Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_zbtM3WmqJXK3Ung7NQplFSzuJw.cer
File: _zbtM3WmqJXK3Ung7NQplFSzuJw.cer (raw, json)
Hash identifier: GAF98tLJe5CKnEO7TM/hldl2sar11oksCZ7pN52CcUA=
Subject key identifier: FF:36:ED:33:75:A6:A8:95:CA:DD:49:E0:EC:D4:29:94:54:B3:B8:9C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018570FABE5CFAB4F7194E1DD6C95C5A8963
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/_zbtM3WmqJXK3Ung7NQplFSzuJw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 05:35:59 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 91.188.252.0/22
IP: 2a0f:6840::/29
Validation: Failed, certificate revoked on Tue 11 Apr 2023 09:15:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fa:be:5c:fa:b4:f7:19:4e:1d:d6:c9:5c:5a:89:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 05:35:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff36ed3375a6a895cadd49e0ecd4299454b3b89c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:24:0f:8d:d8:5a:73:2f:2a:8d:e9:17:79:36:
1f:87:ff:d9:31:ed:95:3e:89:d5:b9:7d:40:6f:46:
f3:f7:84:67:fb:06:ef:36:b4:3d:ab:c7:d7:61:d9:
f7:39:8a:84:37:12:e1:ba:65:78:8a:7d:45:ff:eb:
4b:45:f7:a5:bc:fd:87:72:2c:17:ec:67:4c:a6:80:
85:e4:8d:11:2d:2c:e3:cb:71:07:34:21:e1:b5:10:
17:4b:82:f0:22:8e:36:ab:af:95:b9:dd:29:5d:97:
f2:cb:11:40:e1:fa:91:88:84:2e:cb:b6:38:ba:bb:
42:c2:b0:d7:5b:34:27:70:c0:97:e8:8a:0c:39:6a:
2a:1a:b4:4d:26:df:1f:8c:3b:4d:a4:18:09:69:65:
60:52:2a:84:c2:cf:fb:71:9c:32:2c:86:08:be:d4:
d3:1a:be:ae:da:1a:2d:29:a1:a7:56:b5:b6:c9:95:
09:34:e4:ea:be:fd:01:f3:ce:55:f1:97:43:28:93:
c9:8c:09:32:40:7d:8a:b3:ea:fe:e2:6c:e9:ad:1c:
83:4c:e4:61:c3:58:d3:93:93:5a:c6:29:51:65:35:
58:65:46:b0:64:86:2e:19:bb:4f:0d:20:e8:4f:a0:
c9:56:4b:76:1d:b7:5f:58:30:d3:53:93:01:0a:dd:
50:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:36:ED:33:75:A6:A8:95:CA:DD:49:E0:EC:D4:29:94:54:B3:B8:9C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/_zbtM3WmqJXK3Ung7NQplFSzuJw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.252.0/22
IPv6:
2a0f:6840::/29
Signature Algorithm: sha256WithRSAEncryption
19:49:e6:cd:ea:a4:ff:11:91:75:5e:90:6f:e6:da:0b:59:ce:
22:b6:6f:81:19:54:b8:03:68:ef:2a:8a:93:b9:29:bc:72:67:
d4:fa:ca:56:0b:42:77:32:8a:33:fd:2c:d1:7c:22:16:3e:56:
cb:91:a3:03:3d:bf:25:89:83:82:c9:d3:b9:a1:18:03:be:f5:
98:89:fd:57:38:97:ab:a4:6b:b5:30:28:10:73:9f:09:be:27:
10:53:cf:fb:0c:cd:b8:06:a4:14:a1:f2:12:e9:59:ef:2c:43:
43:49:13:52:b6:11:8c:f3:e5:01:2c:8a:c9:98:b0:c4:e0:99:
c6:18:73:3d:1a:93:92:0f:8a:c1:9d:fb:27:05:80:8e:22:41:
89:67:5a:57:f9:3a:9b:ed:9c:9c:93:4d:52:90:bb:81:4d:76:
81:36:d3:5b:bd:1a:9c:29:9a:02:74:27:c6:72:80:b7:24:d8:
ed:05:71:24:fb:a0:10:70:c3:6e:10:63:8a:21:d8:d4:c0:d6:
c9:8a:7a:dd:89:b6:d6:f7:df:29:d4:5a:0b:b5:97:3f:9b:e0:
8e:51:02:31:57:33:af:c5:f8:d1:94:97:6a:be:70:ad:c1:a4:
66:8e:31:8d:cf:96:df:6d:6c:02:cf:ad:97:0e:38:4e:7e:58:
a9:6f:e1:60
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVw+r5c+rT3GU4d1slcWoljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDUzNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjM2ZWQzMzc1YTZhODk1Y2FkZDQ5ZTBlY2Q0Mjk5NDU0YjNiODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SQPjdhacy8qjekXeTYfh//ZMe2V
PonVuX1Ab0bz94Rn+wbvNrQ9q8fXYdn3OYqENxLhumV4in1F/+tLRfelvP2HciwX
7GdMpoCF5I0RLSzjy3EHNCHhtRAXS4LwIo42q6+Vud0pXZfyyxFA4fqRiIQuy7Y4
urtCwrDXWzQncMCX6IoMOWoqGrRNJt8fjDtNpBgJaWVgUiqEws/7cZwyLIYIvtTT
Gr6u2hotKaGnVrW2yZUJNOTqvv0B885V8ZdDKJPJjAkyQH2Ks+r+4mzprRyDTORh
w1jTk5NaxilRZTVYZUawZIYuGbtPDSDoT6DJVkt2HbdfWDDTU5MBCt1Q7QIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFP827TN1pqiVyt1J4OzUKZRUs7icMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y2LzNiYzg0
MC04MzI5LTQzODktYTM0Yi1lYzE5MGIxY2VhY2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvM2JjODQw
LTgzMjktNDM4OS1hMzRiLWVjMTkwYjFjZWFjYS8xL196YnRNM1dtcUpYSzNVbmc3
TlFwbEZTenVKdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCW7z8MA0EAgACMAcDBQMqD2hAMA0GCSqGSIb3
DQEBCwUAA4IBAQAZSebN6qT/EZF1XpBv5toLWc4itm+BGVS4A2jvKoqTuSm8cmfU
+spWC0J3Mooz/SzRfCIWPlbLkaMDPb8liYOCydO5oRgDvvWYif1XOJerpGu1MCgQ
c58JvicQU8/7DM24BqQUofIS6VnvLENDSRNSthGM8+UBLIrJmLDE4JnGGHM9GpOS
D4rBnfsnBYCOIkGJZ1pX+Tqb7Zyck01SkLuBTXaBNtNbvRqcKZoCdCfGcoC3JNjt
BXEk+6AQcMNuEGOKIdjUwNbJinrdibbW998p1FoLtZc/m+COUQIxVzOvxfjRlJdq
vnCtwaRmjjGNz5bfbWwCz62XDjhOflipb+Fg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:41 2024 by rpki-client on console-ams.rpki-client.org