Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Gj9iJc7pwIZG4tbavIv2u7Iz7-o.cer
File: Gj9iJc7pwIZG4tbavIv2u7Iz7-o.cer (raw, json)
Hash identifier: DXwuGBjAiFA72NWZdS9erIMBNwk70RtyN90A0znsXeU=
Subject key identifier: 1A:3F:62:25:CE:E9:C0:86:46:E2:D6:DA:BC:8B:F6:BB:B2:33:EF:EA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018572456DC8BCBE139AD1CBF31FFDB2B0A1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b1/11debc-a3ed-4a5b-b73e-294ea22cf9a6/1/Gj9iJc7pwIZG4tbavIv2u7Iz7-o.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b1/11debc-a3ed-4a5b-b73e-294ea22cf9a6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 11:37:10 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 203884
IP: 2001:67c:27bc::/48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:45:6d:c8:bc:be:13:9a:d1:cb:f3:1f:fd:b2:b0:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a3f6225cee9c08646e2d6dabc8bf6bbb233efea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a6:2a:f7:7d:fd:b6:62:53:bd:c3:53:8d:d6:
44:0c:b4:30:fd:a5:92:dd:fd:36:06:e5:44:fb:60:
84:8a:d0:80:ee:26:ec:9c:0a:23:7f:3c:07:2e:19:
de:55:18:0f:30:18:a8:69:6f:bf:0c:95:10:4c:de:
77:24:9d:5c:1f:cf:2e:f8:6f:0d:f1:e3:19:d1:56:
16:ae:0b:34:61:13:73:43:1a:83:c2:59:9a:a8:5e:
f3:21:b5:ca:1b:0f:e5:09:d9:c3:d5:ab:9b:49:78:
6d:e2:65:6b:5b:fb:63:ce:45:5a:b6:9d:99:f6:d6:
df:35:3a:08:b0:1e:aa:b9:1b:5d:96:a9:0b:24:18:
52:64:0f:c5:6b:99:6e:49:52:98:a0:24:a7:f2:cc:
e5:e0:2f:bb:18:1f:7e:29:4b:55:38:01:c9:d9:a8:
d8:f0:2d:9d:ea:4d:0e:d4:fb:45:92:e7:fc:41:9c:
8e:3c:01:12:be:fd:5c:e1:e5:f3:08:5c:56:4b:43:
5d:74:4b:40:6c:80:69:7d:b9:69:b3:26:9b:ab:80:
5a:16:d5:bc:dc:7a:2d:f4:7b:8a:24:f0:e6:06:85:
a2:c3:a3:86:4f:83:0f:c0:dc:82:8b:e1:72:1e:f6:
8b:cf:dc:2b:87:64:b8:cd:4c:ab:31:53:1b:bf:a0:
6a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:3F:62:25:CE:E9:C0:86:46:E2:D6:DA:BC:8B:F6:BB:B2:33:EF:EA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/11debc-a3ed-4a5b-b73e-294ea22cf9a6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/11debc-a3ed-4a5b-b73e-294ea22cf9a6/1/Gj9iJc7pwIZG4tbavIv2u7Iz7-o.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:27bc::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
203884
Signature Algorithm: sha256WithRSAEncryption
8f:bb:67:fe:17:70:a9:3d:5d:6b:60:ad:eb:8e:45:01:e3:59:
79:4b:af:66:18:62:66:c3:78:83:ae:c2:0c:5e:2f:5a:17:c0:
df:15:8d:66:ea:b1:3e:ed:bd:dc:c7:35:20:15:10:b0:4e:c4:
04:e3:f9:86:50:9f:4c:33:70:2a:c6:7b:a0:5c:3d:ea:63:73:
f8:95:25:79:68:1b:7f:e7:2f:ca:ce:b9:b0:4d:02:46:a4:10:
85:e9:1a:6a:a8:07:9f:ac:59:23:78:77:3c:a4:d4:3f:ba:08:
d4:74:1c:49:8c:1c:5d:c9:f3:67:91:fd:8f:39:e4:e0:1b:73:
f9:04:16:af:8b:4f:99:b1:0b:4b:1c:ac:20:52:3e:9f:3d:47:
53:78:dc:31:1c:1c:2e:7d:b3:b2:77:df:83:e0:bc:17:91:e0:
57:24:03:eb:a1:4c:c7:a0:7b:b4:21:87:83:95:1b:5e:30:fb:
e3:28:b6:00:2d:a2:f5:0d:c8:ce:f2:70:7d:ec:a1:1b:2d:bb:
5b:dc:73:58:71:9a:11:d8:f0:30:fd:f1:29:a7:bc:72:52:0f:
5b:3e:36:71:6f:68:8d:27:ad:2b:f6:3f:92:9d:89:bb:9f:4e:
91:f9:65:ad:55:49:d2:fd:62:ac:7c:7e:20:15:6c:61:56:7d:
de:d7:06:a4
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYVyRW3IvL4TmtHL8x/9srChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMTEzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTNmNjIyNWNlZTljMDg2NDZlMmQ2ZGFiYzhiZjZiYmIyMzNlZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKYq9339tmJTvcNTjdZEDLQw/aWS
3f02BuVE+2CEitCA7ibsnAojfzwHLhneVRgPMBioaW+/DJUQTN53JJ1cH88u+G8N
8eMZ0VYWrgs0YRNzQxqDwlmaqF7zIbXKGw/lCdnD1aubSXht4mVrW/tjzkVatp2Z
9tbfNToIsB6quRtdlqkLJBhSZA/Fa5luSVKYoCSn8szl4C+7GB9+KUtVOAHJ2ajY
8C2d6k0O1PtFkuf8QZyOPAESvv1c4eXzCFxWS0NddEtAbIBpfblpsyabq4BaFtW8
3Hot9HuKJPDmBoWiw6OGT4MPwNyCi+FyHvaLz9wrh2S4zUyrMVMbv6BqiQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFBo/YiXO6cCGRuLW2ryL9ruyM+/qMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IxLzExZGVi
Yy1hM2VkLTRhNWItYjczZS0yOTRlYTIyY2Y5YTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEvMTFkZWJj
LWEzZWQtNGE1Yi1iNzNlLTI5NGVhMjJjZjlhNi8xL0dqOWlKYzdwd0laRzR0YmF2
SXYydTdJejctby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCe8MBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMcbDANBgkqhkiG9w0BAQsFAAOCAQEAj7tn/hdwqT1da2Ct645FAeNZeUuv
ZhhiZsN4g67CDF4vWhfA3xWNZuqxPu293Mc1IBUQsE7EBOP5hlCfTDNwKsZ7oFw9
6mNz+JUleWgbf+cvys65sE0CRqQQhekaaqgHn6xZI3h3PKTUP7oI1HQcSYwcXcnz
Z5H9jznk4Btz+QQWr4tPmbELSxysIFI+nz1HU3jcMRwcLn2zsnffg+C8F5HgVyQD
66FMx6B7tCGHg5UbXjD74yi2AC2i9Q3IzvJwfeyhGy27W9xzWHGaEdjwMP3xKae8
clIPWz42cW9ojSetK/Y/kp2Ju59OkfllrVVJ0v1irHx+IBVsYVZ93tcGpA==
-----END CERTIFICATE-----
Generated at Wed Nov 8 08:54:37 2023 by rpki-client on console-fra.rpki-client.org