Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XFs59ndt4Xz9PwE_RzhAaGgU0ro.cer
File: XFs59ndt4Xz9PwE_RzhAaGgU0ro.cer (raw, json)
Hash identifier: NKldSGJrwnD7kPXqz8YOLk7mIrcaEcJBkW17MqAnVS4=
Subject key identifier: 5C:5B:39:F6:77:6D:E1:7C:FD:3F:01:3F:47:38:40:68:68:14:D2:BA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018ADB0BE44D6B82A7A4EE0A7A0B34F42D1F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.roa.net/rrdp/xTom/47/5C5B39F6776DE17CFD3F013F473840686814D2BA.mft
caRepository: rsync://rpki.roa.net/rrdp/xTom/47/
Notify URL: https://rpki.roa.net/rrdp/notification.xml
Certificate not before: Thu 28 Sep 2023 09:08:24 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.64.79.0/24
Validation: Failed, certificate revoked on Thu 14 Dec 2023 12:39:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:0b:e4:4d:6b:82:a7:a4:ee:0a:7a:0b:34:f4:2d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 28 09:08:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c5b39f6776de17cfd3f013f473840686814d2ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:e1:96:0c:bb:60:9b:14:8c:c4:96:34:a5:a8:
56:af:3f:21:85:31:fb:8e:7a:5c:8c:e8:36:16:0f:
c1:75:7d:59:a4:97:4f:30:72:5c:06:7a:55:da:93:
06:98:65:00:e9:51:6f:e6:64:a3:d1:62:49:67:a5:
91:c2:f1:7c:68:6a:b1:23:a5:1e:a3:bb:af:8d:68:
1a:7b:b8:38:0c:a8:93:05:85:0c:1d:d4:23:2a:3e:
14:23:d0:c3:08:6c:33:0c:1f:ba:d5:d7:a1:91:4d:
52:e4:ff:64:4f:aa:9b:9a:0b:5c:02:13:f0:89:37:
b4:c1:14:34:bf:d6:31:c8:bb:40:ed:21:b7:9b:f2:
59:a0:69:fc:03:e8:5b:4a:65:77:d5:b1:0d:fe:51:
ce:d7:e6:d7:89:78:d6:6f:2b:24:f8:dc:cb:20:3e:
55:30:40:2e:1d:7a:fe:73:6e:a6:50:cb:f7:4a:35:
f9:31:2f:2a:82:87:cf:f7:38:0b:11:d6:8b:3c:85:
59:f4:be:ba:19:24:3b:86:a8:0b:52:d0:54:fe:7e:
e8:a0:50:a0:6b:77:b7:70:fe:e4:b7:0a:ca:4e:f4:
17:f0:62:28:8d:0a:a5:34:b9:9f:07:14:75:9e:61:
ba:70:42:e2:5e:bf:fe:0b:c1:c9:57:dc:f0:c1:dd:
10:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5B:39:F6:77:6D:E1:7C:FD:3F:01:3F:47:38:40:68:68:14:D2:BA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.roa.net/rrdp/xTom/47/
RPKI Manifest - URI:rsync://rpki.roa.net/rrdp/xTom/47/5C5B39F6776DE17CFD3F013F473840686814D2BA.mft
RPKI Notify - URI:https://rpki.roa.net/rrdp/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.79.0/24
Signature Algorithm: sha256WithRSAEncryption
66:87:b6:c6:7c:fa:f8:7c:4a:be:db:48:be:e2:9b:d5:28:24:
