Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
File: YMmqi3HlSL11ZbpmP6MvfRrsQas.cer (raw, json)
Hash identifier: +WA6aXYzUdcqGOA0D3yNK/FIrDgzAFrpXjSGxL7ku+Y=
Subject key identifier: 60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856E656B18FE655826E233A021ED4B6C4D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/YMmqi3HlSL11ZbpmP6MvfRrsQas.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 17:33:38 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 212836
IP: 45.155.224.0/22
IP: 45.156.220.0/22
IP: 91.209.182.0/24
IP: 194.62.214.0/23
IP: 194.76.0.0/23
IP: 194.120.144.0/24
IP: 194.120.164.0/24
IP: 194.120.171.0/24
IP: 194.120.230.0/24
IP: 2a0b:1f00::/29
IP: 2a0f:22c0::/29
IP: 2a0f:cf40::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:65:6b:18:fe:65:58:26:e2:33:a0:21:ed:4b:6c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:33:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6c:47:94:40:ff:a1:b6:bb:9f:50:82:9a:26:
72:45:fd:59:18:5b:f5:f6:7d:09:60:f5:de:a3:58:
43:9c:fe:96:7f:f4:05:82:19:67:26:4c:a5:c1:41:
da:5c:5b:62:b1:2b:13:02:af:63:62:1a:52:01:01:
e1:6c:78:9d:c8:0e:4a:84:e7:ac:6b:96:d1:fa:47:
97:36:1a:1e:ae:d2:a3:d0:0c:7b:60:69:9c:a0:b9:
24:b1:43:b7:b3:93:b2:12:9d:83:96:a1:ac:19:81:
13:0e:0f:6a:8d:80:f3:7a:01:84:14:0c:ce:28:7b:
f5:96:96:8f:1b:2c:92:1d:16:99:bd:15:ef:7a:75:
8b:88:21:27:91:66:1f:9c:cc:a7:ac:53:23:6e:f3:
be:0c:d4:3a:d4:83:e8:8f:49:16:cf:3c:7a:a5:d4:
e4:a9:9f:0a:87:3f:5b:4f:b6:47:30:28:12:3d:65:
78:2b:5c:6c:f3:e4:75:9d:ba:01:7d:2e:22:5e:f4:
c9:d1:db:3e:7f:01:d0:f6:c6:e7:60:bc:d2:62:16:
48:7d:83:77:21:1e:7e:64:e0:62:01:b6:98:28:d2:
74:36:2f:54:5d:ec:52:25:1a:98:16:b2:02:64:09:
c6:ec:27:45:b1:6e:c3:90:a6:00:77:20:2d:43:b0:
5c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/YMmqi3HlSL11ZbpmP6MvfRrsQas.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.224.0/22
45.156.220.0/22
91.209.182.0/24
194.62.214.0/23
194.76.0.0/23
194.120.144.0/24
194.120.164.0/24
194.120.171.0/24
194.120.230.0/24
IPv6:
2a0b:1f00::/29
2a0f:22c0::/29
2a0f:cf40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
212836
Signature Algorithm: sha256WithRSAEncryption
2d:58:64:6b:33:af:23:5c:7e:72:a9:08:06:9e:46:84:d9:00:
9e:3d:bb:b8:bc:a2:af:f5:e2:11:33:df:b4:31:13:55:47:94:
a0:e1:79:09:15:63:37:2f:c5:29:6a:e5:78:07:61:cf:b2:51:
8e:92:1e:92:41:64:c1:6d:d7:90:43:37:f7:99:91:e8:1c:5c:
1e:d0:8e:c2:48:75:ba:a7:ad:27:62:13:4f:79:c7:3c:d8:4e:
14:45:9d:65:f8:9b:d3:33:3a:49:18:a5:f9:c7:5f:ba:1a:90:
ad:04:90:88:63:ec:fa:6b:2a:12:b4:cc:d6:a8:37:a5:05:32:
01:49:77:da:2b:d6:a5:bb:12:1b:c6:12:f8:c0:d6:60:b1:b1:
e1:38:8f:54:64:fa:19:75:d5:da:11:57:31:17:61:63:ef:7e:
60:5c:97:dc:65:a2:75:a0:2c:ee:82:9b:51:d3:68:04:dd:88:
68:9e:4d:e4:74:06:bc:e1:c3:ba:a6:f6:5a:0e:c3:8b:0c:50:
93:26:a1:1e:5f:44:59:90:b7:d8:d0:09:be:a9:05:ad:7e:03:
24:a9:e5:a4:13:82:36:e7:25:30:3b:f0:f6:6b:bc:93:4e:81:
58:a1:78:13:6b:e2:73:76:00:a1:42:b4:3a:75:22:fa:97:78:
b6:fc:a8:cb
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYVuZWsY/mVYJuIzoCHtS2xNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTczMzM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGM5YWE4YjcxZTU0OGJkNzU2NWJhNjYzZmEzMmY3ZDFhZWM0MWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WxHlED/oba7n1CCmiZyRf1ZGFv1
9n0JYPXeo1hDnP6Wf/QFghlnJkylwUHaXFtisSsTAq9jYhpSAQHhbHidyA5KhOes
a5bR+keXNhoertKj0Ax7YGmcoLkksUO3s5OyEp2DlqGsGYETDg9qjYDzegGEFAzO
KHv1lpaPGyySHRaZvRXvenWLiCEnkWYfnMynrFMjbvO+DNQ61IPoj0kWzzx6pdTk
qZ8Khz9bT7ZHMCgSPWV4K1xs8+R1nboBfS4iXvTJ0ds+fwHQ9sbnYLzSYhZIfYN3
IR5+ZOBiAbaYKNJ0Ni9UXexSJRqYFrICZAnG7CdFsW7DkKYAdyAtQ7BchwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFGDJqotx5Ui9dWW6Zj+jL30a7EGrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FhLzM4YjU0
Mi00Njc3LTRhN2UtYjIxMi1jOGFjY2UxNTZmMGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEvMzhiNTQy
LTQ2NzctNGE3ZS1iMjEyLWM4YWNjZTE1NmYwZC8xL1lNbXFpM0hsU0wxMVpicG1Q
Nk12ZlJyc1Fhcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGwGCCsGAQUF
BwEHAQH/BF0wWzA8BAIAATA2AwQCLZvgAwQCLZzcAwQAW9G2AwQBwj7WAwQBwkwA
AwQAwniQAwQAwnikAwQAwnirAwQAwnjmMBsEAgACMBUDBQMqCx8AAwUDKg8iwAMF
AyoPz0AwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAz9kMA0GCSqGSIb3DQEBCwUA
A4IBAQAtWGRrM68jXH5yqQgGnkaE2QCePbu4vKKv9eIRM9+0MRNVR5Sg4XkJFWM3
L8UpauV4B2HPslGOkh6SQWTBbdeQQzf3mZHoHFwe0I7CSHW6p60nYhNPecc82E4U
RZ1l+JvTMzpJGKX5x1+6GpCtBJCIY+z6ayoStMzWqDelBTIBSXfaK9aluxIbxhL4
wNZgsbHhOI9UZPoZddXaEVcxF2Fj735gXJfcZaJ1oCzugptR02gE3Yhonk3kdAa8
4cO6pvZaDsOLDFCTJqEeX0RZkLfY0Am+qQWtfgMkqeWkE4I25yUwO/D2a7yTToFY
oXgTa+JzdgChQrQ6dSL6l3i2/KjL
-----END CERTIFICATE-----
Generated at Fri Dec 22 08:58:04 2023 by rpki-client on console-fra.rpki-client.org