Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kT9MnGOI8KA0J2IAnjJOwTJxM34.cer
File: kT9MnGOI8KA0J2IAnjJOwTJxM34.cer (raw, json)
Hash identifier: OpAhQ8n6rjta8o19u+mGCPjtgETPWMviYZQSGHD41mc=
Subject key identifier: 91:3F:4C:9C:63:88:F0:A0:34:27:62:00:9E:32:4E:C1:32:71:33:7E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856FB08E711F69B8A96B2776862EFF43BF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/db/1c7481-e6a0-4a1c-87e6-4027423aa38c/1/kT9MnGOI8KA0J2IAnjJOwTJxM34.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/db/1c7481-e6a0-4a1c-87e6-4027423aa38c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 23:35:19 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.151.144.0/24
IP: 2a11:2000::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b0:8e:71:1f:69:b8:a9:6b:27:76:86:2e:ff:43:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 23:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=913f4c9c6388f0a0342762009e324ec13271337e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:64:aa:93:eb:1f:6d:70:24:32:29:e9:ad:bb:
43:b6:a6:f3:0b:1b:c3:de:a5:d9:33:06:ff:01:db:
06:2f:64:ff:82:5c:1f:4a:40:69:76:14:4b:7d:a0:
36:4f:40:72:bb:e1:7c:33:72:f0:5e:12:fb:25:30:
78:e3:0a:88:37:de:a1:5a:3e:78:bd:37:cc:d4:9c:
33:1d:54:ad:ba:68:26:8c:aa:e8:ee:dc:b3:47:95:
f6:1c:1f:35:24:f5:c5:3d:9e:5a:ea:b5:e6:1c:a0:
ac:33:d1:00:be:72:66:7c:59:6c:1f:80:5f:74:dc:
46:51:60:3e:2a:e4:d9:19:1e:09:f4:11:0e:76:6a:
12:ae:87:42:ed:91:78:05:96:f8:99:d9:36:cd:8f:
f5:7e:d9:42:d2:18:7c:5e:fc:5b:76:8f:75:07:5d:
ce:7a:3a:06:86:58:1b:66:b4:48:28:e6:a2:ad:fd:
f6:24:7a:ed:dc:9c:9a:25:45:29:6f:f5:0a:c8:9b:
bf:d9:5a:ea:e9:c4:75:3b:3d:cd:40:76:c3:ad:37:
96:84:70:33:85:57:a2:ab:0b:6d:5b:73:4e:35:ee:
89:81:2e:97:83:a6:53:67:ce:2f:75:6a:00:01:6a:
27:73:86:c8:26:b2:ea:65:67:83:37:85:b0:84:68:
a7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3F:4C:9C:63:88:F0:A0:34:27:62:00:9E:32:4E:C1:32:71:33:7E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1c7481-e6a0-4a1c-87e6-4027423aa38c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1c7481-e6a0-4a1c-87e6-4027423aa38c/1/kT9MnGOI8KA0J2IAnjJOwTJxM34.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.144.0/24
IPv6:
2a11:2000::/29
Signature Algorithm: sha256WithRSAEncryption
8b:2a:4e:29:0d:ad:ed:af:93:1e:5f:13:9e:65:18:0c:ff:e2:
24:df:ad:23:6b:be:e3:78:3d:19:a6:9a:f9:9b:47:18:bc:ae:
36:cc:d3:31:7f:0f:b8:c5:60:3a:e1:00:63:af:55:ea:d4:ea:
aa:bd:91:36:de:39:24:a1:a1:d7:dd:58:47:90:01:a3:cd:61:
f4:3b:b2:c8:7c:78:82:dc:0e:17:9c:14:71:93:c9:82:d4:48:
82:d6:7f:c3:27:f8:23:c9:2e:79:e9:5b:91:03:58:56:ef:23:
90:9b:ce:71:e0:a0:2c:db:3c:a7:03:8c:1b:b2:e5:ec:22:bb:
14:68:66:46:96:de:1f:90:5c:d9:a7:b7:d0:4a:e2:34:69:f5:
0b:35:5f:fc:c7:16:d8:e0:5a:57:74:90:20:d8:77:ab:d6:49:
f1:d5:58:98:c4:0a:2a:d5:f7:d6:7b:2d:59:2d:ec:38:e0:c6:
df:fc:ca:3e:6a:90:1f:33:de:3f:ce:45:8d:e8:17:93:be:26:
3c:d3:a4:e1:d9:ee:97:a5:d3:dd:81:56:7d:6e:ec:6b:7b:2a:
d9:77:e7:aa:f1:cc:6c:ba:6a:fd:26:62:c2:ac:b6:1d:99:43:
a3:3c:7a:63:e4:4c:37:9d:eb:3f:9a:37:ce:07:3a:23:d2:fe:
98:39:89:c5
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVvsI5xH2m4qWsndoYu/0O/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjMzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTNmNGM5YzYzODhmMGEwMzQyNzYyMDA5ZTMyNGVjMTMyNzEzMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGSqk+sfbXAkMinprbtDtqbzCxvD
3qXZMwb/AdsGL2T/glwfSkBpdhRLfaA2T0Byu+F8M3LwXhL7JTB44wqIN96hWj54
vTfM1JwzHVStumgmjKro7tyzR5X2HB81JPXFPZ5a6rXmHKCsM9EAvnJmfFlsH4Bf
dNxGUWA+KuTZGR4J9BEOdmoSrodC7ZF4BZb4mdk2zY/1ftlC0hh8Xvxbdo91B13O
ejoGhlgbZrRIKOairf32JHrt3JyaJUUpb/UKyJu/2Vrq6cR1Oz3NQHbDrTeWhHAz
hVeiqwttW3NONe6JgS6Xg6ZTZ84vdWoAAWonc4bIJrLqZWeDN4WwhGinkQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFJE/TJxjiPCgNCdiAJ4yTsEycTN+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RiLzFjNzQ4
MS1lNmEwLTRhMWMtODdlNi00MDI3NDIzYWEzOGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIvMWM3NDgx
LWU2YTAtNGExYy04N2U2LTQwMjc0MjNhYTM4Yy8xL2tUOU1uR09JOEtBMEoySUFu
akpPd1RKeE0zNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAuZeQMA0EAgACMAcDBQMqESAAMA0GCSqGSIb3
DQEBCwUAA4IBAQCLKk4pDa3tr5MeXxOeZRgM/+Ik360ja77jeD0Zppr5m0cYvK42
zNMxfw+4xWA64QBjr1Xq1OqqvZE23jkkoaHX3VhHkAGjzWH0O7LIfHiC3A4XnBRx
k8mC1EiC1n/DJ/gjyS556VuRA1hW7yOQm85x4KAs2zynA4wbsuXsIrsUaGZGlt4f
kFzZp7fQSuI0afULNV/8xxbY4FpXdJAg2Her1knx1ViYxAoq1ffWey1ZLew44Mbf
/Mo+apAfM94/zkWN6BeTviY806Th2e6XpdPdgVZ9buxreyrZd+eq8cxsumr9JmLC
rLYdmUOjPHpj5Ew3nes/mjfOBzoj0v6YOYnF
Generated at Tue Aug 8 12:00:43 2023 by rpki-client on console-fra.rpki-client.org