f8:de:a9:ff:4f:8a:35:10:02:14:b9:a9:51:0e:28:bb:35:f4:
30:a8:7b:70:49:58:fe:1b:97:ad:66:b3:b9:c0:63:ee:1d:7f:
00:19:9e:b4:f3:5e:10:8a:0c:f0:0e:04:bd:22:66:91:1b:fd:
b2:4b:80:ef:36:05:26:96:56:f6:73:df:bb:db:2b:cc:6c:ba:
eb:33:70:bf:91:9b:ca:ed:aa:a7:4b:5c:8d:bf:b3:9f:f9:2b:
9f:97:52:29:24:e3:1c:5a:9c:3b:18:54:0d:ab:2e:04:7c:91:
aa:57:d3:c7:bc:fc:53:95:7d:af:d8:1a:7e:5a:ea:8e:61:82:
c0:f2:ee:3e:fd:ef:cb:52:4a:a9:05:58:fc:25:a8:da:98:ff:
b6:e3:4e:51:a3:27:d7:de:3b:88:e1:0d:71:df:60:f1:39:ed:
da:71:d0:cb:30:03:b2:01:ec:18:42:0e:d0:bf:c6:17:db:b5:
e3:c5:88:18:30:69:ad:5d:21:43:97:63:c1:1b:16:cc:e4:30:
79:bf:d0:24:73:6c:a4:d8:fb:d9:b0:6c:b3:b5:66:b5:48:ba:
86:0b:ff:cf:2c:9b:af:ae:ff:d2:aa:aa:fe:d2:54:3a:8c:0e:
a4:e6:ec:41
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYrbC+RNa4KnpO4Kegs09C0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwOTI4MDkwODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzViMzlmNjc3NmRlMTdjZmQzZjAxM2Y0NzM4NDA2ODY4MTRkMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+GWDLtgmxSMxJY0pahWrz8hhTH7
jnpcjOg2Fg/BdX1ZpJdPMHJcBnpV2pMGmGUA6VFv5mSj0WJJZ6WRwvF8aGqxI6Ue
o7uvjWgae7g4DKiTBYUMHdQjKj4UI9DDCGwzDB+61dehkU1S5P9kT6qbmgtcAhPw
iTe0wRQ0v9YxyLtA7SG3m/JZoGn8A+hbSmV31bEN/lHO1+bXiXjWbysk+NzLID5V
MEAuHXr+c26mUMv3SjX5MS8qgofP9zgLEdaLPIVZ9L66GSQ7hqgLUtBU/n7ooFCg
a3e3cP7ktwrKTvQX8GIojQqlNLmfBxR1nmG6cELiXr/+C8HJV9zwwd0QOwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFFxbOfZ3beF8/T8BP0c4QGhoFNK6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgdQGCCsGAQUFBwELBIHHMIHEMC4GCCsGAQUFBzAFhiJyc3lu
YzovL3Jwa2kucm9hLm5ldC9ycmRwL3hUb20vNDcvMFoGCCsGAQUFBzAKhk5yc3lu
YzovL3Jwa2kucm9hLm5ldC9ycmRwL3hUb20vNDcvNUM1QjM5RjY3NzZERTE3Q0ZE
M0YwMTNGNDczODQwNjg2ODE0RDJCQS5tZnQwNgYIKwYBBQUHMA2GKmh0dHBzOi8v
cnBraS5yb2EubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0tw
U28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlATzANBgkqhkiG
9w0BAQsFAAOCAQEAZoe2xnz6+HxKvttIvuKb1Sgk+N6p/0+KNRACFLmpUQ4ouzX0
MKh7cElY/huXrWazucBj7h1/ABmetPNeEIoM8A4EvSJmkRv9skuA7zYFJpZW9nPf
u9srzGy66zNwv5Gbyu2qp0tcjb+zn/krn5dSKSTjHFqcOxhUDasuBHyRqlfTx7z8
U5V9r9gaflrqjmGCwPLuPv3vy1JKqQVY/CWo2pj/tuNOUaMn1947iOENcd9g8Tnt
2nHQyzADsgHsGEIO0L/GF9u148WIGDBprV0hQ5djwRsWzOQweb/QJHNspNj72bBs
s7VmtUi6hgv/zyybr67/0qqq/tJUOowOpObsQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:34:27 2024 by rpki-client on console-ams.rpki-client.org