Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YU4QxVhMpv-sgldLo0zyK8Aw4bQ.cer
File: YU4QxVhMpv-sgldLo0zyK8Aw4bQ.cer (raw, json)
Hash identifier: 28kIf5EWxHfZOLRZkSBSMXmtS/AGmKrpr+I0c2Tpx24=
Subject key identifier: 61:4E:10:C5:58:4C:A6:FF:AC:82:57:4B:A3:4C:F2:2B:C0:30:E1:B4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0185701BD70B7A22F45A87DD6D16BF9102B5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/54/83c141-6c08-4635-9306-f21de4ee10f2/1/YU4QxVhMpv-sgldLo0zyK8Aw4bQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/54/83c141-6c08-4635-9306-f21de4ee10f2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 01:32:30 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 146.19.154.0/24
IP: 2a12:d500::/29
Validation: Failed, certificate revoked on Fri 17 Nov 2023 13:58:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1b:d7:0b:7a:22:f4:5a:87:dd:6d:16:bf:91:02:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 01:32:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=614e10c5584ca6ffac82574ba34cf22bc030e1b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9c:c0:6c:66:a3:8c:d9:cc:69:3b:63:db:48:
af:ff:7f:7e:f8:ae:f8:29:52:a5:ed:1b:72:b5:00:
ba:6e:c1:65:b4:bf:05:63:8e:f7:56:a5:b9:94:5f:
e4:ba:e6:0c:5a:fc:93:b0:33:ac:8a:af:3c:4a:e5:
e3:a9:92:c4:b9:30:52:a5:33:81:1e:b3:02:7a:f8:
a1:6e:00:95:53:b0:0b:e5:48:24:90:1f:07:80:0d:
0a:26:b7:0c:3d:04:8c:33:7c:1e:a1:f4:22:aa:6b:
f7:2d:7a:17:ff:b1:ac:1d:81:0d:97:fd:84:aa:c1:
d7:e2:5c:5c:06:31:b3:1e:15:3f:d3:fb:b4:66:42:
3a:c4:c7:ce:7f:79:76:e5:ec:ba:f0:7d:b9:e8:16:
76:21:a3:cc:de:66:da:4a:0c:4a:08:f2:84:ee:20:
e4:80:47:b7:e0:61:6e:7f:92:18:f6:99:4a:01:0f:
c1:f5:8e:fb:ca:ee:c8:fe:e8:38:c5:3e:64:08:f4:
f8:61:fc:eb:fb:29:71:09:da:d9:c1:54:38:a5:61:
a6:80:e8:3e:e6:b6:58:07:b0:fb:23:e3:76:ba:f5:
e5:eb:93:07:93:ee:30:ef:7f:34:65:7d:b2:f7:5e:
aa:f1:eb:15:82:86:0d:07:a1:4d:4d:12:03:28:27:
6d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:4E:10:C5:58:4C:A6:FF:AC:82:57:4B:A3:4C:F2:2B:C0:30:E1:B4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/83c141-6c08-4635-9306-f21de4ee10f2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/83c141-6c08-4635-9306-f21de4ee10f2/1/YU4QxVhMpv-sgldLo0zyK8Aw4bQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.154.0/24
IPv6:
2a12:d500::/29
Signature Algorithm: sha256WithRSAEncryption
16:e7:ad:7d:bb:dd:fa:18:06:a7:cf:21:5c:3d:f0:70:2b:1c:
2a:eb:11:33:2a:ec:32:79:ed:ba:40:c2:9c:4d:4c:e0:35:01:
6a:85:bc:66:b1:14:f5:85:3f:86:3f:3c:17:69:36:7c:fd:aa:
79:2f:5d:76:e7:eb:1a:37:fd:0a:43:de:64:0d:f8:77:f6:e0:
96:eb:e1:7c:f5:9b:7e:ce:d9:9c:d8:ed:ed:2a:35:8b:4b:aa:
0f:d9:b2:0e:d4:bd:0e:57:e3:54:0a:62:6a:f9:41:c8:72:8f:
c6:f8:87:f0:85:f4:7d:33:ad:f1:f0:06:b8:5c:06:30:bf:6b:
17:bc:10:e8:06:d9:8d:82:94:c2:67:64:f3:23:64:59:a7:fc:
c1:a6:a9:61:05:e7:74:5a:26:45:e9:0c:a5:71:1a:21:0a:d0:
e8:7a:d8:7c:67:d7:84:72:06:ea:07:3c:ef:39:3f:d9:51:36:
fc:55:26:9b:3d:ae:4b:65:0a:d6:33:a0:f0:68:c2:f0:3a:a3:
d0:64:3a:ee:3b:c7:6e:34:16:38:8f:91:e1:b6:21:99:34:ac:
7a:19:9d:64:7c:1e:2f:84:8f:a1:e5:bb:35:fe:85:d6:0d:b9:
05:c7:ef:ab:bf:be:d9:6e:a4:88:53:89:1d:4b:80:20:75:2a:
b2:28:ec:b7
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVwG9cLeiL0WofdbRa/kQK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDEzMjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTRlMTBjNTU4NGNhNmZmYWM4MjU3NGJhMzRjZjIyYmMwMzBlMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspzAbGajjNnMaTtj20iv/39++K74
KVKl7RtytQC6bsFltL8FY473VqW5lF/kuuYMWvyTsDOsiq88SuXjqZLEuTBSpTOB
HrMCevihbgCVU7AL5UgkkB8HgA0KJrcMPQSMM3weofQiqmv3LXoX/7GsHYENl/2E
qsHX4lxcBjGzHhU/0/u0ZkI6xMfOf3l25ey68H256BZ2IaPM3mbaSgxKCPKE7iDk
gEe34GFuf5IY9plKAQ/B9Y77yu7I/ug4xT5kCPT4Yfzr+ylxCdrZwVQ4pWGmgOg+
5rZYB7D7I+N2uvXl65MHk+4w7380ZX2y916q8esVgoYNB6FNTRIDKCdtOwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFGFOEMVYTKb/rIJXS6NM8ivAMOG0MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0LzgzYzE0
MS02YzA4LTQ2MzUtOTMwNi1mMjFkZTRlZTEwZjIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvODNjMTQx
LTZjMDgtNDYzNS05MzA2LWYyMWRlNGVlMTBmMi8xL1lVNFF4VmhNcHYtc2dsZExv
MHp5SzhBdzRiUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAkhOaMA0EAgACMAcDBQMqEtUAMA0GCSqGSIb3
DQEBCwUAA4IBAQAW5619u936GAanzyFcPfBwKxwq6xEzKuwyee26QMKcTUzgNQFq
hbxmsRT1hT+GPzwXaTZ8/ap5L1125+saN/0KQ95kDfh39uCW6+F89Zt+ztmc2O3t
KjWLS6oP2bIO1L0OV+NUCmJq+UHIco/G+IfwhfR9M63x8Aa4XAYwv2sXvBDoBtmN
gpTCZ2TzI2RZp/zBpqlhBed0WiZF6QylcRohCtDoeth8Z9eEcgbqBzzvOT/ZUTb8
VSabPa5LZQrWM6DwaMLwOqPQZDruO8duNBY4j5HhtiGZNKx6GZ1kfB4vhI+h5bs1
/oXWDbkFx++rv77ZbqSIU4kdS4AgdSqyKOy3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:10 2024 by rpki-client on console-fra.rpki-client.org