Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KwTPALpO6M3Z_0SuiD5muz0br6A.cer
File: KwTPALpO6M3Z_0SuiD5muz0br6A.cer (raw, json)
Hash identifier: hlRjPBuxEYea9e+wkGB8Mj2g4nuf/1dgwkZortZ+Hnk=
Subject key identifier: 2B:04:CF:00:BA:4E:E8:CD:D9:FF:44:AE:88:3E:66:BB:3D:1B:AF:A0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856ED29AD4D48F4FDFD7B5F26123DCBAEC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9a/17bf7d-c69e-4be5-8a45-fd8ead27cfba/1/KwTPALpO6M3Z_0SuiD5muz0br6A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9a/17bf7d-c69e-4be5-8a45-fd8ead27cfba/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 19:32:54 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.199.80.0/22
IP: 2a0a:9940::/29
Validation: Failed, certificate revoked on Mon 23 Oct 2023 13:52:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d2:9a:d4:d4:8f:4f:df:d7:b5:f2:61:23:dc:ba:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:32:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b04cf00ba4ee8cdd9ff44ae883e66bb3d1bafa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:aa:00:72:e0:da:2c:62:94:e7:a8:32:3e:20:
8b:17:2c:00:c4:72:d6:a5:0b:f2:d3:23:7a:d6:73:
cb:35:fb:73:85:29:5c:6a:c8:97:06:fd:5d:51:49:
28:98:12:0d:5c:d3:10:80:c5:06:70:ca:fd:dc:2b:
fa:c2:60:16:c0:0d:ea:1e:c3:01:7f:d1:7b:46:90:
23:5c:98:b4:49:85:5e:ac:b8:59:ac:93:22:a7:c8:
74:76:be:bc:bd:9c:5f:44:26:35:4b:b1:8c:8a:63:
f1:e0:76:52:f7:db:79:ee:ed:f6:15:2c:b9:31:43:
b3:e4:b4:71:f0:58:b4:17:1e:05:de:2a:06:cb:56:
f3:76:8e:f1:a7:45:03:58:3b:83:58:1a:c5:37:29:
31:ad:c3:13:39:44:21:c0:a2:e9:59:9b:ec:68:bf:
1c:ba:fb:1b:04:50:cf:c8:19:9c:7d:a0:14:c6:60:
bb:39:91:64:48:3c:47:bb:05:46:53:2b:00:6f:af:
f4:c1:13:5b:8a:99:12:c5:7e:8f:67:d8:a3:11:09:
bb:90:39:54:0d:6e:32:ee:16:ec:27:3f:c1:e1:aa:
a4:a0:1a:83:d1:2b:14:d4:a6:f3:60:6f:ca:a2:06:
b3:72:5d:b9:22:9f:5c:6a:6e:da:46:32:9a:47:56:
4a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:04:CF:00:BA:4E:E8:CD:D9:FF:44:AE:88:3E:66:BB:3D:1B:AF:A0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/17bf7d-c69e-4be5-8a45-fd8ead27cfba/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/17bf7d-c69e-4be5-8a45-fd8ead27cfba/1/KwTPALpO6M3Z_0SuiD5muz0br6A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.80.0/22
IPv6:
2a0a:9940::/29
Signature Algorithm: sha256WithRSAEncryption
84:bd:52:f4:62:fc:49:69:16:4a:1b:0c:63:43:85:a1:4a:fd:
b1:5e:c2:45:25:10:af:72:aa:f2:75:f8:08:78:c6:64:fa:9e:
d3:e7:b4:bf:4f:13:7d:b0:73:f0:f6:b9:2c:bd:b5:a0:ef:e5:
45:c1:49:40:6b:05:3e:ca:7c:a8:0f:d8:7f:09:ae:2e:02:1e:
a8:7f:bd:ed:06:04:c6:d2:52:82:36:4b:09:d6:91:5d:c3:d9:
1c:2d:ac:ee:c5:9c:82:fc:48:97:0f:ec:42:97:d8:34:4f:70:
d8:36:60:fd:f5:8c:19:11:6c:67:74:f5:38:20:67:11:57:4b:
cf:f3:b6:72:5b:ac:8e:e5:bf:77:c7:af:7a:3f:ff:c6:4e:a3:
be:93:6f:48:2e:b9:e6:ae:87:33:c8:81:d8:88:a7:93:29:19:
61:5a:8d:70:e8:04:b9:f3:d0:34:11:0d:c3:13:4b:9a:9d:f0:
a6:e9:e4:29:8c:df:f9:ec:d7:b0:18:b4:f8:82:25:32:5b:dd:
19:48:4b:e5:20:49:35:9e:12:c9:2c:b4:63:34:31:31:f2:fe:
54:5c:9d:34:91:60:9f:67:24:57:19:83:3e:1d:82:c8:15:5a:
6f:b1:80:58:ed:13:29:2c:f3:14:79:45:24:38:e4:fb:2d:f2:
f4:98:09:14
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVu0prU1I9P39e18mEj3LrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTkzMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjA0Y2YwMGJhNGVlOGNkZDlmZjQ0YWU4ODNlNjZiYjNkMWJhZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6oAcuDaLGKU56gyPiCLFywAxHLW
pQvy0yN61nPLNftzhSlcasiXBv1dUUkomBINXNMQgMUGcMr93Cv6wmAWwA3qHsMB
f9F7RpAjXJi0SYVerLhZrJMip8h0dr68vZxfRCY1S7GMimPx4HZS99t57u32FSy5
MUOz5LRx8Fi0Fx4F3ioGy1bzdo7xp0UDWDuDWBrFNykxrcMTOUQhwKLpWZvsaL8c
uvsbBFDPyBmcfaAUxmC7OZFkSDxHuwVGUysAb6/0wRNbipkSxX6PZ9ijEQm7kDlU
DW4y7hbsJz/B4aqkoBqD0SsU1KbzYG/Kogazcl25Ip9cam7aRjKaR1ZKuwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFCsEzwC6TujN2f9Erog+Zrs9G6+gMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlhLzE3YmY3
ZC1jNjllLTRiZTUtOGE0NS1mZDhlYWQyN2NmYmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEvMTdiZjdk
LWM2OWUtNGJlNS04YTQ1LWZkOGVhZDI3Y2ZiYS8xL0t3VFBBTHBPNk0zWl8wU3Vp
RDVtdXowYnI2QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCucdQMA0EAgACMAcDBQMqCplAMA0GCSqGSIb3
DQEBCwUAA4IBAQCEvVL0YvxJaRZKGwxjQ4WhSv2xXsJFJRCvcqrydfgIeMZk+p7T
57S/TxN9sHPw9rksvbWg7+VFwUlAawU+ynyoD9h/Ca4uAh6of73tBgTG0lKCNksJ
1pFdw9kcLazuxZyC/EiXD+xCl9g0T3DYNmD99YwZEWxndPU4IGcRV0vP87ZyW6yO
5b93x696P//GTqO+k29ILrnmroczyIHYiKeTKRlhWo1w6AS589A0EQ3DE0uanfCm
6eQpjN/57NewGLT4giUyW90ZSEvlIEk1nhLJLLRjNDEx8v5UXJ00kWCfZyRXGYM+
HYLIFVpvsYBY7RMpLPMUeUUkOOT7LfL0mAkU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:43:54 2024 by rpki-client on console-fra.rpki-client.org