Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hfzKq2iYqiIkL6hHzgKluhpn3SI.cer
File: hfzKq2iYqiIkL6hHzgKluhpn3SI.cer (raw, json)
Hash identifier: MWxRP/Y0HZe69EsERF7Dd2J9E/a+ZKgwEE+l1gSr8Sg=
Subject key identifier: 85:FC:CA:AB:68:98:AA:22:24:2F:A8:47:CE:02:A5:BA:1A:67:DD:22
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856BD07D0904A0909F6CCA5AACE955C115
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e0/18cb86-f8f3-4042-a26a-9b53a517a157/1/hfzKq2iYqiIkL6hHzgKluhpn3SI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e0/18cb86-f8f3-4042-a26a-9b53a517a157/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 05:31:43 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 91.247.172.0/24
IP: 2a11:c740::/29
Validation: Failed, certificate revoked on Wed 01 Nov 2023 13:11:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d0:7d:09:04:a0:90:9f:6c:ca:5a:ac:e9:55:c1:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:31:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85fccaab6898aa22242fa847ce02a5ba1a67dd22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:67:d0:33:80:b2:c4:8e:13:91:1c:26:44:18:
c9:d2:07:b5:25:cc:5b:8f:c0:db:5e:b5:d2:99:69:
06:44:99:c1:60:9d:73:ce:95:14:21:be:66:e7:d5:
d5:d9:38:7e:34:e5:5b:37:8e:47:ac:e0:31:2a:ed:
a8:89:bb:88:a9:7e:c6:17:c8:0f:6d:e8:d5:d3:9e:
f4:91:18:be:ef:35:30:ef:42:62:74:9c:6c:b5:67:
ad:f7:70:bc:97:a3:93:9c:57:24:21:d2:80:da:63:
43:1a:2f:b2:6e:07:74:42:d8:73:df:a0:38:40:fb:
6f:78:3f:30:f6:42:f6:9c:8b:b9:15:51:84:d0:4b:
f0:1d:64:6e:84:24:85:f2:cc:15:69:63:24:6e:45:
84:4b:58:87:c6:89:21:9e:11:22:f9:01:a1:c0:27:
0c:05:86:f5:e5:65:96:0f:e0:94:68:0d:d4:48:0f:
d5:90:4a:03:c3:7c:10:4a:19:2a:90:a6:2f:82:27:
66:8b:72:30:c4:fe:4d:e0:bb:e8:79:7f:b4:6a:28:
20:84:b7:e3:77:ec:0a:e4:b3:ce:ba:88:92:74:32:
e2:76:a3:ee:b3:a0:f4:09:20:0c:eb:57:75:35:0b:
ba:e0:56:e7:92:8f:9d:ef:e7:6f:c7:fd:79:12:94:
b2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:FC:CA:AB:68:98:AA:22:24:2F:A8:47:CE:02:A5:BA:1A:67:DD:22
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/18cb86-f8f3-4042-a26a-9b53a517a157/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/18cb86-f8f3-4042-a26a-9b53a517a157/1/hfzKq2iYqiIkL6hHzgKluhpn3SI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.172.0/24
IPv6:
2a11:c740::/29
Signature Algorithm: sha256WithRSAEncryption
62:e9:d3:e8:5d:ec:98:06:da:2e:d3:9b:5a:e5:4c:9e:f5:e5:
9f:85:2d:34:d9:92:63:64:0d:f8:8c:bd:bc:90:94:7d:79:16:
74:84:0e:27:f0:57:77:f5:49:ad:03:d9:b3:35:70:19:4c:de:
45:a1:6c:8c:2d:ec:54:66:ff:5f:ee:ac:ec:2f:74:b9:2b:1d:
55:d1:b4:b9:dd:f3:be:31:9f:d7:58:b9:60:72:4f:4e:ac:07:
5e:33:08:39:c9:69:9f:43:ac:63:ba:05:ec:e5:1b:34:a5:b5:
4f:a0:7b:ca:5a:62:d5:35:78:32:8f:fc:e7:5e:7f:77:6a:09:
06:da:2e:f2:9a:0a:56:9a:0e:1a:df:13:73:93:25:23:b3:52:
8f:e3:eb:4a:85:22:a7:13:a8:b8:04:62:76:28:b1:5d:1d:df:
1e:71:e3:d4:04:a0:e8:62:e7:a7:e3:ac:b4:b4:e7:7d:2b:1b:
16:ea:f8:ed:34:3b:12:e6:71:11:ff:1a:78:2b:a8:89:40:ea:
22:47:7c:4e:b9:fe:a4:f1:3c:13:a3:1f:1f:64:ad:05:01:11:
22:fe:88:c3:af:dd:2d:3d:32:03:20:84:f5:89:a3:2c:7a:b9:
e4:36:eb:86:04:87:2e:22:3b:0f:9b:fb:43:ec:d5:2a:10:b2:
0e:01:22:e9
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVr0H0JBKCQn2zKWqzpVcEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDUzMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWZjY2FhYjY4OThhYTIyMjQyZmE4NDdjZTAyYTViYTFhNjdkZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmfQM4CyxI4TkRwmRBjJ0ge1Jcxb
j8DbXrXSmWkGRJnBYJ1zzpUUIb5m59XV2Th+NOVbN45HrOAxKu2oibuIqX7GF8gP
bejV0570kRi+7zUw70JidJxstWet93C8l6OTnFckIdKA2mNDGi+ybgd0Qthz36A4
QPtveD8w9kL2nIu5FVGE0EvwHWRuhCSF8swVaWMkbkWES1iHxokhnhEi+QGhwCcM
BYb15WWWD+CUaA3USA/VkEoDw3wQShkqkKYvgidmi3IwxP5N4LvoeX+0aigghLfj
d+wK5LPOuoiSdDLidqPus6D0CSAM61d1NQu64Fbnko+d7+dvx/15EpSyEQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFIX8yqtomKoiJC+oR84CpboaZ90iMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UwLzE4Y2I4
Ni1mOGYzLTQwNDItYTI2YS05YjUzYTUxN2ExNTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAvMThjYjg2
LWY4ZjMtNDA0Mi1hMjZhLTliNTNhNTE3YTE1Ny8xL2hmektxMmlZcWlJa0w2aEh6
Z0tsdWhwbjNTSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAW/esMA0EAgACMAcDBQMqEcdAMA0GCSqGSIb3
DQEBCwUAA4IBAQBi6dPoXeyYBtou05ta5Uye9eWfhS002ZJjZA34jL28kJR9eRZ0
hA4n8Fd39UmtA9mzNXAZTN5FoWyMLexUZv9f7qzsL3S5Kx1V0bS53fO+MZ/XWLlg
ck9OrAdeMwg5yWmfQ6xjugXs5Rs0pbVPoHvKWmLVNXgyj/znXn93agkG2i7ymgpW
mg4a3xNzkyUjs1KP4+tKhSKnE6i4BGJ2KLFdHd8ecePUBKDoYuen46y0tOd9KxsW
6vjtNDsS5nER/xp4K6iJQOoiR3xOuf6k8TwTox8fZK0FAREi/ojDr90tPTIDIIT1
iaMsernkNuuGBIcuIjsPm/tD7NUqELIOASLp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:55:19 2024 by rpki-client on console-ams.rpki-client.org