Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nVPO0Sw4BijqEyKr9CSnRiLGbKA.cer
File: nVPO0Sw4BijqEyKr9CSnRiLGbKA.cer (raw, json)
Hash identifier: bidWbndg292jE9lZk5zU8pwint7ER5aRyJs/IM2spnI=
Subject key identifier: 9D:53:CE:D1:2C:38:06:28:EA:13:22:AB:F4:24:A7:46:22:C6:6C:A0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856E65C96EF635CAF26DCACF7399725A03
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f4/7706e3-3cb3-4057-90c7-94d7a100c326/1/nVPO0Sw4BijqEyKr9CSnRiLGbKA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f4/7706e3-3cb3-4057-90c7-94d7a100c326/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 17:34:02 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 212.23.200.0/24
Validation: Failed, certificate revoked on Fri 24 Nov 2023 11:43:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:65:c9:6e:f6:35:ca:f2:6d:ca:cf:73:99:72:5a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:34:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d53ced12c380628ea1322abf424a74622c66ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:38:10:62:66:76:50:fe:3f:5a:38:d0:3a:2d:
90:ef:ef:92:40:75:9c:c4:00:ee:ae:ad:c2:37:45:
a9:20:17:d7:eb:f1:b4:24:d0:96:0c:49:7a:be:b1:
d7:1c:9a:a4:73:e3:40:f4:f2:28:70:34:33:ab:1c:
7c:38:58:b3:f4:98:dc:5e:79:d0:6d:19:59:97:62:
dd:7b:3b:87:22:da:18:05:94:3d:4b:6c:db:fb:6d:
1f:4e:30:5e:01:d5:3c:ba:3e:ae:c5:ea:52:d4:d3:
4a:45:2e:43:3c:1c:c4:de:d0:23:87:6a:2b:1f:ff:
29:50:5c:f1:72:03:cd:e2:5b:42:5e:c2:00:6f:31:
05:ae:4b:52:4d:f4:09:6f:1e:db:f2:a6:60:34:56:
5b:74:1c:46:c8:ea:76:9b:1e:26:d7:21:6f:56:8d:
b8:b4:22:b3:f8:44:85:5c:1e:e2:80:67:da:5d:fc:
53:9f:85:78:c2:2d:0e:48:53:f7:a5:2e:67:17:eb:
2d:be:c8:50:98:4c:8a:c4:5f:8f:f4:d0:e3:04:c9:
cf:88:45:1d:4c:4f:97:7b:a2:5f:62:3c:43:e5:cc:
18:9e:0c:c9:56:e3:c2:45:d1:71:53:b9:8f:6e:15:
55:d5:83:a2:8c:05:5e:a4:01:f2:76:72:07:cf:84:
64:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:53:CE:D1:2C:38:06:28:EA:13:22:AB:F4:24:A7:46:22:C6:6C:A0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7706e3-3cb3-4057-90c7-94d7a100c326/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7706e3-3cb3-4057-90c7-94d7a100c326/1/nVPO0Sw4BijqEyKr9CSnRiLGbKA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.200.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:de:b6:75:4c:d5:48:79:e5:a8:f2:71:f5:dc:f2:02:43:79:
5c:1b:da:e0:d6:cd:30:c9:43:f2:fb:c5:e1:39:a7:9c:06:00:
b8:13:24:54:07:ce:13:53:b0:31:91:99:6d:96:ef:56:33:70:
bf:01:69:bd:e7:a4:e3:bc:e3:d8:6e:09:77:25:98:22:c8:42:
b6:f0:6b:0b:9b:43:a2:05:de:2d:a4:7f:68:43:9b:a4:eb:50:
1e:82:55:bd:d4:6d:d5:70:da:03:be:83:6c:01:68:f4:33:f6:
6f:17:17:20:6a:6b:8f:3c:17:95:b6:0b:88:78:e4:5a:51:f3:
35:63:ca:14:43:db:51:79:2d:2f:49:f9:cc:7b:84:f9:af:12:
f4:7f:65:5e:28:6a:c7:ce:a6:f8:06:22:65:06:2d:d4:63:53:
a0:4a:f7:27:93:49:d8:11:91:ca:28:6f:cd:4c:2e:2f:55:5b:
03:eb:da:6a:d2:73:99:de:58:1c:59:ea:e2:03:d3:44:df:8b:
a0:ea:55:5c:66:3d:fd:6c:f4:2e:64:aa:57:3c:6d:d2:4e:6b:
de:3c:7f:a4:84:a1:00:92:16:97:a5:b1:13:51:9f:1c:91:70:
88:6d:82:ed:1c:d9:4e:41:db:a3:00:df:39:7a:28:ec:2b:94:
09:bd:4d:e0
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVuZclu9jXK8m3Kz3OZcloDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTczNDAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDUzY2VkMTJjMzgwNjI4ZWExMzIyYWJmNDI0YTc0NjIyYzY2Y2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjgQYmZ2UP4/WjjQOi2Q7++SQHWc
xADurq3CN0WpIBfX6/G0JNCWDEl6vrHXHJqkc+NA9PIocDQzqxx8OFiz9JjcXnnQ
bRlZl2LdezuHItoYBZQ9S2zb+20fTjBeAdU8uj6uxepS1NNKRS5DPBzE3tAjh2or
H/8pUFzxcgPN4ltCXsIAbzEFrktSTfQJbx7b8qZgNFZbdBxGyOp2mx4m1yFvVo24
tCKz+ESFXB7igGfaXfxTn4V4wi0OSFP3pS5nF+stvshQmEyKxF+P9NDjBMnPiEUd
TE+Xe6JfYjxD5cwYngzJVuPCRdFxU7mPbhVV1YOijAVepAHydnIHz4RkBQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFJ1TztEsOAYo6hMiq/Qkp0YixmygMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y0Lzc3MDZl
My0zY2IzLTQwNTctOTBjNy05NGQ3YTEwMGMzMjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQvNzcwNmUz
LTNjYjMtNDA1Ny05MGM3LTk0ZDdhMTAwYzMyNi8xL25WUE8wU3c0QmlqcUV5S3I5
Q1NuUmlMR2JLQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQA1BfIMA0GCSqGSIb3DQEBCwUAA4IBAQA63rZ1
TNVIeeWo8nH13PICQ3lcG9rg1s0wyUPy+8XhOaecBgC4EyRUB84TU7AxkZltlu9W
M3C/AWm956TjvOPYbgl3JZgiyEK28GsLm0OiBd4tpH9oQ5uk61AeglW91G3VcNoD
voNsAWj0M/ZvFxcgamuPPBeVtguIeORaUfM1Y8oUQ9tReS0vSfnMe4T5rxL0f2Ve
KGrHzqb4BiJlBi3UY1OgSvcnk0nYEZHKKG/NTC4vVVsD69pq0nOZ3lgcWeriA9NE
34ug6lVcZj39bPQuZKpXPG3STmvePH+khKEAkhaXpbETUZ8ckXCIbYLtHNlOQduj
AN85eijsK5QJvU3g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:56:33 2024 by rpki-client on console-ams.rpki-client.org