdhOTM2ZjY0Nzc1OWY3MzI3OTY1ZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp+QLQY/dFVnICP7f89tGYZBwJMq
C1o3q0kCYfwHpTsEjISJCyLNXRGBYLDSu4vd1oLqYtyATk5KlRZVHkQx4E8alHEe
+7LY7kllxdjPbskVEAoTIM6M5qScZX0lXbq16P64OXa6+CnXYYkEHwxGZ0ImXVN5
awj4t/rL6b8udx8HI6xSToey4nl/gRtU9LH8j21LnPPjy494iaq+U0heoK1bJGt7
jO69Jk8BAuIoMn16mpyhoL5HSkz2O4B30BhjD3ypTACfvzBVXa2SKCp0Jfn40OuZ
hE4nNA/Kkn8iWwaufy5CxNs9ukMJa+gqE0wkMQm7p+wjTUv1AoQZqvnuhwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFAH5pU32eW/S16k29kd1n3Mnll4TMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBlL2Y5NGFk
OC02N2RkLTRkNWItYjI3ZS04MWE2MjhkYzQzODIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUvZjk0YWQ4
LTY3ZGQtNGQ1Yi1iMjdlLTgxYTYyOGRjNDM4Mi8xL0FmbWxUZlo1YjlMWHFUYjJS
M1dmY3llV1hoTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCLYx0MA0GCSqGSIb3DQEBCwUAA4IBAQBSHiGL
bQM+ONDezjqygK68ct99DwgHTytFZ4RbKgGR0kMVL1kd8yXtJL13K8LQndB92nBt
t+s1J0//pfzIvubNhHahyxM/aEWAdYG600Rb5WA5JlX8p2Ex17LS7I06tJEu7NEZ
lm2J2si/H+AUAN686fQ92uTX7Trty675kKa8X8XUd4Nfs4xQ24M++4aEurL926It
SGfXIY2G5zyhgc59mXSZ51FcNg04Og091MFTKz4wMTQzlhqCcOPNXfQbDttulgNk
gaBIn0vQd5IKeIdCEeThbUmlY0HbFReEWJKVq41cL19xLhdOfj+FSskL540XNFc2
8/ZvW6dM+MOWqfPy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:27:01 2024 by rpki-client on console-ams.rpki-client.org