Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XFzAfPpPDWXmipUBnCVv1-22b0Q.cer
File: XFzAfPpPDWXmipUBnCVv1-22b0Q.cer (raw, json)
Hash identifier: mTZHGSy6ptgScdnx+/3TToDaFVIHae1QKvt6jxi3k0o=
Subject key identifier: 5C:5C:C0:7C:FA:4F:0D:65:E6:8A:95:01:9C:25:6F:D7:ED:B6:6F:44
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC56E0E497A1B75164D16168C584C8399
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/65/0f95a4-9785-456a-999b-0b22c780cb8d/1/XFzAfPpPDWXmipUBnCVv1-22b0Q.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/65/0f95a4-9785-456a-999b-0b22c780cb8d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 14:29:33 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 5.42.208.0/24
IP: 2a12:cac0::/29
Validation: Failed, certificate revoked on Tue 16 Apr 2024 08:13:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0e:49:7a:1b:75:16:4d:16:16:8c:58:4c:83:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c5cc07cfa4f0d65e68a95019c256fd7edb66f44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:40:d3:42:a0:81:9b:39:54:c1:22:02:17:71:
ce:91:e5:74:8a:a8:61:d3:d3:bd:9d:0b:03:d5:57:
f5:16:4b:7a:7d:c1:46:d5:16:0c:39:82:dc:9a:bb:
c4:32:ea:3e:d6:56:99:8a:cd:c7:00:1b:2d:fd:b4:
a0:2d:bd:6e:41:35:a4:c6:b5:66:50:90:76:d9:36:
da:48:e5:5c:42:4e:61:5d:6a:0c:6b:81:a6:a7:ed:
4f:80:2f:d8:d9:34:0a:0c:3a:e4:37:66:bb:f3:59:
39:c5:40:e9:e2:07:fa:0d:38:1c:8b:0d:80:08:51:
d6:91:42:33:72:42:f9:eb:d2:fa:2e:ab:c8:f1:d0:
60:1d:f7:30:ee:1e:e1:9b:71:13:08:05:01:f5:f3:
7c:81:a5:18:18:47:5a:ea:57:b1:70:f6:c3:bf:08:
80:bb:98:9b:b1:c6:02:f6:9a:01:b3:cc:d4:c1:e4:
41:25:80:ab:96:8d:27:88:b7:96:05:b3:1b:ec:98:
c5:a9:3f:5b:20:af:92:01:ab:56:47:5e:7d:26:f7:
30:ba:5e:ad:3b:9d:7f:f6:33:dc:b5:ce:d5:ae:41:
86:c6:f0:ed:71:9d:58:71:0a:9b:18:09:87:54:0f:
33:98:0c:f2:c1:2b:0a:1d:e8:59:c8:12:cb:02:4a:
85:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5C:C0:7C:FA:4F:0D:65:E6:8A:95:01:9C:25:6F:D7:ED:B6:6F:44
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f95a4-9785-456a-999b-0b22c780cb8d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f95a4-9785-456a-999b-0b22c780cb8d/1/XFzAfPpPDWXmipUBnCVv1-22b0Q.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.208.0/24
IPv6:
2a12:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
15:de:16:72:04:28:90:f5:e1:48:c9:af:52:36:dd:6d:38:c1:
fe:7e:2e:6d:32:26:7e:a7:e7:eb:30:ba:49:5d:c7:82:35:9a:
c5:17:04:b2:c7:ba:7b:74:76:4f:44:b2:0b:7f:60:11:cd:70:
4e:39:2c:2d:2f:c4:c7:21:10:11:d0:1e:d1:4c:43:ef:68:b4:
5d:cb:85:e8:45:33:31:f8:65:cb:1c:ff:85:3f:41:4e:3e:f5:
49:d8:35:bf:d2:56:49:b9:b3:0e:44:39:1e:50:29:37:40:36:
c7:99:cc:73:ca:fa:64:06:c4:07:16:6f:ea:68:14:55:79:8d:
d2:66:c5:b9:f0:75:47:ad:28:46:55:3c:3d:8a:49:df:0c:e4:
68:0e:8a:08:71:36:9d:35:d6:dd:2b:c2:d8:77:c0:33:58:48:
05:17:12:c2:18:34:bb:0f:2e:11:08:f1:1d:7f:56:8d:07:c7:
ac:92:34:0a:18:0e:c5:1c:ba:cd:82:41:13:b8:34:c4:fc:8e:
e0:9d:45:c0:26:5b:cb:90:00:b4:7b:8e:df:a6:35:aa:fb:c1:
ec:4e:83:10:67:95:64:40:63:92:f7:45:84:37:0c:f6:28:5f:
dd:19:34:2a:e1:72:f7:30:3e:23:c4:ea:73:98:e2:c5:39:df:
37:08:95:80
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzFbg5Jeht1Fk0WFoxYTIOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzVjYzA3Y2ZhNGYwZDY1ZTY4YTk1MDE5YzI1NmZkN2VkYjY2ZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEDTQqCBmzlUwSICF3HOkeV0iqhh
09O9nQsD1Vf1Fkt6fcFG1RYMOYLcmrvEMuo+1laZis3HABst/bSgLb1uQTWkxrVm
UJB22TbaSOVcQk5hXWoMa4Gmp+1PgC/Y2TQKDDrkN2a781k5xUDp4gf6DTgciw2A
CFHWkUIzckL569L6LqvI8dBgHfcw7h7hm3ETCAUB9fN8gaUYGEda6lexcPbDvwiA
u5ibscYC9poBs8zUweRBJYCrlo0niLeWBbMb7JjFqT9bIK+SAatWR159Jvcwul6t
O51/9jPctc7VrkGGxvDtcZ1YcQqbGAmHVA8zmAzywSsKHehZyBLLAkqFqQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFFxcwHz6Tw1l5oqVAZwlb9fttm9EMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY1LzBmOTVh
NC05Nzg1LTQ1NmEtOTk5Yi0wYjIyYzc4MGNiOGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUvMGY5NWE0
LTk3ODUtNDU2YS05OTliLTBiMjJjNzgwY2I4ZC8xL1hGekFmUHBQRFdYbWlwVUJu
Q1Z2MS0yMmIwUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQABSrQMA0EAgACMAcDBQMqEsrAMA0GCSqGSIb3
DQEBCwUAA4IBAQAV3hZyBCiQ9eFIya9SNt1tOMH+fi5tMiZ+p+frMLpJXceCNZrF
FwSyx7p7dHZPRLILf2ARzXBOOSwtL8THIRAR0B7RTEPvaLRdy4XoRTMx+GXLHP+F
P0FOPvVJ2DW/0lZJubMORDkeUCk3QDbHmcxzyvpkBsQHFm/qaBRVeY3SZsW58HVH
rShGVTw9iknfDORoDooIcTadNdbdK8LYd8AzWEgFFxLCGDS7Dy4RCPEdf1aNB8es
kjQKGA7FHLrNgkETuDTE/I7gnUXAJlvLkAC0e47fpjWq+8HsToMQZ5VkQGOS90WE
Nwz2KF/dGTQq4XL3MD4jxOpzmOLFOd83CJWA
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:10:47 2025 by rpki-client