Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
File: OpaAI5VFXKAGecQdXAVsrpXUtX0.cer (raw, json)
Hash identifier: a8+B332iTd0MUruEyV6XoisGb2uHl4IFZ6PbwWGIj10=
Subject key identifier: 3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01887D2897043F586CDB808567CCDF1B162F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3A96802395455CA00679C41D5C056CAE95D4B57D.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Fri 02 Jun 2023 17:29:52 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 31.6.0.0/18
IP: 178.208.160.0/19
IP: 185.29.164.0/22
Validation: Failed, certificate revoked on Wed 13 Sep 2023 08:52:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7d:28:97:04:3f:58:6c:db:80:85:67:cc:df:1b:16:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 2 17:29:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a96802395455ca00679c41d5c056cae95d4b57d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:35:ef:2f:5a:13:c2:c9:95:54:f9:31:0b:21:
48:9a:35:ce:4b:28:35:af:05:78:c3:36:99:69:b0:
a9:a2:7d:ce:2d:2f:0f:6f:5b:30:c7:52:84:00:0f:
ce:74:a8:f4:7e:d9:01:67:f9:e7:f8:0b:74:08:06:
a9:9a:8e:e8:b1:b1:3d:e8:fd:69:47:ef:6d:8f:00:
a8:90:0d:55:2b:02:8c:17:2b:a4:8f:62:00:0b:ac:
ae:24:58:22:88:57:9c:f2:4b:17:7b:ea:25:cd:5e:
f9:02:0b:22:92:58:db:e5:cd:12:ef:c8:f3:95:e3:
21:63:1e:ec:dd:da:ef:3b:c0:85:ff:58:23:4d:af:
b4:44:b8:f9:26:43:ef:84:f0:76:9d:02:90:95:fe:
05:44:d8:47:c0:2a:bb:62:7b:5d:42:44:ed:eb:b7:
cf:19:9d:46:bf:a4:4f:b3:53:76:df:47:5a:fe:2a:
de:22:ae:dc:3b:16:56:ab:f2:c2:4d:db:ed:30:88:
51:55:a6:93:fe:44:7e:01:6f:24:b8:57:25:5b:b2:
6c:51:58:dc:b2:d9:51:a7:4c:62:73:12:b0:13:73:
a6:f3:65:ae:7f:75:b0:67:ff:ed:e0:4d:19:d7:34:
44:44:8b:eb:7d:33:0e:ab:a7:08:5b:19:1d:60:02:
f4:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3A96802395455CA00679C41D5C056CAE95D4B57D.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.0.0/18
178.208.160.0/19
185.29.164.0/22
Signature Algorithm: sha256WithRSAEncryption
33:a2:34:c7:23:36:15:6f:65:cf:fb:7a:be:46:3d:e5:da:5d:
51:d7:6d:2d:26:68:f9:67:90:9b:1e:77:6f:9c:8c:26:a9:8d:
dc:f0:46:51:39:fa:bc:e9:5e:01:13:f7:d1:8e:2e:06:34:94:
29:75:b7:a8:91:14:47:ec:a1:a0:dd:49:6f:30:e1:ca:fb:3f:
7d:13:6c:2b:29:43:c6:a2:8b:30:40:a1:93:06:c3:b7:5a:b7:
58:01:07:98:ac:04:d6:51:41:30:2f:db:04:0c:6e:7e:1f:a5:
82:2c:e6:17:45:1c:32:a3:a4:00:ad:98:ca:97:c4:05:aa:a5:
a4:0a:8d:1b:8b:f9:4d:f7:55:bd:88:84:1f:0c:b3:79:50:23:
92:e6:55:f1:21:e9:2e:83:e7:de:03:63:c4:ec:ae:04:0f:73:
57:a3:55:37:25:ad:59:59:cd:68:06:3c:cd:b0:61:f0:a9:f7:
b2:47:1e:0c:57:56:61:93:69:61:9b:9c:34:89:dc:93:70:a3:
77:80:2c:fc:e8:c2:05:e2:ed:9b:da:84:f3:3f:be:6d:92:d4:
32:fe:18:3e:08:78:ea:29:c2:1e:fa:83:8a:8c:dd:0f:8f:3f:
58:85:96:4b:96:a4:bb:33:71:43:ba:e5:42:ba:c1:1d:27:9b:
a0:5c:bb:ca
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYh9KJcEP1hs24CFZ8zfGxYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwNjAyMTcyOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTk2ODAyMzk1NDU1Y2EwMDY3OWM0MWQ1YzA1NmNhZTk1ZDRiNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzXvL1oTwsmVVPkxCyFImjXOSyg1
rwV4wzaZabCpon3OLS8Pb1swx1KEAA/OdKj0ftkBZ/nn+At0CAapmo7osbE96P1p
R+9tjwCokA1VKwKMFyukj2IAC6yuJFgiiFec8ksXe+olzV75Agsikljb5c0S78jz
leMhYx7s3drvO8CF/1gjTa+0RLj5JkPvhPB2nQKQlf4FRNhHwCq7YntdQkTt67fP
GZ1Gv6RPs1N230da/ireIq7cOxZWq/LCTdvtMIhRVaaT/kR+AW8kuFclW7JsUVjc
stlRp0xicxKwE3Om82Wuf3WwZ//t4E0Z1zRERIvrfTMOq6cIWxkdYAL0xwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFDqWgCOVRVygBnnEHVwFbK6V1LV9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2EyZmZi
Y2U3LTg4ZGQtNGNhOS1iMjQ1LTExNjM4NmNlZTc4OC8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTJm
ZmJjZTctODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2VlNzg4LzAvM0E5NjgwMjM5NTQ1
NUNBMDA2NzlDNDFENUMwNTZDQUU5NUQ0QjU3RC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgME
Bh8GAAMEBbLQoAMEArkdpDANBgkqhkiG9w0BAQsFAAOCAQEAM6I0xyM2FW9lz/t6
vkY95dpdUddtLSZo+WeQmx53b5yMJqmN3PBGUTn6vOleARP30Y4uBjSUKXW3qJEU
R+yhoN1JbzDhyvs/fRNsKylDxqKLMEChkwbDt1q3WAEHmKwE1lFBMC/bBAxufh+l
gizmF0UcMqOkAK2YypfEBaqlpAqNG4v5TfdVvYiEHwyzeVAjkuZV8SHpLoPn3gNj
xOyuBA9zV6NVNyWtWVnNaAY8zbBh8Kn3skceDFdWYZNpYZucNInck3Cjd4As/OjC
BeLtm9qE8z++bZLUMv4YPgh46inCHvqDiozdD48/WIWWS5akuzNxQ7rlQrrBHSeb
oFy7yg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:44:54 2024 by rpki-client on console-fra.rpki-client.org