Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QY9mcT3FEF7ygWfQayjvzAHKI3Q.cer
File: QY9mcT3FEF7ygWfQayjvzAHKI3Q.cer (raw, json)
Hash identifier: XkE7S2Vl538Z8r6OPGqATYZCvZ8usMqQGKM5Z8ikYns=
Subject key identifier: 41:8F:66:71:3D:C5:10:5E:F2:81:67:D0:6B:28:EF:CC:01:CA:23:74
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0187222C0AA6370EF87BACB84BF9ECD522D0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/186/418F66713DC5105EF28167D06B28EFCC01CA2374.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/186
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Mon 27 Mar 2023 08:25:24 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 146.19.81.0/24
Validation: Failed, certificate revoked on Thu 31 Aug 2023 12:13:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:22:2c:0a:a6:37:0e:f8:7b:ac:b8:4b:f9:ec:d5:22:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 27 08:25:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=418f66713dc5105ef28167d06b28efcc01ca2374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:10:ff:52:a8:ab:42:26:35:1e:d4:cb:ed:57:
57:86:1e:fc:a3:a2:d3:96:36:17:d3:2a:c9:28:15:
ce:25:1f:cf:34:96:64:cc:da:ab:b6:5b:f1:56:d9:
b7:c8:2f:68:d3:d7:6e:69:bf:ba:91:d1:26:f9:d3:
fa:f6:16:1a:1d:31:51:31:e4:41:f0:da:47:da:86:
e0:48:4e:51:a4:84:a5:a3:55:3f:b1:2e:e7:54:7b:
e6:40:10:24:e5:03:d1:8a:d6:89:64:23:b6:86:6d:
fa:5f:c5:74:b7:b2:d4:c7:ed:c4:47:b5:73:d3:9c:
2c:41:f7:4d:d3:1b:76:1c:16:5c:7a:3d:60:f8:01:
9d:63:64:c6:c9:bf:c1:ce:11:e3:25:d6:bb:d6:34:
ba:ea:ab:02:9e:b4:97:c7:a4:a2:ac:ec:b6:78:6e:
50:e7:64:72:3b:3c:d2:57:e1:28:92:95:67:11:5a:
91:97:53:93:e1:52:a8:e4:7d:af:73:c8:a0:5a:b6:
28:e0:54:d9:57:ea:e8:2d:c9:f6:16:d6:ef:0e:22:
06:1f:3a:dc:9d:2d:a9:ec:7b:65:a8:39:e5:bd:cd:
b1:5e:30:90:5d:69:8b:d7:41:29:4d:fe:2b:46:6d:
e8:00:e6:32:91:5e:85:e3:32:52:00:4a:19:82:b5:
17:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:8F:66:71:3D:C5:10:5E:F2:81:67:D0:6B:28:EF:CC:01:CA:23:74
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/186
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/186/418F66713DC5105EF28167D06B28EFCC01CA2374.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.81.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:da:9a:39:f9:95:42:92:0e:35:6d:4b:38:8e:02:11:cc:a2:
ae:06:93:7a:f1:40:38:3b:b6:69:c5:fc:bb:11:8a:10:2a:33:
c4:b5:e5:b4:3f:8c:97:f2:0a:80:42:14:a6:13:2b:70:13:65:
98:d2:f7:a6:88:dc:93:70:a0:2c:77:a4:b9:e3:5a:4a:5e:b4:
78:39:7c:76:25:9e:af:12:29:58:f5:95:e3:25:53:35:8b:74:
06:b9:d7:b8:b3:87:97:11:b9:c0:00:e2:fc:8d:86:da:5a:f4:
c7:8f:18:e8:12:2f:9c:9d:4f:32:20:1d:b0:8b:88:04:e4:4e:
1f:5b:93:7f:b2:48:e6:6d:ce:c3:a7:38:19:74:c9:d6:ca:2f:
00:c8:40:95:41:d0:d0:5a:51:f0:7a:61:d0:ca:d0:68:c7:33:
78:a0:74:2a:82:0d:8d:3c:6d:c2:c4:c5:75:7a:12:8c:30:5c:
e2:4c:4e:52:33:79:2b:a7:99:ce:41:cd:48:ed:a1:e4:6a:a4:
ba:ef:b4:57:bc:c1:c5:4d:7c:3a:3d:a7:50:01:6b:b9:0b:80:
83:d1:c4:d8:65:e7:28:46:6f:8f:44:5a:98:c0:5c:21:37:02:
18:0e:70:9f:b7:76:75:f6:64:0a:40:0f:19:96:63:66:d8:50:
6a:e6:b6:a0
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYciLAqmNw74e6y4S/ns1SLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMzI3MDgyNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MThmNjY3MTNkYzUxMDVlZjI4MTY3ZDA2YjI4ZWZjYzAxY2EyMzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxD/UqirQiY1HtTL7VdXhh78o6LT
ljYX0yrJKBXOJR/PNJZkzNqrtlvxVtm3yC9o09duab+6kdEm+dP69hYaHTFRMeRB
8NpH2obgSE5RpISlo1U/sS7nVHvmQBAk5QPRitaJZCO2hm36X8V0t7LUx+3ER7Vz
05wsQfdN0xt2HBZcej1g+AGdY2TGyb/BzhHjJda71jS66qsCnrSXx6SirOy2eG5Q
52RyOzzSV+EokpVnEVqRl1OT4VKo5H2vc8igWrYo4FTZV+roLcn2FtbvDiIGHzrc
nS2p7HtlqDnlvc2xXjCQXWmL10EpTf4rRm3oAOYykV6F4zJSAEoZgrUXCQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFEGPZnE9xRBe8oFn0Gso78wByiN0MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggFDBggrBgEFBQcBCwSCATUwggExMGAGCCsGAQUFBzAFhlRy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZlMzcw
OGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBiOTlhZi8xODYwgY4GCCsGAQUFBzAK
hoGBcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9m
ZTM3MDhhMC02N2Q1LTRhYzItYWJjNC1hMzMyNTkwYjk5YWYvMTg2LzQxOEY2Njcx
M0RDNTEwNUVGMjgxNjdEMDZCMjhFRkNDMDFDQTIzNzQubWZ0MDwGCCsGAQUFBzAN
hjBodHRwczovL3JyZHAucGFhcy5ycGtpLnJpcGUubmV0L25vdGlmaWNhdGlvbi54
bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9z
aXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACSE1EwDQYJKoZIhvcNAQELBQADggEBAKHamjn5lUKSDjVtSziOAhHMoq4G
k3rxQDg7tmnF/LsRihAqM8S15bQ/jJfyCoBCFKYTK3ATZZjS96aI3JNwoCx3pLnj
WkpetHg5fHYlnq8SKVj1leMlUzWLdAa517izh5cRucAA4vyNhtpa9MePGOgSL5yd
TzIgHbCLiATkTh9bk3+ySOZtzsOnOBl0ydbKLwDIQJVB0NBaUfB6YdDK0GjHM3ig
dCqCDY08bcLExXV6EowwXOJMTlIzeSunmc5BzUjtoeRqpLrvtFe8wcVNfDo9p1AB
a7kLgIPRxNhl5yhGb49EWpjAXCE3AhgOcJ+3dnX2ZApADxmWY2bYUGrmtqA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:32:14 2024 by rpki-client on console-ams.rpki-client.org