Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QJq5wOMoITS7gl0QBJXRQiI-lew.cer
File: QJq5wOMoITS7gl0QBJXRQiI-lew.cer (raw, json)
Hash identifier: 3DKIieECuf6Izo1VAohy7Q5BGUXWW1mxgbt4e1nePcw=
Subject key identifier: 40:9A:B9:C0:E3:28:21:34:BB:82:5D:10:04:95:D1:42:22:3E:95:EC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856AF4DC70FCC0238EBAB89904652C367E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/78/db25e0-5143-4949-841b-4774089bd38e/1/QJq5wOMoITS7gl0QBJXRQiI-lew.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/78/db25e0-5143-4949-841b-4774089bd38e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 01:31:50 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 46.253.143.0/24
IP: 2a13:17c0::/29
Validation: Failed, certificate revoked on Tue 26 Sep 2023 07:27:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:f4:dc:70:fc:c0:23:8e:ba:b8:99:04:65:2c:36:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:31:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=409ab9c0e3282134bb825d100495d142223e95ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a3:2e:61:aa:4d:8d:f2:37:75:85:d3:fa:8f:
17:bd:79:09:0a:75:9b:4c:da:41:f4:d1:f4:13:83:
d7:7a:2d:e9:e1:3f:d8:9f:c3:f6:1e:e7:10:ea:a2:
9a:09:5b:3a:92:13:9c:e2:1c:4c:78:57:42:fb:55:
df:71:2b:17:94:28:76:bf:de:04:4d:25:dd:ec:c4:
d3:41:10:ff:2e:f8:7f:c2:9d:96:c3:5a:f1:48:60:
2e:8e:8e:14:1b:bb:f4:ff:1d:8f:51:2b:6f:45:c2:
56:66:b9:33:fd:34:84:f8:73:e4:7d:7d:9f:c0:cd:
98:1d:89:a3:0a:d2:53:28:f2:5a:df:7b:80:5f:50:
8b:c9:64:1c:ab:cc:b3:64:d5:9c:87:8e:0d:e8:6c:
ca:da:7b:a8:a0:0f:a1:47:6d:bb:32:3c:ba:ec:5b:
62:0d:b8:5c:5a:1d:4a:ce:78:c0:a9:1b:d8:07:88:
e2:7e:c2:b6:bd:5a:48:cc:6c:c3:f1:df:54:96:ca:
03:2c:40:01:e3:d5:8f:14:02:4a:2a:f3:c9:8d:b4:
85:87:14:2f:de:a6:7c:b5:0b:9a:1e:aa:78:70:14:
eb:fb:bd:e2:fc:46:15:52:92:a5:9f:f8:e0:dc:7e:
e5:b3:cb:61:60:e2:0f:8d:3e:55:37:1f:00:bb:d5:
5f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:9A:B9:C0:E3:28:21:34:BB:82:5D:10:04:95:D1:42:22:3E:95:EC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/db25e0-5143-4949-841b-4774089bd38e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/db25e0-5143-4949-841b-4774089bd38e/1/QJq5wOMoITS7gl0QBJXRQiI-lew.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.143.0/24
IPv6:
2a13:17c0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:69:7f:48:db:4f:e8:41:3d:86:6b:59:5d:be:be:f5:c9:cc:
41:94:7c:b7:34:86:07:6c:b6:ea:f5:9f:3b:ed:df:c6:67:23:
53:ff:37:fa:bc:f3:ed:e0:de:0c:78:70:c8:1e:f4:ca:f0:c4:
dc:24:ce:a3:28:c8:18:60:da:36:e5:cf:a3:02:4f:9b:c6:14:
26:ed:15:07:9c:d6:8c:40:c8:b1:ca:f1:2f:f0:45:5a:90:86:
1a:8b:a5:0e:36:46:f0:ff:15:66:74:57:1c:a5:08:1b:bc:a6:
35:54:de:91:0e:8a:ba:45:b1:36:4b:7b:42:f0:4a:97:3c:61:
c6:ff:00:c2:1c:68:43:c9:1b:23:c0:c4:ae:d4:42:6d:27:70:
e0:74:01:95:4f:4b:6f:90:68:83:bd:e3:52:5b:3b:54:81:a7:
0c:7e:e8:39:a6:51:25:46:01:08:23:80:94:43:d4:e7:c6:5f:
b3:8f:8a:22:e6:7b:80:e2:0f:89:44:82:c0:25:3b:cc:13:b6:
34:dc:3a:41:df:4a:3d:1c:aa:6d:72:ef:80:3d:59:8c:e0:10:
be:77:fd:01:01:c2:c7:d1:a5:f3:9f:78:78:eb:7b:48:2c:c0:
5d:ba:5e:03:76:8d:15:37:62:d5:85:10:67:3a:e9:7c:37:d2:
c8:2f:55:1f
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVq9Nxw/MAjjrq4mQRlLDZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDEzMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDlhYjljMGUzMjgyMTM0YmI4MjVkMTAwNDk1ZDE0MjIyM2U5NWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16MuYapNjfI3dYXT+o8XvXkJCnWb
TNpB9NH0E4PXei3p4T/Yn8P2HucQ6qKaCVs6khOc4hxMeFdC+1XfcSsXlCh2v94E
TSXd7MTTQRD/Lvh/wp2Ww1rxSGAujo4UG7v0/x2PUStvRcJWZrkz/TSE+HPkfX2f
wM2YHYmjCtJTKPJa33uAX1CLyWQcq8yzZNWch44N6GzK2nuooA+hR227Mjy67Fti
DbhcWh1KznjAqRvYB4jifsK2vVpIzGzD8d9UlsoDLEAB49WPFAJKKvPJjbSFhxQv
3qZ8tQuaHqp4cBTr+73i/EYVUpKln/jg3H7ls8thYOIPjT5VNx8Au9Vf7wIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFECaucDjKCE0u4JdEASV0UIiPpXsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4L2RiMjVl
MC01MTQzLTQ5NDktODQxYi00Nzc0MDg5YmQzOGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGIyNWUw
LTUxNDMtNDk0OS04NDFiLTQ3NzQwODliZDM4ZS8xL1FKcTV3T01vSVRTN2dsMFFC
SlhSUWlJLWxldy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQALv2PMA0EAgACMAcDBQMqExfAMA0GCSqGSIb3
DQEBCwUAA4IBAQBMaX9I20/oQT2Ga1ldvr71ycxBlHy3NIYHbLbq9Z877d/GZyNT
/zf6vPPt4N4MeHDIHvTK8MTcJM6jKMgYYNo25c+jAk+bxhQm7RUHnNaMQMixyvEv
8EVakIYai6UONkbw/xVmdFccpQgbvKY1VN6RDoq6RbE2S3tC8EqXPGHG/wDCHGhD
yRsjwMSu1EJtJ3DgdAGVT0tvkGiDveNSWztUgacMfug5plElRgEII4CUQ9Tnxl+z
j4oi5nuA4g+JRILAJTvME7Y03DpB30o9HKptcu+APVmM4BC+d/0BAcLH0aXzn3h4
63tILMBdul4Ddo0VN2LVhRBnOul8N9LIL1Uf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:32:10 2024 by rpki-client on console-ams.rpki-client.org