Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kMgnJrhqrNs4bD9tp3XCAzXp7Uw.cer
File: kMgnJrhqrNs4bD9tp3XCAzXp7Uw.cer (raw, json)
Hash identifier: WJwZebIOEZsoHaTC0IVYhFqj3jizfqvMOfxUCM/uK5A=
Subject key identifier: 90:C8:27:26:B8:6A:AC:DB:38:6C:3F:6D:A7:75:C2:03:35:E9:ED:4C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018906CC2F98E491EDA664D57103977D57E3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.zappiehost.com/repo/HAZEL_UID_18860/1/90C82726B86AACDB386C3F6DA775C20335E9ED4C.mft
caRepository: rsync://rpki.zappiehost.com/repo/HAZEL_UID_18860/1/
Notify URL: https://rpki.zappiehost.com/rrdp/notification.xml
Certificate not before: Thu 29 Jun 2023 10:56:32 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 200242
Validation: Failed, certificate revoked on Wed 11 Oct 2023 11:33:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:cc:2f:98:e4:91:ed:a6:64:d5:71:03:97:7d:57:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 29 10:56:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90c82726b86aacdb386c3f6da775c20335e9ed4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:64:24:c5:d8:fc:aa:7d:ca:17:da:81:ca:4b:
88:85:ed:8e:8f:ed:46:4a:84:2b:15:5b:6b:7c:84:
62:dc:54:12:35:d6:6b:b5:9a:be:5c:1b:6e:5b:44:
49:ee:f6:65:b4:73:2e:6e:64:c9:f1:ee:a7:ca:ff:
0d:af:74:9b:1a:6a:73:15:0f:0c:b3:e0:84:6a:cc:
d5:c6:bc:bc:5a:74:eb:b6:24:1c:28:66:a2:90:82:
04:fe:29:26:b1:5a:05:67:4c:0b:dc:84:27:6e:4e:
26:7e:c6:87:af:12:54:1f:6f:e8:78:94:3c:b5:a0:
7e:35:ad:19:8f:4c:44:a8:0d:f3:7f:46:9a:72:54:
88:6e:ff:e6:0c:7c:59:a7:6b:81:b0:33:01:e9:27:
1e:a1:6b:5b:ee:bd:dd:34:47:f8:61:6e:42:4a:3c:
34:61:2b:b0:0a:63:a6:8f:d3:97:85:d9:66:f2:43:
19:57:e5:27:fb:59:6e:c7:b4:2b:d5:4d:d7:54:95:
fd:c7:0c:f4:73:45:70:22:6c:76:84:4f:68:f7:33:
2d:75:ae:fd:21:ed:a8:c4:c6:81:97:d8:48:c4:ba:
db:34:2a:29:14:3c:ed:b5:71:cc:f1:78:42:3d:36:
e2:a0:4d:de:d9:b4:21:f4:37:5e:8c:55:d4:e5:78:
ba:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C8:27:26:B8:6A:AC:DB:38:6C:3F:6D:A7:75:C2:03:35:E9:ED:4C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.zappiehost.com/repo/HAZEL_UID_18860/1/
RPKI Manifest - URI:rsync://rpki.zappiehost.com/repo/HAZEL_UID_18860/1/90C82726B86AACDB386C3F6DA775C20335E9ED4C.mft
RPKI Notify - URI:https://rpki.zappiehost.com/rrdp/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200242
Signature Algorithm: sha256WithRSAEncryption
6c:9a:eb:e3:16:91:a6:bd:88:ef:d7:24:fb:ca:2f:b4:1c:d6:
