Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/h4yDWY_HNlqpCdauEXuxkH1Rkv0.cer
File: h4yDWY_HNlqpCdauEXuxkH1Rkv0.cer (raw, json)
Hash identifier: /iMSxtUSRjuCF4E3GegHFNfCim8vrSo0Cgaj6k5GT34=
Subject key identifier: 87:8C:83:59:8F:C7:36:5A:A9:09:D6:AE:11:7B:B1:90:7D:51:92:FD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856C3F1C733E67EB2C59CEF34A82CFCEB1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2c/523290-bd41-42f4-ab50-f9910bb56fcd/1/h4yDWY_HNlqpCdauEXuxkH1Rkv0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2c/523290-bd41-42f4-ab50-f9910bb56fcd/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 07:32:33 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 37.140.242.0/24
IP: 2a11:39c0::/29
Validation: Failed, certificate revoked on Thu 30 Mar 2023 17:03:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:3f:1c:73:3e:67:eb:2c:59:ce:f3:4a:82:cf:ce:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:32:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=878c83598fc7365aa909d6ae117bb1907d5192fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:23:a7:7f:e7:db:53:44:4d:e6:88:cf:6d:79:
66:54:9c:3c:98:db:b8:3f:10:28:50:9e:2d:53:ea:
37:eb:33:cc:fe:84:56:ea:95:17:fc:b4:4a:ae:8a:
de:a5:28:9d:cd:0d:37:bf:61:25:74:91:76:d5:8d:
a5:e5:0d:88:32:ce:1c:97:fe:9d:be:f1:96:46:3b:
ca:ce:02:81:8d:93:20:b8:70:63:7a:df:b3:a1:a1:
c1:9c:fa:87:ac:3a:69:3e:db:ee:33:b1:e7:e6:de:
f0:92:7a:01:ea:ca:49:75:e1:e7:7c:11:8e:f3:3e:
13:90:6f:60:d6:77:f7:ea:80:86:bd:d3:99:af:06:
8e:65:f6:ed:1f:08:ed:71:c6:4f:b7:12:ae:23:36:
ce:a5:20:58:3b:af:d3:06:eb:1b:b6:b1:69:de:2c:
0e:8c:09:ba:1d:03:94:91:c9:29:4b:04:d7:a0:66:
c6:32:48:cd:5b:d5:32:d7:72:75:3d:f7:73:70:7e:
f3:6b:f8:bf:c0:44:86:95:fc:94:74:91:37:16:83:
e5:20:1d:57:f9:80:bc:03:a3:d3:fd:c7:38:40:fb:
30:58:13:07:b4:9f:27:a2:0e:69:84:60:bc:7e:64:
f7:0a:a3:4b:00:58:22:3c:84:ac:20:84:c0:2b:af:
12:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:8C:83:59:8F:C7:36:5A:A9:09:D6:AE:11:7B:B1:90:7D:51:92:FD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/523290-bd41-42f4-ab50-f9910bb56fcd/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/523290-bd41-42f4-ab50-f9910bb56fcd/1/h4yDWY_HNlqpCdauEXuxkH1Rkv0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.242.0/24
IPv6:
2a11:39c0::/29
Signature Algorithm: sha256WithRSAEncryption
75:24:30:cc:fc:0f:91:24:43:19:31:b0:74:73:39:7f:8c:2a:
2c:74:1f:ba:dd:2d:05:59:32:aa:7e:c3:e8:20:89:13:46:87:
3e:2a:dc:b6:1c:8b:6f:35:4f:e7:8e:a5:fc:8b:74:39:f3:3f:
cc:0c:68:33:4d:d4:71:1f:be:58:54:51:a8:78:7f:b9:d8:e3:
93:55:b8:ef:a4:51:ed:9b:7e:f8:2c:7b:fa:0b:6a:c9:75:a3:
6a:91:a8:8e:1f:77:54:ee:16:01:02:73:fa:c8:3f:15:c5:a8:
ae:71:db:e9:d8:64:c0:f9:d6:16:26:27:92:a8:5b:eb:2e:fc:
58:93:f8:2a:9e:c0:3e:54:58:18:c5:a7:ae:1d:cc:1a:02:58:
b4:8e:b8:fb:02:4d:fa:15:ed:78:d2:15:ca:48:f3:20:67:ec:
28:5c:e5:d5:1e:0c:cd:ff:e1:86:85:f8:a9:fa:83:20:cf:84:
08:5b:17:db:b9:a8:df:eb:2e:f2:30:17:30:0e:96:89:ca:95:
1b:ba:9d:d4:98:26:8d:97:e4:6e:13:44:b6:4a:b7:99:da:77:
fa:f7:46:c3:e4:75:77:71:f2:d1:ac:f1:4d:99:75:78:bf:a6:
13:47:36:b7:3b:67:83:83:49:1a:cd:8d:5d:ba:b0:8e:bb:31:
dc:b8:e8:b1
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVsPxxzPmfrLFnO80qCz86xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDczMjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzhjODM1OThmYzczNjVhYTkwOWQ2YWUxMTdiYjE5MDdkNTE5MmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyOnf+fbU0RN5ojPbXlmVJw8mNu4
PxAoUJ4tU+o36zPM/oRW6pUX/LRKrorepSidzQ03v2EldJF21Y2l5Q2IMs4cl/6d
vvGWRjvKzgKBjZMguHBjet+zoaHBnPqHrDppPtvuM7Hn5t7wknoB6spJdeHnfBGO
8z4TkG9g1nf36oCGvdOZrwaOZfbtHwjtccZPtxKuIzbOpSBYO6/TBusbtrFp3iwO
jAm6HQOUkckpSwTXoGbGMkjNW9Uy13J1PfdzcH7za/i/wESGlfyUdJE3FoPlIB1X
+YC8A6PT/cc4QPswWBMHtJ8nog5phGC8fmT3CqNLAFgiPISsIITAK68SGQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFIeMg1mPxzZaqQnWrhF7sZB9UZL9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJjLzUyMzI5
MC1iZDQxLTQyZjQtYWI1MC1mOTkxMGJiNTZmY2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMvNTIzMjkw
LWJkNDEtNDJmNC1hYjUwLWY5OTEwYmI1NmZjZC8xL2g0eURXWV9ITmxxcENkYXVF
WHV4a0gxUmt2MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAJYzyMA0EAgACMAcDBQMqETnAMA0GCSqGSIb3
DQEBCwUAA4IBAQB1JDDM/A+RJEMZMbB0czl/jCosdB+63S0FWTKqfsPoIIkTRoc+
Kty2HItvNU/njqX8i3Q58z/MDGgzTdRxH75YVFGoeH+52OOTVbjvpFHtm374LHv6
C2rJdaNqkaiOH3dU7hYBAnP6yD8Vxaiucdvp2GTA+dYWJieSqFvrLvxYk/gqnsA+
VFgYxaeuHcwaAli0jrj7Ak36Fe140hXKSPMgZ+woXOXVHgzN/+GGhfip+oMgz4QI
Wxfbuajf6y7yMBcwDpaJypUbup3UmCaNl+RuE0S2SreZ2nf690bD5HV3cfLRrPFN
mXV4v6YTRza3O2eDg0kazY1durCOuzHcuOix
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:31 2024 by rpki-client on console-fra.rpki-client.org