Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lqjXJVLlupQq2dlL2_ECiV6pbuQ.cer
File: lqjXJVLlupQq2dlL2_ECiV6pbuQ.cer (raw, json)
Hash identifier: LH/TNCWZlvQzv8/ymKxKhOu/xlWoknwzSF4yBNM0Z0k=
Subject key identifier: 96:A8:D7:25:52:E5:BA:94:2A:D9:D9:4B:DB:F1:02:89:5E:A9:6E:E4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0185708A19BE52940E02B55DEAE0B6F87533
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/28/ce9779-3ada-4b03-a9ea-662b194869c0/1/lqjXJVLlupQq2dlL2_ECiV6pbuQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/28/ce9779-3ada-4b03-a9ea-662b194869c0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 03:32:56 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 42323
IP: 37.49.192.0/19
IP: 37.205.48.0/21
IP: 37.205.64.0/19
IP: 46.50.128.0/17
IP: 46.241.0.0/17
IP: 91.105.128.0/18
IP: 91.202.140.0/22
IP: 109.171.0.0/17
IP: 109.197.128.0/21
IP: 188.44.96.0/19
IP: 195.238.100.0/22
Validation: Failed, certificate revoked on Thu 16 Nov 2023 09:05:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8a:19:be:52:94:0e:02:b5:5d:ea:e0:b6:f8:75:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:32:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96a8d72552e5ba942ad9d94bdbf102895ea96ee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ac:10:23:8e:87:fe:57:0e:0a:4a:11:44:2b:
32:cf:6a:68:00:38:f1:25:37:f7:86:10:b5:27:43:
41:52:02:a2:6d:e9:83:a2:9d:db:27:39:0e:b1:bf:
c0:f5:68:75:93:e9:cf:84:07:87:51:9b:e4:62:3e:
64:9d:58:64:07:1c:91:79:f5:f1:9f:8a:a5:8a:d8:
c0:42:c1:5c:d2:74:9b:0f:36:5a:d9:08:51:73:b0:
37:c9:ca:9a:19:aa:cb:84:4b:53:54:4f:0e:24:fa:
7e:1f:20:18:f6:4c:60:ca:76:34:bb:2e:2b:21:ce:
81:0b:4a:57:c5:09:d3:92:2a:7e:d0:08:c8:c4:8d:
b2:c5:25:79:24:75:49:92:7b:ef:05:df:19:b7:12:
bb:74:f5:f9:3c:56:99:ec:26:06:90:91:a2:d3:62:
af:0f:71:a2:2e:78:e5:73:ed:78:56:63:36:e6:28:
cf:53:ca:79:29:92:0d:94:19:61:9e:35:f5:96:9c:
e7:91:fd:39:45:77:eb:87:59:0e:19:30:da:5d:e7:
b1:99:b8:39:25:47:cc:e3:6b:cf:f9:61:ac:52:e3:
75:89:36:3d:15:70:f9:b0:0d:ee:5c:23:44:fe:d7:
6b:22:a6:53:9a:5f:7f:d3:59:42:64:58:c6:2e:a8:
3f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A8:D7:25:52:E5:BA:94:2A:D9:D9:4B:DB:F1:02:89:5E:A9:6E:E4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ce9779-3ada-4b03-a9ea-662b194869c0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ce9779-3ada-4b03-a9ea-662b194869c0/1/lqjXJVLlupQq2dlL2_ECiV6pbuQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.192.0/19
37.205.48.0/21
37.205.64.0/19
46.50.128.0/17
46.241.0.0/17
91.105.128.0/18
91.202.140.0/22
109.171.0.0/17
109.197.128.0/21
