Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kRiebt9T5AZyybXx81GXKCkewu4.cer
File: kRiebt9T5AZyybXx81GXKCkewu4.cer (raw, json)
Hash identifier: dKAYQ8RxFQcULue+T9agDxSyxTV7V/Slah45yLHKhHs=
Subject key identifier: 91:18:9E:6E:DF:53:E4:06:72:C9:B5:F1:F3:51:97:28:29:1E:C2:EE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8DE10E15FC420FD0392CA53F7D1D9D5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/df/c1d4a2-7c4e-4adc-8f65-b148d4f066ce/1/kRiebt9T5AZyybXx81GXKCkewu4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/df/c1d4a2-7c4e-4adc-8f65-b148d4f066ce/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 06:30:45 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 193.178.134.0/24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 10:28:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:10:e1:5f:c4:20:fd:03:92:ca:53:f7:d1:d9:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91189e6edf53e40672c9b5f1f3519728291ec2ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8f:1c:28:95:17:e6:f2:43:a7:5c:5e:74:61:
ab:04:e2:fd:bf:1a:42:22:34:79:58:1f:3a:92:e8:
01:57:5d:2d:44:03:43:69:01:a1:2f:60:84:c7:b3:
92:22:f7:66:7e:46:dc:04:0d:85:56:4d:ff:85:e8:
16:06:c9:fe:89:c2:d7:a0:90:14:e9:63:37:63:4b:
e9:07:73:d9:9c:f8:ff:f2:8a:1a:e5:e9:6a:c1:59:
9e:d0:75:24:d1:70:53:2d:30:b6:08:3d:d0:1a:d0:
7c:b6:fd:97:3f:f6:96:6c:7c:dd:b1:21:70:2c:8e:
e3:59:dc:91:d0:56:55:fb:ed:77:7b:1f:38:d1:bf:
1a:64:4f:38:d5:6a:68:06:b8:fd:9e:c3:bf:8e:59:
a0:bc:ae:5b:a9:61:29:a9:cc:e2:ea:f0:21:dd:07:
16:34:b7:c9:b0:b1:8d:be:8a:ff:a6:a1:81:a7:11:
76:23:59:cb:94:a1:09:65:e9:a4:f0:77:6a:13:f6:
87:cc:75:c9:68:2d:9c:dc:9b:66:8b:be:d2:b7:23:
5f:15:c1:7f:96:34:8c:b0:94:40:5a:ab:56:e1:7a:
49:d6:c0:60:8c:41:94:9a:5b:49:88:76:d3:a3:98:
fb:43:41:44:bf:e7:b6:57:f4:30:e3:00:47:9e:99:
a9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:18:9E:6E:DF:53:E4:06:72:C9:B5:F1:F3:51:97:28:29:1E:C2:EE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c1d4a2-7c4e-4adc-8f65-b148d4f066ce/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c1d4a2-7c4e-4adc-8f65-b148d4f066ce/1/kRiebt9T5AZyybXx81GXKCkewu4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.134.0/24
Signature Algorithm: sha256WithRSAEncryption
70:f7:4b:e4:12:f4:1e:fd:9c:3e:99:a4:cd:9c:00:b7:f6:c5:
7d:d2:8e:75:a0:8f:31:0c:52:0b:cd:94:89:d0:b4:32:18:71:
2a:a8:89:bd:fe:70:cb:0d:df:04:8a:5d:48:49:22:78:aa:a0:
be:93:04:f8:95:1c:56:c7:46:e3:96:2a:fe:f8:26:93:98:33:
e0:a0:3e:a0:bc:80:b4:b6:ff:0d:6f:70:e4:bb:79:63:02:cb:
1c:15:85:40:95:5d:7e:b4:1e:9d:1e:42:cb:3a:55:f9:ff:ea:
1b:71:1c:79:50:e1:3f:ba:71:7d:da:56:ef:95:c9:33:d9:67:
a6:40:7e:d0:39:a8:ad:07:81:4f:d2:ea:fd:fe:c3:d1:3c:84:
0d:86:fc:dc:63:8f:70:1e:d1:8a:fb:c4:94:ce:fa:2e:60:e3:
41:62:29:ba:f2:f9:e0:1b:c7:ce:80:da:81:ec:46:a8:63:d5:
bc:49:b3:fa:bd:9a:0d:62:03:f4:cd:f4:c9:f3:bb:7c:c5:38:
d5:e8:14:26:78:5a:f7:bb:50:21:d7:d6:ae:48:37:ff:09:8f:
55:b9:0b:08:9a:c5:d7:a1:0d:a2:32:cf:d9:5d:70:d2:02:7e:
ef:91:02:4e:6c:27:26:2f:72:63:f9:5b:7c:67:a1:f6:4e:7f:
40:30:5d:3d
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzI3hDhX8Qg/QOSylP30dnVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTE4OWU2ZWRmNTNlNDA2NzJjOWI1ZjFmMzUxOTcyODI5MWVjMmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI8cKJUX5vJDp1xedGGrBOL9vxpC
IjR5WB86kugBV10tRANDaQGhL2CEx7OSIvdmfkbcBA2FVk3/hegWBsn+icLXoJAU
6WM3Y0vpB3PZnPj/8ooa5elqwVme0HUk0XBTLTC2CD3QGtB8tv2XP/aWbHzdsSFw
LI7jWdyR0FZV++13ex840b8aZE841WpoBrj9nsO/jlmgvK5bqWEpqczi6vAh3QcW
NLfJsLGNvor/pqGBpxF2I1nLlKEJZemk8HdqE/aHzHXJaC2c3Jtmi77StyNfFcF/
ljSMsJRAWqtW4XpJ1sBgjEGUmltJiHbTo5j7Q0FEv+e2V/Qw4wBHnpmpQwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFJEYnm7fU+QGcsm18fNRlygpHsLuMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RmL2MxZDRh
Mi03YzRlLTRhZGMtOGY2NS1iMTQ4ZDRmMDY2Y2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYvYzFkNGEy
LTdjNGUtNGFkYy04ZjY1LWIxNDhkNGYwNjZjZS8xL2tSaWVidDlUNUFaeXliWHg4
MUdYS0NrZXd1NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwbKGMA0GCSqGSIb3DQEBCwUAA4IBAQBw90vk
EvQe/Zw+maTNnAC39sV90o51oI8xDFILzZSJ0LQyGHEqqIm9/nDLDd8Eil1ISSJ4
qqC+kwT4lRxWx0bjlir++CaTmDPgoD6gvIC0tv8Nb3Dku3ljAsscFYVAlV1+tB6d
HkLLOlX5/+obcRx5UOE/unF92lbvlckz2WemQH7QOaitB4FP0ur9/sPRPIQNhvzc
Y49wHtGK+8SUzvouYONBYim68vngG8fOgNqB7EaoY9W8SbP6vZoNYgP0zfTJ87t8
xTjV6BQmeFr3u1Ah19auSDf/CY9VuQsImsXXoQ2iMs/ZXXDSAn7vkQJObCcmL3Jj
+Vt8Z6H2Tn9AMF09
-----END CERTIFICATE-----
Generated at Tue Oct 29 14:33:55 2024 by rpki-client on console-ams.rpki-client.org