Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/GF1Gt8nTIcm6GJ5msZM8EyQZfOw.cer
File: GF1Gt8nTIcm6GJ5msZM8EyQZfOw.cer (raw, json)
Hash identifier: AnywWLsMnfwvTU1lKkIatJAt/QPrLpCs6f4wy2LDwHE=
Subject key identifier: 18:5D:46:B7:C9:D3:21:C9:BA:18:9E:66:B1:93:3C:13:24:19:7C:EC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC86F6C8E05A6DC1F468504F84B0592A8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/04/bcabb9-fbdb-4311-a29c-c17de50fd5fb/1/GF1Gt8nTIcm6GJ5msZM8EyQZfOw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/04/bcabb9-fbdb-4311-a29c-c17de50fd5fb/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 04:29:54 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 37.46.128.0/21
IP: 77.246.156.0/22
IP: 80.87.192.0 -- 80.87.203.255
IP: 82.202.160.0/20
IP: 83.220.168.0/21
IP: 91.240.84.0/22
IP: 185.43.4.0/22
IP: 185.63.188.0/22
IP: 185.146.156.0/22
IP: 212.109.192.0/21
IP: 212.109.216.0/21
IP: 213.159.208.0/21
IP: 2a03:e20::/32
Validation: Failed, certificate revoked on Wed 31 Jan 2024 14:15:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:6c:8e:05:a6:dc:1f:46:85:04:f8:4b:05:92:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 04:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=185d46b7c9d321c9ba189e66b1933c1324197cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c6:d3:5e:22:5f:07:71:0c:92:e4:dd:57:9a:
24:f4:72:d0:fb:ed:4d:97:ba:c4:49:a1:2c:05:ed:
c6:30:23:6b:be:28:12:50:d0:4d:0b:c4:b6:9c:04:
33:2b:4f:ac:9a:03:ff:3c:96:be:3d:6a:ff:83:2e:
d2:fd:31:bd:a7:63:21:37:fc:f8:c3:e6:cb:c7:2a:
4e:0f:be:33:30:42:b0:0f:b2:cf:2e:ad:40:25:1b:
51:3a:36:0e:7e:36:1b:22:ff:4c:8d:21:36:58:4b:
d0:62:dc:bd:47:37:9e:92:76:32:f7:6a:04:80:18:
79:78:6b:a1:f2:22:de:59:72:0d:39:ae:73:c5:ad:
48:6a:ae:b1:7b:b8:c1:ca:3b:bc:68:2e:2b:c1:73:
b5:ac:cd:71:e6:2d:a2:90:8a:2c:55:ef:1a:45:0e:
ed:42:a7:e8:79:72:a0:39:ca:bc:43:ca:be:46:aa:
97:6b:60:b0:1e:9d:63:94:e4:bb:3b:a4:e3:5e:f4:
3c:e3:4b:26:64:ad:cd:5e:8a:21:c9:d4:c6:9d:96:
92:e0:13:bf:95:8f:4d:31:f2:51:05:b8:69:5e:e5:
fe:17:69:97:f3:ef:80:07:7e:37:d2:4d:dc:82:54:
f0:4d:45:f0:63:56:9e:c5:f5:e0:44:64:a9:fb:52:
7c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:5D:46:B7:C9:D3:21:C9:BA:18:9E:66:B1:93:3C:13:24:19:7C:EC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bcabb9-fbdb-4311-a29c-c17de50fd5fb/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bcabb9-fbdb-4311-a29c-c17de50fd5fb/1/GF1Gt8nTIcm6GJ5msZM8EyQZfOw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.128.0/21
77.246.156.0/22
80.87.192.0-80.87.203.255
82.202.160.0/20
83.220.168.0/21