60:84:e6:36:08:0e:9d:48:ec:24:01:b6:42:cc:1d:0c:7f:98:
1d:d4:01:5e:63:01:d8:17:e1:f7:e5:61:30:40:92:94:3d:70:
db:37:c7:53:b9:d9:47:07:26:3b:c4:d4:70:62:1b:d6:26:a5:
8a:27:6a:7d:c1:59:f5:1c:2d:cb:6d:7f:d2:06:5a:b7:21:9e:
c7:a1:d5:11:8d:12:68:4e:cb:90:6c:2a:fa:f2:da:1a:c5:bf:
3e:c2:db:98:38:68:7a:30:4a:d4:c8:2c:87:e0:f7:86:cd:a2:
7e:85:39:c9:e0:3e:d9:26:f6:10:d8:81:8b:86:a0:ff:11:ae:
ef:e8:20:b2:82:fc:19:11:dd:94:56:98:e2:2e:6e:5b:b5:85:
e4:bb:7f:6f:94:b9:19:24:d8:24:d6:0b:a8:6d:d2:c2:f7:45:
ce:04:2b:f6:67:29:1b:c7:bd:ef:0a:2f:cf:92:73:8f:f7:a4:
90:e9:b8:ae:c1:6f:10:97:3b:50:2d:05:22:21:37:0c:97:96:
3c:d4:f9:1f:40:e9:e1:f2:64:58:53:9e:7d:2a:05:da:97:54:
1d:31:fd:79:91:47:e2:4d:87:a4:df:9f:2f:47:7f:97:15:a9:
57:32:75:6c
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYkGzC+Y5JHtpmTVcQOXfVfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwNjI5MTA1NjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGM4MjcyNmI4NmFhY2RiMzg2YzNmNmRhNzc1YzIwMzM1ZTllZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomQkxdj8qn3KF9qBykuIhe2Oj+1G
SoQrFVtrfIRi3FQSNdZrtZq+XBtuW0RJ7vZltHMubmTJ8e6nyv8Nr3SbGmpzFQ8M
s+CEaszVxry8WnTrtiQcKGaikIIE/ikmsVoFZ0wL3IQnbk4mfsaHrxJUH2/oeJQ8
taB+Na0Zj0xEqA3zf0aaclSIbv/mDHxZp2uBsDMB6SceoWtb7r3dNEf4YW5CSjw0
YSuwCmOmj9OXhdlm8kMZV+Un+1lux7Qr1U3XVJX9xwz0c0VwImx2hE9o9zMtda79
Ie2oxMaBl9hIxLrbNCopFDzttXHM8XhCPTbioE3e2bQh9DdejFXU5Xi6xwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFJDIJya4aqzbOGw/bad1wgM16e1MMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgf0GCCsGAQUFBwELBIHwMIHtMD8GCCsGAQUFBzAFhjNyc3lu
YzovL3Jwa2kuemFwcGllaG9zdC5jb20vcmVwby9IQVpFTF9VSURfMTg4NjAvMS8w
awYIKwYBBQUHMAqGX3JzeW5jOi8vcnBraS56YXBwaWVob3N0LmNvbS9yZXBvL0hB
WkVMX1VJRF8xODg2MC8xLzkwQzgyNzI2Qjg2QUFDREIzODZDM0Y2REE3NzVDMjAz
MzVFOUVENEMubWZ0MD0GCCsGAQUFBzANhjFodHRwczovL3Jwa2kuemFwcGllaG9z
dC5jb20vcnJkcC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1
d0VISUpuSEMyUUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMOMjANBgkqhkiG9w0BAQsFAAOCAQEA
bJrr4xaRpr2I79ck+8ovtBzWYITmNggOnUjsJAG2QswdDH+YHdQBXmMB2Bfh9+Vh
MECSlD1w2zfHU7nZRwcmO8TUcGIb1ialiidqfcFZ9Rwty21/0gZatyGex6HVEY0S
aE7LkGwq+vLaGsW/PsLbmDhoejBK1Mgsh+D3hs2ifoU5yeA+2Sb2ENiBi4ag/xGu
7+ggsoL8GRHdlFaY4i5uW7WF5Lt/b5S5GSTYJNYLqG3SwvdFzgQr9mcpG8e97wov
z5Jzj/ekkOm4rsFvEJc7UC0FIiE3DJeWPNT5H0Dp4fJkWFOefSoF2pdUHTH9eZFH
4k2HpN+fL0d/lxWpVzJ1bA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:57 2024 by rpki-client on console-fra.rpki-client.org