Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cKm5fx-KHtRzjFAK7P-tJPE2cWY.cer
File: cKm5fx-KHtRzjFAK7P-tJPE2cWY.cer (raw, json)
Hash identifier: zXu5FzP1wVV69fOPVz9dvFLsSRZvBCFIMWq6GAris3M=
Subject key identifier: 70:A9:B9:7F:1F:8A:1E:D4:73:8C:50:0A:EC:FF:AD:24:F1:36:71:66
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0185701D4144CAAF7170058160B0E5851621
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a4/5dbeff-f1ad-4ceb-b473-81973ebb0794/1/cKm5fx-KHtRzjFAK7P-tJPE2cWY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a4/5dbeff-f1ad-4ceb-b473-81973ebb0794/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 01:34:03 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 91.247.164.0/24
Validation: Failed, certificate revoked on Fri 10 Nov 2023 14:35:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1d:41:44:ca:af:71:70:05:81:60:b0:e5:85:16:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 01:34:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70a9b97f1f8a1ed4738c500aecffad24f1367166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:2b:d8:19:97:bf:d5:b0:cb:a5:c2:ee:c4:01:
be:3a:10:3c:35:a0:51:60:6a:4c:b2:9a:c1:17:6b:
25:93:e6:6e:2c:6e:4c:64:ff:b9:36:44:73:95:07:
22:03:4f:f2:66:d4:f5:91:d5:e8:81:5b:b4:c1:aa:
26:81:41:e0:39:c8:ac:d9:95:dd:13:32:4a:04:bb:
0b:69:9c:3d:08:63:6c:27:87:7c:77:30:ec:85:12:
d6:65:60:3b:b0:51:e9:be:1c:70:38:50:23:a1:f0:
e0:81:7c:71:ed:d4:b7:58:d0:ae:de:f2:5c:8e:21:
e4:ad:74:b4:78:5d:da:94:65:a7:84:1b:22:70:b0:
3f:f2:e4:ce:43:48:e0:cc:7d:b3:35:11:d0:08:fb:
41:ac:6f:57:c6:62:69:4e:2c:e9:b2:05:ef:e6:e5:
11:5b:75:f9:14:8a:3e:b9:4a:e2:ef:5f:91:fb:59:
b1:de:e8:6d:4b:b5:23:b2:08:5f:d1:86:d2:f6:bb:
2f:6c:cd:20:9e:f5:cc:b2:a3:28:ef:08:8b:be:12:
0f:57:5b:4a:6f:a9:25:a0:ba:1b:a3:c5:8b:82:d7:
78:75:dc:68:bd:ac:5d:38:d0:2b:34:d5:31:de:f9:
6b:39:db:9a:7c:34:ca:f8:86:61:96:f7:b8:35:df:
64:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A9:B9:7F:1F:8A:1E:D4:73:8C:50:0A:EC:FF:AD:24:F1:36:71:66
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/5dbeff-f1ad-4ceb-b473-81973ebb0794/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/5dbeff-f1ad-4ceb-b473-81973ebb0794/1/cKm5fx-KHtRzjFAK7P-tJPE2cWY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.164.0/24
Signature Algorithm: sha256WithRSAEncryption
23:eb:67:cd:ad:ac:1e:7b:63:54:ff:b3:bb:fb:4f:52:41:f6:
c7:81:43:98:9f:7b:1e:8c:8a:7b:9d:0a:e1:c0:49:75:d8:77:
5b:b6:9e:b2:f1:dd:91:9a:32:03:84:54:78:6b:cc:c6:73:37:
09:20:70:f1:6e:38:14:fe:42:28:70:f7:df:90:d7:19:d3:75:
93:e5:f1:13:c9:ed:f9:49:76:0b:8e:bc:c1:5e:de:1e:f9:c6:
90:a0:a6:5f:63:35:69:52:e8:2f:fe:cb:25:7f:19:38:d8:72:
1e:a5:e4:68:00:05:ff:16:be:88:66:c0:cd:19:a8:66:f4:d3:
45:ad:ce:6e:df:47:a7:0c:0b:2c:61:e5:40:e1:63:51:61:97:
f5:ac:e5:76:2c:30:4d:3a:e1:1d:2c:a1:a9:d2:d2:c6:e7:4f:
20:13:9e:b6:2e:d0:56:07:60:d7:81:7f:71:99:b5:c2:77:06:
59:d1:fb:19:e1:7a:4a:51:52:2a:a3:ca:ae:13:33:4c:8d:28:
ef:a6:1a:fc:5a:08:19:a0:37:41:49:d6:84:5a:6e:e6:98:c7:
76:61:b4:4f:f7:2a:b2:14:92:74:14:4e:c3:8e:03:1b:42:c4:
9d:66:3c:89:c7:ca:68:19:0e:bc:12:fa:95:1f:0f:7c:a0:54:
8e:57:05:a0
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVwHUFEyq9xcAWBYLDlhRYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDEzNDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE5Yjk3ZjFmOGExZWQ0NzM4YzUwMGFlY2ZmYWQyNGYxMzY3MTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SvYGZe/1bDLpcLuxAG+OhA8NaBR
YGpMsprBF2slk+ZuLG5MZP+5NkRzlQciA0/yZtT1kdXogVu0waomgUHgOcis2ZXd
EzJKBLsLaZw9CGNsJ4d8dzDshRLWZWA7sFHpvhxwOFAjofDggXxx7dS3WNCu3vJc
jiHkrXS0eF3alGWnhBsicLA/8uTOQ0jgzH2zNRHQCPtBrG9XxmJpTizpsgXv5uUR
W3X5FIo+uUri71+R+1mx3uhtS7Ujsghf0YbS9rsvbM0gnvXMsqMo7wiLvhIPV1tK
b6kloLobo8WLgtd4ddxovaxdONArNNUx3vlrOduafDTK+IZhlve4Nd9kwQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFHCpuX8fih7Uc4xQCuz/rSTxNnFmMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E0LzVkYmVm
Zi1mMWFkLTRjZWItYjQ3My04MTk3M2ViYjA3OTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQvNWRiZWZm
LWYxYWQtNGNlYi1iNDczLTgxOTczZWJiMDc5NC8xL2NLbTVmeC1LSHRSempGQUs3
UC10SlBFMmNXWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW/ekMA0GCSqGSIb3DQEBCwUAA4IBAQAj62fN
rawee2NU/7O7+09SQfbHgUOYn3sejIp7nQrhwEl12Hdbtp6y8d2RmjIDhFR4a8zG
czcJIHDxbjgU/kIocPffkNcZ03WT5fETye35SXYLjrzBXt4e+caQoKZfYzVpUugv
/sslfxk42HIepeRoAAX/Fr6IZsDNGahm9NNFrc5u30enDAssYeVA4WNRYZf1rOV2
LDBNOuEdLKGp0tLG508gE562LtBWB2DXgX9xmbXCdwZZ0fsZ4XpKUVIqo8quEzNM
jSjvphr8WggZoDdBSdaEWm7mmMd2YbRP9yqyFJJ0FE7DjgMbQsSdZjyJx8poGQ68
EvqVHw98oFSOVwWg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:51 2024 by rpki-client on console-fra.rpki-client.org