Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
File: IYFM8so-F5k0nM1Mfmp21j-DSj0.cer (raw, json)
Hash identifier: PPStlOdbiZQXFO1l4KGTwF88fF3ej8UuzjAXnQQHy0M=
Subject key identifier: 21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856D897F9D9199759065C70DC32D876771
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/IYFM8so-F5k0nM1Mfmp21j-DSj0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 13:33:25 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 57238
IP: 45.80.4.0/22
IP: 45.132.96.0/22
IP: 45.146.104.0/22
IP: 82.118.24.0/21
IP: 92.114.4.0/23
IP: 141.98.72.0/22
IP: 212.2.236.0/22
IP: 213.225.236.0/22
IP: 2a03:2780::/32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:89:7f:9d:91:99:75:90:65:c7:0d:c3:2d:87:67:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:33:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ec:af:9b:97:b6:16:b1:ef:af:d4:47:21:f2:
86:f4:85:69:96:58:bc:da:18:c4:78:6f:0d:df:b0:
9a:d9:ae:3d:2b:38:cd:95:81:2f:01:1b:3d:c0:1d:
d7:90:18:65:e2:de:db:24:4b:02:df:80:f2:f0:82:
7c:a8:2a:04:f4:bd:6c:3d:55:8e:5b:99:11:ce:1b:
fc:f2:bf:77:41:00:e6:8b:40:96:d3:66:d6:de:0b:
21:6f:3c:d2:80:da:a5:3b:f0:44:a7:b8:9b:c2:1d:
7a:b5:d6:37:0a:cf:10:29:9d:46:05:29:8c:bc:4f:
d0:2b:6c:5a:35:06:a1:bb:6d:99:ef:0d:eb:a5:fe:
7f:5f:49:0c:fe:bf:41:10:4c:2d:2e:8d:82:7e:94:
fc:de:28:1e:6a:2c:f8:5f:56:7a:02:0f:e2:1d:b0:
77:19:53:dd:17:7b:10:d0:44:7b:79:ff:49:70:36:
94:37:c7:e0:98:83:5e:c4:23:b0:25:21:ca:40:6c:
0b:f4:7e:89:f1:50:39:e5:05:25:11:ed:38:a3:04:
c3:3c:79:e3:40:2d:43:f2:5a:a1:e9:80:e1:ab:6f:
dd:53:b6:dc:46:3b:30:75:d2:8e:9a:d3:be:9c:76:
e7:d4:d9:ef:16:40:7f:0a:a3:17:a2:ef:84:67:9b:
be:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/IYFM8so-F5k0nM1Mfmp21j-DSj0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.4.0/22
45.132.96.0/22
45.146.104.0/22
82.118.24.0/21
92.114.4.0/23
141.98.72.0/22
212.2.236.0/22
213.225.236.0/22
IPv6:
2a03:2780::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
57238
Signature Algorithm: sha256WithRSAEncryption
25:1d:39:9e:43:83:ad:28:a4:78:c7:07:e6:9e:5f:b4:e1:49:
40:12:88:3b:12:55:4f:81:27:3b:4d:07:36:32:22:4c:e0:6b:
eb:a7:8c:d3:2e:94:43:46:2f:c2:81:19:57:7d:6f:d7:45:cd:
04:d7:90:85:97:5a:95:bb:a0:2b:05:b0:35:26:d1:8a:78:c2:
08:f6:06:bb:e7:cd:1a:2d:52:e1:b3:9a:4c:a4:e1:f0:b5:47:
b6:80:04:4f:44:35:e1:b2:03:41:55:ea:8b:7f:76:82:e9:11:
f7:66:af:5d:6e:b8:48:2d:ab:bb:2a:41:7b:5c:5a:f7:f2:b9:
3e:fe:28:50:cf:3c:22:97:4c:a2:86:0d:54:70:08:58:ed:56:
d4:28:38:4d:14:5e:55:f4:89:63:a5:b1:02:b8:68:24:20:78:
fc:76:76:03:b7:fb:8a:42:00:df:b3:16:c5:7f:55:cb:c9:6c:
2e:cc:9c:1a:e9:90:3d:12:f2:36:86:f9:e5:62:96:82:8c:dc:
ff:ad:2e:51:0b:27:63:52:c7:cf:00:64:4f:1c:c9:34:46:fd:
75:b4:14:00:71:01:66:e4:34:db:50:ce:30:e2:1a:8f:14:59:
6b:2d:40:bd:84:56:52:62:7a:62:24:10:b7:b4:ae:5a:ba:de:
b3:34:2a:bc
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAYVtiX+dkZl1kGXHDcMth2dxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTMzMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTgxNGNmMmNhM2UxNzk5MzQ5Y2NkNGM3ZTZhNzZkNjNmODM0YTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+yvm5e2FrHvr9RHIfKG9IVplli8
2hjEeG8N37Ca2a49KzjNlYEvARs9wB3XkBhl4t7bJEsC34Dy8IJ8qCoE9L1sPVWO
W5kRzhv88r93QQDmi0CW02bW3gshbzzSgNqlO/BEp7ibwh16tdY3Cs8QKZ1GBSmM
vE/QK2xaNQahu22Z7w3rpf5/X0kM/r9BEEwtLo2CfpT83igeaiz4X1Z6Ag/iHbB3
GVPdF3sQ0ER7ef9JcDaUN8fgmINexCOwJSHKQGwL9H6J8VA55QUlEe04owTDPHnj
QC1D8lqh6YDhq2/dU7bcRjswddKOmtO+nHbn1NnvFkB/CqMXou+EZ5u+qwIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFCGBTPLKPheZNJzNTH5qdtY/g0o9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE4LzAxZjg1
My1kNDQ1LTRhY2UtYThkOC0yMjcwMWI0YmI0MDcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvMDFmODUz
LWQ0NDUtNGFjZS1hOGQ4LTIyNzAxYjRiYjQwNy8xL0lZRk04c28tRjVrMG5NMU1m
bXAyMWotRFNqMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFgGCCsGAQUF
BwEHAQH/BEkwRzA2BAIAATAwAwQCLVAEAwQCLYRgAwQCLZJoAwQDUnYYAwQBXHIE
AwQCjWJIAwQC1ALsAwQC1eHsMA0EAgACMAcDBQAqAyeAMBoGCCsGAQUFBwEIAQH/
BAswCaAHMAUCAwDfljANBgkqhkiG9w0BAQsFAAOCAQEAJR05nkODrSikeMcH5p5f
tOFJQBKIOxJVT4EnO00HNjIiTOBr66eM0y6UQ0YvwoEZV31v10XNBNeQhZdalbug
KwWwNSbRinjCCPYGu+fNGi1S4bOaTKTh8LVHtoAET0Q14bIDQVXqi392gukR92av
XW64SC2ruypBe1xa9/K5Pv4oUM88IpdMooYNVHAIWO1W1Cg4TRReVfSJY6WxArho
JCB4/HZ2A7f7ikIA37MWxX9Vy8lsLsycGumQPRLyNob55WKWgozc/60uUQsnY1LH
zwBkTxzJNEb9dbQUAHEBZuQ021DOMOIajxRZay1AvYRWUmJ6YiQQt7SuWrreszQq
vA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:23 2023 by rpki-client on console-ams.rpki-client.org