Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XY5Yg_oX6T7aKcmlB2urqJeKiNY.cer
File: XY5Yg_oX6T7aKcmlB2urqJeKiNY.cer (raw, json)
Hash identifier: yKbw+MD114AixE0PleRwqqVlCeSixLzcicsTq6RgecI=
Subject key identifier: 5D:8E:58:83:FA:17:E9:3E:DA:29:C9:A5:07:6B:AB:A8:97:8A:88:D6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01892003EEDAA864CDE90FD633F71B415C9D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/4e4c505e-f236-4169-9f4e-3ad99578db6c/0/5D8E5883FA17E93EDA29C9A5076BABA8978A88D6.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/4e4c505e-f236-4169-9f4e-3ad99578db6c/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Tue 04 Jul 2023 08:27:55 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 195.211.51.0/24
Validation: Failed, certificate revoked on Fri 15 Dec 2023 11:09:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:03:ee:da:a8:64:cd:e9:0f:d6:33:f7:1b:41:5c:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jul 4 08:27:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d8e5883fa17e93eda29c9a5076baba8978a88d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f9:e0:50:17:38:3b:98:b3:19:9c:23:1e:0e:
3d:71:e5:6b:4e:81:43:d7:81:52:06:61:b4:c9:e1:
a0:dd:3c:30:c7:24:32:4a:81:cf:af:51:f6:d1:cd:
0c:ce:73:83:34:58:45:f6:61:a2:e5:ea:ce:6e:c7:
dc:6f:09:d5:dd:a6:4e:0d:16:2c:6c:12:dd:e2:02:
38:e2:ff:36:ed:88:54:1e:5e:9f:99:2d:1b:73:47:
7c:ea:6a:60:44:88:ee:a7:ae:a7:b6:4c:d0:ce:2e:
42:72:2a:83:82:1b:7c:b0:3b:b6:ba:5a:d6:8d:ae:
e4:4c:98:61:83:48:56:16:c5:97:6f:e8:e7:eb:81:
aa:62:2b:ec:d7:55:e5:e1:22:40:cf:0b:79:d0:d6:
60:da:b3:19:99:62:6a:57:9b:05:21:ae:6e:ad:b5:
12:aa:96:7a:ab:05:bf:28:b9:c6:68:a2:e3:b8:1d:
b1:81:2c:4b:74:3c:0d:ed:61:22:d2:f5:fd:e3:58:
58:55:fe:d3:c6:62:4b:46:3f:97:24:20:b8:66:9a:
0b:1d:18:29:b1:bf:3e:ba:d4:7d:7d:87:e4:76:07:
e8:66:30:b2:39:80:1e:06:c1:b4:dc:f3:35:7a:33:
c4:b9:6a:2c:0b:9d:51:ab:11:90:b4:0f:80:68:c4:
f8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8E:58:83:FA:17:E9:3E:DA:29:C9:A5:07:6B:AB:A8:97:8A:88:D6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/4e4c505e-f236-4169-9f4e-3ad99578db6c/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/4e4c505e-f236-4169-9f4e-3ad99578db6c/0/5D8E5883FA17E93EDA29C9A5076BABA8978A88D6.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.51.0/24
Signature Algorithm: sha256WithRSAEncryption
86:e6:ef:32:22:90:dc:bb:88:a9:3e:17:8f:77:95:eb:06:97:
2f:7a:4d:45:e8:24:43:6c:4b:27:50:e6:a9:74:59:fb:4b:aa:
60:11:5d:67:3d:74:13:9b:32:c1:f0:7d:39:08:4f:55:28:ae:
c3:dd:41:11:99:07:5a:5c:53:8c:da:f4:b8:27:f5:cd:91:2a:
52:c0:4b:26:3a:f0:36:c8:84:9e:f0:0a:5c:c8:02:cf:4a:0b:
9f:3c:e4:e7:97:1f:fa:f3:18:3a:e9:70:49:82:6f:bd:cc:32:
12:3f:68:a5:c7:a7:ec:c6:fa:7a:90:3a:e0:41:43:31:ec:fe:
da:1e:2f:c3:a4:cd:62:99:5b:ef:f6:bb:29:fc:ef:d8:cd:04:
cb:d8:d9:d9:4f:ce:d3:31:15:d5:d9:49:7d:61:27:cf:7a:b3:
9d:5d:2c:a5:32:3c:de:75:d5:bc:81:f7:9d:c6:67:8e:67:6b:
d9:61:92:93:3d:c5:c7:a3:f1:50:30:e6:f8:ac:ce:79:61:5a:
59:0f:34:a8:dd:66:7e:cf:8a:5a:cd:48:a0:f4:8d:1a:25:b8:
0b:c0:8e:68:78:6a:ac:fe:76:e7:3a:99:8b:b4:0d:6f:60:91:
bf:fb:a9:84:b2:8b:c8:39:60:8b:20:24:74:94:62:1f:61:82:
d5:fa:f4:0c
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYkgA+7aqGTN6Q/WM/cbQVydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwNzA0MDgyNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhlNTg4M2ZhMTdlOTNlZGEyOWM5YTUwNzZiYWJhODk3OGE4OGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/ngUBc4O5izGZwjHg49ceVrToFD
14FSBmG0yeGg3TwwxyQySoHPr1H20c0MznODNFhF9mGi5erObsfcbwnV3aZODRYs
bBLd4gI44v827YhUHl6fmS0bc0d86mpgRIjup66ntkzQzi5CciqDght8sDu2ulrW
ja7kTJhhg0hWFsWXb+jn64GqYivs11Xl4SJAzwt50NZg2rMZmWJqV5sFIa5urbUS
qpZ6qwW/KLnGaKLjuB2xgSxLdDwN7WEi0vX941hYVf7TxmJLRj+XJCC4ZpoLHRgp
sb8+utR9fYfkdgfoZjCyOYAeBsG03PM1ejPEuWosC51RqxGQtA+AaMT4ZQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFF2OWIP6F+k+2inJpQdrq6iXiojWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzRlNGM1
MDVlLWYyMzYtNDE2OS05ZjRlLTNhZDk5NTc4ZGI2Yy8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNGU0
YzUwNWUtZjIzNi00MTY5LTlmNGUtM2FkOTk1NzhkYjZjLzAvNUQ4RTU4ODNGQTE3
RTkzRURBMjlDOUE1MDc2QkFCQTg5NzhBODhENi5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AMPTMzANBgkqhkiG9w0BAQsFAAOCAQEAhubvMiKQ3LuIqT4Xj3eV6waXL3pNRegk
Q2xLJ1DmqXRZ+0uqYBFdZz10E5sywfB9OQhPVSiuw91BEZkHWlxTjNr0uCf1zZEq
UsBLJjrwNsiEnvAKXMgCz0oLnzzk55cf+vMYOulwSYJvvcwyEj9opcen7Mb6epA6
4EFDMez+2h4vw6TNYplb7/a7Kfzv2M0Ey9jZ2U/O0zEV1dlJfWEnz3qznV0spTI8
3nXVvIH3ncZnjmdr2WGSkz3Fx6PxUDDm+KzOeWFaWQ80qN1mfs+KWs1IoPSNGiW4
C8COaHhqrP525zqZi7QNb2CRv/uphLKLyDlgiyAkdJRiH2GC1fr0DA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:57 2024 by rpki-client on console-fra.rpki-client.org