188.44.96.0/19
195.238.100.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42323
Signature Algorithm: sha256WithRSAEncryption
78:d9:4f:b4:98:22:ca:90:c6:c3:a8:21:a4:45:4b:cb:95:39:
9b:91:6d:2f:e7:68:b0:10:36:b5:db:9e:a5:05:fa:fe:b0:4f:
9d:01:4a:1f:fa:cf:d8:39:44:bb:c5:64:01:24:8e:39:11:f1:
83:32:95:e7:11:dc:85:da:73:72:1a:ba:76:d5:ae:96:1f:48:
49:de:70:1f:81:65:34:87:96:a2:f2:70:b7:bd:ec:00:d9:c6:
67:62:3a:3f:4f:a4:69:71:e4:e6:1f:48:0c:46:b1:d3:e5:b1:
ad:4c:d9:1e:a5:1c:4d:87:de:0c:bb:20:e0:b9:e7:ec:18:47:
99:cc:5a:c5:3c:78:d1:52:dc:02:29:af:cd:f6:c1:ba:3c:7f:
8a:7a:5a:d1:5d:05:41:f0:30:c5:b1:b3:50:8b:bb:07:c2:ed:
84:8d:3e:87:11:d5:a5:30:1a:26:c5:35:e0:95:13:5e:e0:cc:
bf:2e:ff:e0:ab:69:de:04:eb:4d:5e:a6:28:81:75:1b:94:7c:
78:d9:c7:21:2d:12:ee:2c:9a:70:b5:0a:b1:d7:43:c4:0d:e7:
d4:78:80:c6:d9:c2:63:70:9e:76:96:a1:74:16:e5:9c:b3:a9:
87:01:7f:77:91:29:37:22:15:9b:f5:c6:5c:7e:4f:a8:9f:d8:
43:bf:e6:bc
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAYVwihm+UpQOArVd6uC2+HUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDMzMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmE4ZDcyNTUyZTViYTk0MmFkOWQ5NGJkYmYxMDI4OTVlYTk2ZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKwQI46H/lcOCkoRRCsyz2poADjx
JTf3hhC1J0NBUgKibemDop3bJzkOsb/A9Wh1k+nPhAeHUZvkYj5knVhkBxyRefXx
n4qlitjAQsFc0nSbDzZa2QhRc7A3ycqaGarLhEtTVE8OJPp+HyAY9kxgynY0uy4r
Ic6BC0pXxQnTkip+0AjIxI2yxSV5JHVJknvvBd8ZtxK7dPX5PFaZ7CYGkJGi02Kv
D3GiLnjlc+14VmM25ijPU8p5KZINlBlhnjX1lpznkf05RXfrh1kOGTDaXeexmbg5
JUfM42vP+WGsUuN1iTY9FXD5sA3uXCNE/tdrIqZTml9/01lCZFjGLqg/owIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFJao1yVS5bqUKtnZS9vxAoleqW7kMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI4L2NlOTc3
OS0zYWRhLTRiMDMtYTllYS02NjJiMTk0ODY5YzAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgvY2U5Nzc5
LTNhZGEtNGIwMy1hOWVhLTY2MmIxOTQ4NjljMC8xL2xxalhKVkxsdXBRcTJkbEwy
X0VDaVY2cGJ1US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGCCsGAQUF
BwEHAQH/BEwwSjBIBAIAATBCAwQFJTHAAwQDJc0wAwQFJc1AAwQHLjKAAwQHLvEA
AwQGW2mAAwQCW8qMAwQHbasAAwQDbcWAAwQFvCxgAwQCw+5kMBoGCCsGAQUFBwEI
AQH/BAswCaAHMAUCAwClUzANBgkqhkiG9w0BAQsFAAOCAQEAeNlPtJgiypDGw6gh
pEVLy5U5m5FtL+dosBA2tduepQX6/rBPnQFKH/rP2DlEu8VkASSOORHxgzKV5xHc
hdpzchq6dtWulh9ISd5wH4FlNIeWovJwt73sANnGZ2I6P0+kaXHk5h9IDEax0+Wx
rUzZHqUcTYfeDLsg4Lnn7BhHmcxaxTx40VLcAimvzfbBujx/inpa0V0FQfAwxbGz
UIu7B8LthI0+hxHVpTAaJsU14JUTXuDMvy7/4Ktp3gTrTV6mKIF1G5R8eNnHIS0S
7iyacLUKsddDxA3n1HiAxtnCY3CedpahdBblnLOphwF/d5EpNyIVm/XGXH5PqJ/Y
Q7/mvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:56:10 2024 by rpki-client on console-ams.rpki-client.org