Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jwjmGhEbbu9Sf5rMYB5UUA5DTG8.cer
File: jwjmGhEbbu9Sf5rMYB5UUA5DTG8.cer (raw, json)
Hash identifier: coZEXhu+Uh0rrqEQR3W+tICiwlGnMrYRyireMrWSF+Q=
Subject key identifier: 8F:08:E6:1A:11:1B:6E:EF:52:7F:9A:CC:60:1E:54:50:0E:43:4C:6F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC9BCF371EC33D2E8ADAB8F32E672A79F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e1/713747-be61-4a56-95fa-74067f6d06f2/1/jwjmGhEbbu9Sf5rMYB5UUA5DTG8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e1/713747-be61-4a56-95fa-74067f6d06f2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 10:34:12 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 195.64.113.0/24
IP: 2a12:e280::/29
Validation: Failed, certificate revoked on Thu 07 Mar 2024 11:47:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:f3:71:ec:33:d2:e8:ad:ab:8f:32:e6:72:a7:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 10:34:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f08e61a111b6eef527f9acc601e54500e434c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a2:8d:81:51:43:e9:5b:b2:0b:d2:d3:cb:8f:
a9:6b:3f:ad:9e:15:e9:70:cc:68:2f:ba:d1:39:8f:
1a:a9:cb:a1:fb:7f:a8:f4:fb:09:7b:2c:a6:a7:ca:
7a:cf:cb:aa:51:bf:92:0a:63:35:f9:c0:8b:2d:e7:
0d:ba:57:62:6c:b5:b6:18:63:1d:8f:c1:11:7f:09:
15:92:27:b5:de:ea:51:e3:99:06:e4:aa:82:77:93:
6c:a5:49:ad:84:54:ac:cc:79:01:52:b6:6e:6c:61:
f5:85:83:7d:89:0e:fb:71:54:33:43:14:26:81:25:
6e:c5:0b:e9:35:21:aa:7f:e5:84:82:6b:e2:09:60:
5c:e7:07:71:bd:49:4c:89:e3:37:8d:8f:8d:8a:81:
25:ce:bc:c2:6c:d3:43:a6:a1:4f:a5:fa:ab:e0:35:
39:ea:47:5d:77:dd:52:32:fe:d6:89:70:9e:2f:20:
00:4e:62:c0:44:e4:b3:70:b2:45:cd:30:da:97:a7:
90:6c:ac:d3:18:04:50:f2:cc:79:56:a5:77:9e:fd:
f6:c9:b0:e6:2a:26:f5:e4:c7:d0:20:c0:c7:dc:23:
c1:1c:19:d7:c3:d1:6b:6a:41:2f:c8:1a:9a:c8:be:
0f:ac:65:12:f4:2a:84:e1:8a:9f:71:de:0c:69:57:
88:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:08:E6:1A:11:1B:6E:EF:52:7F:9A:CC:60:1E:54:50:0E:43:4C:6F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/713747-be61-4a56-95fa-74067f6d06f2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/713747-be61-4a56-95fa-74067f6d06f2/1/jwjmGhEbbu9Sf5rMYB5UUA5DTG8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.113.0/24
IPv6:
2a12:e280::/29
Signature Algorithm: sha256WithRSAEncryption
8a:76:5a:89:40:a4:68:7b:e9:ec:7f:63:dc:76:69:57:b3:4f:
e7:41:ec:f4:3d:a0:81:39:b6:5c:70:92:7c:35:36:bc:ff:cc:
44:92:08:af:bf:1e:ae:a1:36:8b:c8:a9:0b:be:35:2d:eb:99:
07:37:b7:0b:b2:5a:86:10:f7:b2:ac:3d:79:d2:e7:5e:38:c7:
11:ee:81:5d:b4:c6:30:3f:93:18:ae:39:43:6d:e9:2f:2e:2c:
e6:3a:b2:ee:df:62:59:26:08:e0:44:ba:3d:9b:78:5a:9a:4c:
89:a6:bf:25:83:95:6b:b2:52:73:17:c1:c6:ab:3d:41:43:05:
bc:4f:5a:72:ab:f0:7a:8b:00:52:d5:31:9b:d9:3e:34:08:81:
14:b8:f1:58:18:07:93:ba:40:d2:1b:6a:6f:eb:2e:9d:a9:81:
a6:0f:05:2f:00:90:ae:e4:08:9d:87:0f:f2:84:f0:81:92:ff:
3c:d7:37:9c:1d:fc:34:88:39:a9:74:12:ea:0b:47:81:49:3b:
0d:0f:2d:96:99:47:d8:b4:c7:53:ac:74:0a:94:54:dc:4f:86:
f2:a3:23:25:df:48:12:2b:ad:68:e3:1d:47:ec:ab:42:76:44:
02:1f:60:ab:c5:d7:34:54:9a:2e:26:fe:49:cb:a5:bf:c8:e1:
19:e1:da:66
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzJvPNx7DPS6K2rjzLmcqefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTAzNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjA4ZTYxYTExMWI2ZWVmNTI3ZjlhY2M2MDFlNTQ1MDBlNDM0YzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaKNgVFD6VuyC9LTy4+paz+tnhXp
cMxoL7rROY8aqcuh+3+o9PsJeyymp8p6z8uqUb+SCmM1+cCLLecNuldibLW2GGMd
j8ERfwkVkie13upR45kG5KqCd5NspUmthFSszHkBUrZubGH1hYN9iQ77cVQzQxQm
gSVuxQvpNSGqf+WEgmviCWBc5wdxvUlMieM3jY+NioElzrzCbNNDpqFPpfqr4DU5
6kddd91SMv7WiXCeLyAATmLAROSzcLJFzTDal6eQbKzTGARQ8sx5VqV3nv32ybDm
Kib15MfQIMDH3CPBHBnXw9FrakEvyBqayL4PrGUS9CqE4Yqfcd4MaVeIoQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFI8I5hoRG27vUn+azGAeVFAOQ0xvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UxLzcxMzc0
Ny1iZTYxLTRhNTYtOTVmYS03NDA2N2Y2ZDA2ZjIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEvNzEzNzQ3
LWJlNjEtNGE1Ni05NWZhLTc0MDY3ZjZkMDZmMi8xL2p3am1HaEViYnU5U2Y1ck1Z
QjVVVUE1RFRHOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAw0BxMA0EAgACMAcDBQMqEuKAMA0GCSqGSIb3
DQEBCwUAA4IBAQCKdlqJQKRoe+nsf2PcdmlXs0/nQez0PaCBObZccJJ8NTa8/8xE
kgivvx6uoTaLyKkLvjUt65kHN7cLslqGEPeyrD150udeOMcR7oFdtMYwP5MYrjlD
bekvLizmOrLu32JZJgjgRLo9m3hamkyJpr8lg5VrslJzF8HGqz1BQwW8T1pyq/B6
iwBS1TGb2T40CIEUuPFYGAeTukDSG2pv6y6dqYGmDwUvAJCu5Aidhw/yhPCBkv88
1zecHfw0iDmpdBLqC0eBSTsNDy2WmUfYtMdTrHQKlFTcT4byoyMl30gSK61o4x1H
7KtCdkQCH2Crxdc0VJouJv5Jy6W/yOEZ4dpm
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:53:30 2025 by rpki-client