Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aG8KTaI3MgXvNEXSjiYMKEaEt0s.cer
File: aG8KTaI3MgXvNEXSjiYMKEaEt0s.cer (raw, json)
Hash identifier: nSbujBpUF1vDh/qMAuMMMtoTHbaL4iDVQ2C33hAboJA=
Subject key identifier: 68:6F:0A:4D:A2:37:32:05:EF:34:45:D2:8E:26:0C:28:46:84:B7:4B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0186930A723BF02AAEBE66A3052B089728DB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/aG8KTaI3MgXvNEXSjiYMKEaEt0s.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 27 Feb 2023 13:23:00 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 109.107.143.0/24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:0a:72:3b:f0:2a:ae:be:66:a3:05:2b:08:97:28:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 27 13:23:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=686f0a4da2373205ef3445d28e260c284684b74b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:49:3d:18:f7:27:a5:39:b5:42:25:3f:9a:43:
47:99:69:a6:78:97:dc:ab:33:1f:f8:73:50:35:48:
5b:bf:05:d9:46:0d:bb:bb:23:4b:85:ee:76:d0:1d:
bd:06:46:0f:29:43:02:24:bf:ec:9c:92:e8:ef:02:
e2:8e:19:de:89:8a:1b:8e:fc:80:0a:9b:59:e9:64:
58:92:8c:41:82:a3:13:f8:c5:d3:cd:87:9e:21:54:
ab:48:fc:c6:27:dc:0c:10:9c:ea:d6:8c:70:eb:f8:
7b:b6:2e:c0:31:52:50:b0:2c:9f:d4:1e:f9:b0:40:
77:c8:6e:62:26:b7:86:ca:1d:ec:92:a4:21:d5:c0:
d1:21:b0:26:f5:66:c6:2f:d1:80:e2:b4:1f:c7:12:
8a:8e:a4:10:f2:8b:b3:3c:7d:0a:b3:b2:d0:8a:b1:
0f:7a:96:be:2f:3e:a0:38:8c:a6:98:de:ed:79:57:
38:7b:a5:6a:8e:17:d7:b5:25:3a:7a:f5:10:35:e4:
81:9f:ab:26:04:45:b5:14:0b:b9:4e:4d:86:7d:b3:
69:ff:32:e8:73:a6:da:79:13:62:35:f0:90:62:b4:
d8:d7:72:c7:b1:2e:cd:a6:3a:d5:90:69:ca:b1:5e:
93:93:b2:bd:56:27:7e:90:3a:d1:53:9e:41:36:23:
b2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6F:0A:4D:A2:37:32:05:EF:34:45:D2:8E:26:0C:28:46:84:B7:4B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/aG8KTaI3MgXvNEXSjiYMKEaEt0s.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.143.0/24
Signature Algorithm: sha256WithRSAEncryption
81:29:f4:e0:54:b3:90:27:4a:e5:a6:37:80:8c:bd:5d:e5:6f:
87:59:09:3d:da:9c:1a:02:d5:f0:b6:1f:6f:93:c1:ea:0c:5b:
02:2f:29:c5:ea:d4:89:3e:57:f7:c1:0f:e5:9f:35:1f:79:e3:
3f:7e:25:0e:ff:44:d4:7a:9e:59:11:39:b6:e7:20:d1:a2:38:
0d:bb:56:3a:23:68:81:58:78:bb:39:7f:54:0e:82:1b:43:b5:
ae:4c:4e:38:f6:21:98:b5:44:ff:c2:65:16:d8:e9:3f:7f:fd:
10:90:66:03:dc:4e:87:28:d5:0d:82:db:e7:e2:75:ae:d9:a4:
4a:43:6f:be:61:41:20:0e:2d:23:da:e4:6d:ad:88:65:37:6e:
d8:50:da:d9:b3:f4:d0:8a:ba:ac:4a:27:43:22:20:2d:20:05:
a7:0b:19:55:33:72:6e:ae:a6:b6:fb:3b:f7:cb:91:33:8a:ec:
4c:87:28:f0:8f:f9:e6:bf:8c:79:ec:7f:d9:4c:4c:55:55:9c:
48:d8:03:06:19:51:c4:f4:9c:20:ff:32:34:b5:98:92:ee:b8:
b8:cb:5d:fd:35:a5:14:0e:a5:f2:27:7a:58:b5:f3:bd:e5:5b:
81:69:16:1e:52:b6:2e:01:f8:73:e0:56:43:6c:7b:13:ec:ae:
b6:40:21:d9
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYaTCnI78CquvmajBSsIlyjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMjI3MTMyMzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODZmMGE0ZGEyMzczMjA1ZWYzNDQ1ZDI4ZTI2MGMyODQ2ODRiNzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0k9GPcnpTm1QiU/mkNHmWmmeJfc
qzMf+HNQNUhbvwXZRg27uyNLhe520B29BkYPKUMCJL/snJLo7wLijhneiYobjvyA
CptZ6WRYkoxBgqMT+MXTzYeeIVSrSPzGJ9wMEJzq1oxw6/h7ti7AMVJQsCyf1B75
sEB3yG5iJreGyh3skqQh1cDRIbAm9WbGL9GA4rQfxxKKjqQQ8ouzPH0Ks7LQirEP
epa+Lz6gOIymmN7teVc4e6VqjhfXtSU6evUQNeSBn6smBEW1FAu5Tk2GfbNp/zLo
c6baeRNiNfCQYrTY13LHsS7NpjrVkGnKsV6Tk7K9Vid+kDrRU55BNiOyNwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFGhvCk2iNzIF7zRF0o4mDChGhLdLMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFkL2EyMzk2
Yy0yZGZkLTQ1ZjYtYWEzNC01NGMxZGM1NzQxNDUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQvYTIzOTZj
LTJkZmQtNDVmNi1hYTM0LTU0YzFkYzU3NDE0NS8xL2FHOEtUYUkzTWdYdk5FWFNq
aVlNS0VhRXQwcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAbWuPMA0GCSqGSIb3DQEBCwUAA4IBAQCBKfTg
VLOQJ0rlpjeAjL1d5W+HWQk92pwaAtXwth9vk8HqDFsCLynF6tSJPlf3wQ/lnzUf
eeM/fiUO/0TUep5ZETm25yDRojgNu1Y6I2iBWHi7OX9UDoIbQ7WuTE449iGYtUT/
wmUW2Ok/f/0QkGYD3E6HKNUNgtvn4nWu2aRKQ2++YUEgDi0j2uRtrYhlN27YUNrZ
s/TQirqsSidDIiAtIAWnCxlVM3Jurqa2+zv3y5EziuxMhyjwj/nmv4x57H/ZTExV
VZxI2AMGGVHE9Jwg/zI0tZiS7ri4y139NaUUDqXyJ3pYtfO95VuBaRYeUrYuAfhz
4FZDbHsT7K62QCHZ
-----END CERTIFICATE-----
Generated at Fri Nov 24 13:26:40 2023 by rpki-client on console-ams.rpki-client.org