Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hbt7dbJt_hPoWD6nwa5iGUTIzjA.cer
File: hbt7dbJt_hPoWD6nwa5iGUTIzjA.cer (raw, json)
Hash identifier: y7iJ8NzZjo+fMwZYNAOd6DJExskwHPt0OWszBOlP6nI=
Subject key identifier: 85:BB:7B:75:B2:6D:FE:13:E8:58:3E:A7:C1:AE:62:19:44:C8:CE:30
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018B866FD9E0B5C88B13F714A71BA211FAB9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1f/025122-5b87-40de-858b-0731a526211d/1/hbt7dbJt_hPoWD6nwa5iGUTIzjA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1f/025122-5b87-40de-858b-0731a526211d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 31 Oct 2023 15:52:39 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 194.26.202.0/24
IP: 2a14:5a00::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:6f:d9:e0:b5:c8:8b:13:f7:14:a7:1b:a2:11:fa:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Oct 31 15:52:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85bb7b75b26dfe13e8583ea7c1ae621944c8ce30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:32:db:76:0f:04:85:63:b1:7b:f9:19:2d:e9:
b7:4e:24:7d:73:6a:b9:e7:29:c7:85:cd:ca:17:03:
a7:42:a7:d2:01:46:9b:a3:78:46:a8:ea:79:58:7c:
b2:9c:2a:ef:ab:0a:1b:89:a3:18:21:c5:6c:fd:a6:
c5:65:21:58:de:4d:4e:5b:be:7a:c7:47:40:48:71:
6d:7d:68:39:48:cb:2f:16:16:14:6d:97:87:92:b9:
f1:ab:d5:cd:bc:3e:22:c2:9a:a6:76:43:5b:59:d9:
5b:d3:96:db:39:0b:39:39:a8:85:7b:23:ec:b5:7d:
3d:fb:d2:3f:e5:43:96:84:8b:1c:db:3d:26:8e:de:
06:81:61:63:9d:7b:e3:f6:82:dc:4f:ec:14:5b:c3:
c2:7d:73:73:e4:1e:96:42:1e:e8:2c:fe:a1:6a:f1:
e8:2b:1d:94:59:8a:b1:56:e1:18:33:51:4f:a8:9a:
52:a2:bd:99:79:29:23:69:d2:9f:50:bd:09:20:c2:
cf:1b:1a:f1:1a:a2:52:18:08:5e:ae:85:03:3a:95:
2f:1e:5c:c6:a1:6a:33:2f:cb:59:51:b9:26:b6:a2:
fe:df:ed:0a:de:6d:bf:75:29:3b:dc:ad:29:be:fc:
00:54:ee:9d:d1:d1:f2:bb:57:17:71:90:27:f6:41:
b0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:BB:7B:75:B2:6D:FE:13:E8:58:3E:A7:C1:AE:62:19:44:C8:CE:30
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/025122-5b87-40de-858b-0731a526211d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/025122-5b87-40de-858b-0731a526211d/1/hbt7dbJt_hPoWD6nwa5iGUTIzjA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.202.0/24
IPv6:
2a14:5a00::/29
Signature Algorithm: sha256WithRSAEncryption
20:03:9e:f6:73:57:66:2c:73:90:6e:d7:6e:7f:11:ce:b6:48:
72:07:0b:e4:a2:f9:87:6f:c5:33:c6:9d:f7:9a:b5:de:2b:90:
76:9f:cd:ac:e0:2c:9a:08:fb:0a:a6:17:14:98:56:a2:75:e5:
20:d7:a4:4d:e5:9b:a8:f1:3d:74:77:ef:82:da:9e:12:ae:66:
3d:16:71:5f:44:21:96:92:01:af:05:b3:85:e9:57:fb:8f:ee:
d0:27:cf:3d:21:14:10:b6:1e:be:2c:cf:d3:82:0b:54:43:2f:
94:3e:7e:39:6d:5b:a1:50:9e:2c:3f:84:dd:a2:dd:78:58:20:
ed:35:8f:b6:43:03:76:50:9c:f7:8a:da:38:2d:d2:0f:cd:eb:
6e:10:6f:0d:84:1f:78:ad:d0:89:5c:e9:b7:8e:c0:b4:ba:3f:
83:23:00:30:6c:c4:d8:dd:c9:cb:c4:61:b4:d2:10:dc:f6:cb:
03:8f:6f:26:9e:e2:e9:41:86:f6:bc:e1:69:a5:ba:58:2e:d4:
de:3b:37:14:88:d1:a0:5d:2f:b1:d9:97:43:61:81:0d:af:9a:
79:f4:d9:89:68:40:c7:99:83:a6:04:83:c4:35:d6:c5:dd:0a:
70:36:d1:40:26:bc:84:33:5c:2a:75:16:ed:0b:b8:33:e5:41:
00:a0:fb:98
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYuGb9ngtciLE/cUpxuiEfq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMxMDMxMTU1MjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWJiN2I3NWIyNmRmZTEzZTg1ODNlYTdjMWFlNjIxOTQ0YzhjZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzLbdg8EhWOxe/kZLem3TiR9c2q5
5ynHhc3KFwOnQqfSAUabo3hGqOp5WHyynCrvqwobiaMYIcVs/abFZSFY3k1OW756
x0dASHFtfWg5SMsvFhYUbZeHkrnxq9XNvD4iwpqmdkNbWdlb05bbOQs5OaiFeyPs
tX09+9I/5UOWhIsc2z0mjt4GgWFjnXvj9oLcT+wUW8PCfXNz5B6WQh7oLP6havHo
Kx2UWYqxVuEYM1FPqJpSor2ZeSkjadKfUL0JIMLPGxrxGqJSGAheroUDOpUvHlzG
oWozL8tZUbkmtqL+3+0K3m2/dSk73K0pvvwAVO6d0dHyu1cXcZAn9kGw4wIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFIW7e3Wybf4T6Fg+p8GuYhlEyM4wMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFmLzAyNTEy
Mi01Yjg3LTQwZGUtODU4Yi0wNzMxYTUyNjIxMWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYvMDI1MTIy
LTViODctNDBkZS04NThiLTA3MzFhNTI2MjExZC8xL2hidDdkYkp0X2hQb1dENm53
YTVpR1VUSXpqQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwhrKMA0EAgACMAcDBQMqFFoAMA0GCSqGSIb3
DQEBCwUAA4IBAQAgA572c1dmLHOQbtdufxHOtkhyBwvkovmHb8Uzxp33mrXeK5B2
n82s4CyaCPsKphcUmFaideUg16RN5Zuo8T10d++C2p4SrmY9FnFfRCGWkgGvBbOF
6Vf7j+7QJ889IRQQth6+LM/TggtUQy+UPn45bVuhUJ4sP4Tdot14WCDtNY+2QwN2
UJz3ito4LdIPzetuEG8NhB94rdCJXOm3jsC0uj+DIwAwbMTY3cnLxGG00hDc9ssD
j28mnuLpQYb2vOFppbpYLtTeOzcUiNGgXS+x2ZdDYYENr5p59NmJaEDHmYOmBIPE
NdbF3QpwNtFAJryEM1wqdRbtC7gz5UEAoPuY
Generated at Mon Nov 27 10:49:35 2023 by rpki-client on console-fra.rpki-client.org