91.240.84.0/22
185.43.4.0/22
185.63.188.0/22
185.146.156.0/22
212.109.192.0/21
212.109.216.0/21
213.159.208.0/21
IPv6:
2a03:e20::/32
Signature Algorithm: sha256WithRSAEncryption
29:72:d8:73:02:1d:18:a6:8b:2b:31:8c:88:6c:ae:6f:f2:ef:
2f:67:3f:6e:f1:bb:2f:74:6a:6c:8f:ab:35:47:78:ee:c6:46:
01:d4:65:fa:2e:14:3d:91:15:53:95:0a:0c:a0:c4:d9:56:ec:
90:b2:e7:46:61:19:a4:0a:c3:86:c9:c1:b3:b3:d9:c3:ca:a0:
8d:61:b8:a2:8e:23:92:ab:ee:a7:0f:8c:f7:2e:68:30:62:c8:
a2:61:76:d8:f0:9d:f5:c8:3d:6f:9d:03:f7:01:bd:b2:50:cb:
7d:b6:f8:e8:3d:4a:c7:0a:4d:b4:da:23:3e:c8:39:27:c2:ff:
68:c3:6e:d4:15:7d:45:94:cd:87:79:45:95:58:ef:d5:82:72:
c8:38:5f:39:53:85:56:16:23:96:3f:19:86:2f:23:a8:19:14:
59:a2:cd:c8:79:6c:01:04:1d:9a:55:05:28:f0:06:e2:c1:bc:
61:2a:d8:82:56:92:6a:b0:aa:7e:7b:2c:f8:21:37:55:8a:de:
a0:42:1c:77:04:db:b3:c4:1e:9a:65:7d:3e:7b:69:81:e4:7e:
00:e6:e7:61:dd:75:8d:39:a8:4b:7f:f2:a3:2f:61:06:a7:97:
74:ba:d1:0b:4d:6d:e0:88:19:55:9b:82:b9:bd:b2:cf:32:30:
72:05:e4:a3
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgISAYzIb2yOBabcH0aFBPhLBZKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODVkNDZiN2M5ZDMyMWM5YmExODllNjZiMTkzM2MxMzI0MTk3Y2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4sbTXiJfB3EMkuTdV5ok9HLQ++1N
l7rESaEsBe3GMCNrvigSUNBNC8S2nAQzK0+smgP/PJa+PWr/gy7S/TG9p2MhN/z4
w+bLxypOD74zMEKwD7LPLq1AJRtROjYOfjYbIv9MjSE2WEvQYty9RzeeknYy92oE
gBh5eGuh8iLeWXINOa5zxa1Iaq6xe7jByju8aC4rwXO1rM1x5i2ikIosVe8aRQ7t
QqfoeXKgOcq8Q8q+RqqXa2CwHp1jlOS7O6TjXvQ840smZK3NXoohydTGnZaS4BO/
lY9NMfJRBbhpXuX+F2mX8++AB3430k3cglTwTUXwY1aexfXgRGSp+1J8zQIDAQAB
o4IC3TCCAtkwHQYDVR0OBBYEFBhdRrfJ0yHJuhieZrGTPBMkGXzsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA0L2JjYWJi
OS1mYmRiLTQzMTEtYTI5Yy1jMTdkZTUwZmQ1ZmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQvYmNhYmI5
LWZiZGItNDMxMS1hMjljLWMxN2RlNTBmZDVmYi8xL0dGMUd0OG5USWNtNkdKNW1z
Wk04RXlRWmZPdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHgGCCsGAQUF
BwEHAQH/BGkwZzBWBAIAATBQAwQDJS6AAwQCTfacMAwDBAZQV8ADBAJQV8gDBARS
yqADBANT3KgDBAJb8FQDBAK5KwQDBAK5P7wDBAK5kpwDBAPUbcADBAPUbdgDBAPV
n9AwDQQCAAIwBwMFACoDDiAwDQYJKoZIhvcNAQELBQADggEBACly2HMCHRimiysx
jIhsrm/y7y9nP27xuy90amyPqzVHeO7GRgHUZfouFD2RFVOVCgygxNlW7JCy50Zh
GaQKw4bJwbOz2cPKoI1huKKOI5Kr7qcPjPcuaDBiyKJhdtjwnfXIPW+dA/cBvbJQ
y322+Og9SscKTbTaIz7IOSfC/2jDbtQVfUWUzYd5RZVY79WCcsg4XzlThVYWI5Y/
GYYvI6gZFFmizch5bAEEHZpVBSjwBuLBvGEq2IJWkmqwqn57LPghN1WK3qBCHHcE
27PEHpplfT57aYHkfgDm52HddY05qEt/8qMvYQanl3S60QtNbeCIGVWbgrm9ss8y
MHIF5KM=
-----END CERTIFICATE-----
Generated at Wed Jan 31 17:50:00 2024 by rpki-client on console-ams.rpki-client.org