Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Y3EI4NGZkv3Av7bicTcwT9VDQ20.cer
File: Y3EI4NGZkv3Av7bicTcwT9VDQ20.cer (raw, json)
Hash identifier: WPZzSj9QQShx7mYDxy6nNH1kiKoJ2RRdeOhHaEhOL28=
Subject key identifier: 63:71:08:E0:D1:99:92:FD:C0:BF:B6:E2:71:37:30:4F:D5:43:43:6D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019424B2A1159C9954CA92E03FC7F25E2717
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ef/185b1b-9885-4de6-bc5f-b9121a6f7189/1/Y3EI4NGZkv3Av7bicTcwT9VDQ20.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ef/185b1b-9885-4de6-bc5f-b9121a6f7189/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 01:47:53 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 195.238.253.0/24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 13:19:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:a1:15:9c:99:54:ca:92:e0:3f:c7:f2:5e:27:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=637108e0d19992fdc0bfb6e27137304fd543436d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:20:80:1d:b6:f1:83:2a:39:fe:1c:9e:91:95:
14:bf:4a:e1:32:6a:7b:b8:40:7a:ef:df:a5:6c:39:
ad:da:74:d4:bf:2e:34:f2:a5:55:02:5c:37:8b:a3:
f0:0d:d8:55:74:43:58:79:70:80:7b:f1:2d:e2:86:
32:eb:33:7a:1f:c6:3c:62:07:87:b8:7c:9f:59:e0:
16:b9:70:3f:ea:e9:8d:39:50:34:fe:a7:6c:00:fe:
31:a7:07:03:9a:9e:14:a4:74:f5:e4:47:e8:6f:15:
fb:c9:b6:6f:8e:03:63:24:43:62:a7:8b:71:78:5f:
57:71:56:0b:7f:a9:c6:68:90:ef:e0:4e:ef:85:4d:
94:18:10:cd:9b:25:e4:6c:e7:01:35:b7:59:e6:2c:
05:a4:b1:97:17:49:92:e6:9d:b1:84:2e:2a:b1:3d:
6d:74:6d:ac:00:fc:7e:85:a5:6c:10:03:a3:02:ad:
15:56:45:a1:12:99:1a:2c:9a:d9:c1:13:85:1f:22:
5d:46:1a:a8:82:4f:1f:cc:9c:4d:2c:eb:19:35:ad:
98:0b:5d:f9:ac:a0:00:2b:19:2c:26:a5:2e:96:03:
ae:6d:d8:32:2e:27:19:97:17:2f:92:ac:87:74:0f:
fa:e9:68:ed:e0:72:fd:6e:75:dc:61:97:34:57:df:
3c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:71:08:E0:D1:99:92:FD:C0:BF:B6:E2:71:37:30:4F:D5:43:43:6D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/185b1b-9885-4de6-bc5f-b9121a6f7189/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/185b1b-9885-4de6-bc5f-b9121a6f7189/1/Y3EI4NGZkv3Av7bicTcwT9VDQ20.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.253.0/24
Signature Algorithm: sha256WithRSAEncryption
af:22:3d:15:f7:d1:e7:77:70:2d:8b:08:6f:6a:8f:ae:77:3c:
28:d4:59:8d:a2:69:e2:40:1d:97:90:ca:1f:5d:0c:8a:5c:0b:
fa:6c:34:f0:de:f7:d0:71:fb:21:23:c2:cb:93:9d:4e:68:a8:
de:95:37:4d:17:9f:c9:90:61:b1:cd:f9:cd:05:5f:4c:58:47:
20:42:e9:60:ce:e9:5c:04:4e:97:f8:50:a2:6f:b3:c9:58:f3:
f4:c7:1c:9d:8d:26:8e:d7:6a:08:2d:97:4e:d7:fc:82:ce:47:
47:d3:2d:3d:3e:31:0e:d1:a3:29:a4:05:ae:76:10:59:52:82:
75:a2:14:ec:4b:c0:20:6c:3a:49:7a:3e:14:13:ed:26:af:05:
56:31:d9:87:89:56:59:4d:8a:be:2e:53:7a:0d:70:bf:f5:65:
4f:01:fb:f8:39:3f:e5:d2:d2:46:3b:70:e5:ef:66:01:62:94:
10:b2:7b:25:80:3c:69:86:f9:53:70:fb:82:59:1f:b6:d5:4a:
85:ec:d9:fb:19:7f:99:64:db:58:f8:43:fe:4b:a4:36:7c:de:
ed:bb:bf:1e:b0:e2:b7:b4:42:c6:ee:47:c4:80:39:ff:f9:da:
bd:b2:16:a2:fc:00:09:61:0e:48:69:01:23:4c:33:56:bf:e7:
c8:c4:8e:2b
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQksqEVnJlUypLgP8fyXicXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzcxMDhlMGQxOTk5MmZkYzBiZmI2ZTI3MTM3MzA0ZmQ1NDM0MzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSCAHbbxgyo5/hyekZUUv0rhMmp7
uEB679+lbDmt2nTUvy408qVVAlw3i6PwDdhVdENYeXCAe/Et4oYy6zN6H8Y8YgeH
uHyfWeAWuXA/6umNOVA0/qdsAP4xpwcDmp4UpHT15EfobxX7ybZvjgNjJENip4tx
eF9XcVYLf6nGaJDv4E7vhU2UGBDNmyXkbOcBNbdZ5iwFpLGXF0mS5p2xhC4qsT1t
dG2sAPx+haVsEAOjAq0VVkWhEpkaLJrZwROFHyJdRhqogk8fzJxNLOsZNa2YC135
rKAAKxksJqUulgOubdgyLicZlxcvkqyHdA/66Wjt4HL9bnXcYZc0V9882QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFGNxCODRmZL9wL+24nE3ME/VQ0NtMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VmLzE4NWIx
Yi05ODg1LTRkZTYtYmM1Zi1iOTEyMWE2ZjcxODkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYvMTg1YjFi
LTk4ODUtNGRlNi1iYzVmLWI5MTIxYTZmNzE4OS8xL1kzRUk0Tkdaa3YzQXY3Ymlj
VGN3VDlWRFEyMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAw+79MA0GCSqGSIb3DQEBCwUAA4IBAQCvIj0V
99Hnd3Atiwhvao+udzwo1FmNomniQB2XkMofXQyKXAv6bDTw3vfQcfshI8LLk51O
aKjelTdNF5/JkGGxzfnNBV9MWEcgQulgzulcBE6X+FCib7PJWPP0xxydjSaO12oI
LZdO1/yCzkdH0y09PjEO0aMppAWudhBZUoJ1ohTsS8AgbDpJej4UE+0mrwVWMdmH
iVZZTYq+LlN6DXC/9WVPAfv4OT/l0tJGO3Dl72YBYpQQsnslgDxphvlTcPuCWR+2
1UqF7Nn7GX+ZZNtY+EP+S6Q2fN7tu78esOK3tELG7kfEgDn/+dq9shai/AAJYQ5I
aQEjTDNWv+fIxI4r
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:34:35 2025 by rpki-client