Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OrealBA8A-mbUgGnmNM4hlvmNXQ.cer
File: OrealBA8A-mbUgGnmNM4hlvmNXQ.cer (raw, json)
Hash identifier: tC7dw3fqFjd0ZgD3Ya5Tfji1UdKitL4v5ACebbhIFRg=
Subject key identifier: 3A:B7:9A:94:10:3C:03:E9:9B:52:01:A7:98:D3:38:86:5B:E6:35:74
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC794FC35186613876EC056DFDFA575A6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/42/91dd41-0090-4679-9dbf-ee3b581aaa07/1/OrealBA8A-mbUgGnmNM4hlvmNXQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/42/91dd41-0090-4679-9dbf-ee3b581aaa07/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:31:19 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 185.140.173.0/24
IP: 2a14:700::/29
Validation: Failed, certificate revoked on Thu 02 May 2024 10:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:fc:35:18:66:13:87:6e:c0:56:df:df:a5:75:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ab79a94103c03e99b5201a798d338865be63574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:05:6d:07:d7:d6:39:a2:1d:07:8e:4a:88:77:
21:ed:e4:e3:7b:ab:b1:c9:83:ba:17:10:d3:56:eb:
3a:f2:ef:e0:08:ce:e0:55:78:c7:90:9a:7c:da:69:
e7:0d:af:cc:6c:dc:21:a4:72:90:b2:a8:69:c8:a9:
72:38:90:00:f7:8c:8c:cf:14:40:9b:b4:47:36:fa:
6f:e1:59:1b:fa:34:50:a2:92:2c:49:1a:a0:98:2e:
ba:b1:3d:78:6f:6a:ef:54:ad:5a:d6:47:23:13:93:
02:60:b7:7a:d2:c5:91:6a:c6:ba:8e:87:b4:7d:21:
1b:1b:4e:79:b5:3e:44:c9:82:62:f0:98:b0:41:e4:
bd:94:08:07:1d:5c:f8:1c:71:12:1e:43:5b:8d:d8:
98:ca:06:25:80:9e:cb:9d:45:05:71:47:9f:95:6e:
fe:ad:1a:1d:20:e8:cf:be:5c:58:c5:55:f8:41:25:
b7:b7:83:d5:b4:c9:d7:87:be:40:d2:2c:1f:b0:74:
6a:d8:7e:51:b1:7a:1c:86:a1:42:91:93:11:7f:27:
8f:4a:4d:af:bb:0e:9c:cf:0f:87:9c:80:3e:aa:0f:
ba:42:8f:12:a3:6a:1b:fd:05:22:b0:af:e0:10:54:
a7:d8:f7:59:b9:62:c0:7f:58:ca:74:67:9b:0a:16:
06:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B7:9A:94:10:3C:03:E9:9B:52:01:A7:98:D3:38:86:5B:E6:35:74
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/91dd41-0090-4679-9dbf-ee3b581aaa07/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/91dd41-0090-4679-9dbf-ee3b581aaa07/1/OrealBA8A-mbUgGnmNM4hlvmNXQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.173.0/24
IPv6:
2a14:700::/29
Signature Algorithm: sha256WithRSAEncryption
31:35:49:c7:28:00:e9:7e:21:f4:7c:f7:ec:4a:5a:91:a0:7e:
8f:81:85:a6:47:b1:5c:89:dd:24:62:1e:d0:8c:2b:8d:61:12:
ed:d8:0e:32:61:56:c0:69:57:65:da:59:cd:9c:8e:81:58:55:
05:a5:a7:0f:a4:a6:ba:d3:88:62:87:88:57:83:c1:51:a1:76:
93:9a:0a:39:17:33:4c:86:c7:a8:b8:ed:f9:74:e1:38:80:ac:
60:57:90:e7:ff:27:49:5c:6e:c2:74:b1:a1:8b:00:a6:86:14:
c5:d4:2a:dc:4a:04:b1:a9:51:cf:dd:06:14:4d:8f:14:b1:6a:
f8:db:4b:57:2f:7b:cf:98:56:42:2b:ab:30:a3:e8:a3:ae:8e:
54:9d:18:13:bf:24:41:14:fa:51:6a:82:65:ef:b9:31:0d:aa:
09:c6:b6:30:53:d5:71:22:4d:d3:e6:aa:79:94:c2:2c:4f:0f:
2b:2c:60:58:52:ef:ef:b8:b6:4c:c0:67:1b:19:31:31:a1:4f:
bb:5d:e8:b5:a9:fb:a0:5a:b2:60:7b:d6:b1:1c:6c:da:05:9e:
d3:fb:3a:42:67:2b:ff:0c:8f:1d:16:bf:44:63:33:c7:62:c5:
ef:f2:05:ff:b9:ea:8e:af:c2:6c:5b:67:23:13:20:03:a4:54:
e0:ae:3d:d9
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzHlPw1GGYTh27AVt/fpXWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWI3OWE5NDEwM2MwM2U5OWI1MjAxYTc5OGQzMzg4NjViZTYzNTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwVtB9fWOaIdB45KiHch7eTje6ux
yYO6FxDTVus68u/gCM7gVXjHkJp82mnnDa/MbNwhpHKQsqhpyKlyOJAA94yMzxRA
m7RHNvpv4Vkb+jRQopIsSRqgmC66sT14b2rvVK1a1kcjE5MCYLd60sWRasa6joe0
fSEbG055tT5EyYJi8JiwQeS9lAgHHVz4HHESHkNbjdiYygYlgJ7LnUUFcUeflW7+
rRodIOjPvlxYxVX4QSW3t4PVtMnXh75A0iwfsHRq2H5RsXochqFCkZMRfyePSk2v
uw6czw+HnIA+qg+6Qo8So2ob/QUisK/gEFSn2PdZuWLAf1jKdGebChYGcQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFDq3mpQQPAPpm1IBp5jTOIZb5jV0MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQyLzkxZGQ0
MS0wMDkwLTQ2NzktOWRiZi1lZTNiNTgxYWFhMDcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIvOTFkZDQx
LTAwOTAtNDY3OS05ZGJmLWVlM2I1ODFhYWEwNy8xL09yZWFsQkE4QS1tYlVnR25t
Tk00aGx2bU5YUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAuYytMA0EAgACMAcDBQMqFAcAMA0GCSqGSIb3
DQEBCwUAA4IBAQAxNUnHKADpfiH0fPfsSlqRoH6PgYWmR7Fcid0kYh7QjCuNYRLt
2A4yYVbAaVdl2lnNnI6BWFUFpacPpKa604hih4hXg8FRoXaTmgo5FzNMhseouO35
dOE4gKxgV5Dn/ydJXG7CdLGhiwCmhhTF1CrcSgSxqVHP3QYUTY8UsWr420tXL3vP
mFZCK6swo+ijro5UnRgTvyRBFPpRaoJl77kxDaoJxrYwU9VxIk3T5qp5lMIsTw8r
LGBYUu/vuLZMwGcbGTExoU+7Xei1qfugWrJge9axHGzaBZ7T+zpCZyv/DI8dFr9E
YzPHYsXv8gX/ueqOr8JsW2cjEyADpFTgrj3Z
-----END CERTIFICATE-----
Generated at Thu May 2 13:56:34 2024 by rpki-client on console-ams.rpki-client.org