Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nYRfQJqy_yyBR_wcmo0A3fEoYRc.cer
File: nYRfQJqy_yyBR_wcmo0A3fEoYRc.cer (raw, json)
Hash identifier: ZSiEBmtP1CaOl7RlPArIQrOKTFTVWrenSt/gLpohvmk=
Subject key identifier: 9D:84:5F:40:9A:B2:FF:2C:81:47:FC:1C:9A:8D:00:DD:F1:28:61:17
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0185708A240D1943B17F73E04C5A14626B12
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/03/e8af1d-8537-4b2d-b9df-52b8cd5a9d88/1/nYRfQJqy_yyBR_wcmo0A3fEoYRc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/03/e8af1d-8537-4b2d-b9df-52b8cd5a9d88/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 03:32:59 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 91.193.248.0/22
IP: 91.197.200.0/22
IP: 185.54.24.0/22
IP: 185.92.172.0/22
IP: 185.95.188.0/22
IP: 185.145.136.0/22
IP: 185.226.68.0/22
IP: 185.227.40.0/22
IP: 185.227.248.0/22
IP: 185.231.248.0/22
IP: 185.233.224.0/22
IP: 185.240.192.0/22
IP: 185.241.12.0/22
IP: 185.242.240.0/22
IP: 185.243.196.0/22
IP: 185.244.88.0/22
IP: 185.245.216.0/22
IP: 185.246.108.0/22
IP: 185.246.136.0/22
IP: 185.246.244.0/22
IP: 185.247.72.0/22
IP: 185.248.232.0/22
IP: 185.249.128.0/22
IP: 185.249.244.0 -- 185.249.251.255
IP: 185.251.156.0/22
IP: 185.251.168.0/22
IP: 185.252.104.0/22
IP: 185.254.184.0/22
IP: 185.255.224.0/22
IP: 192.145.224.0/22
IP: 193.43.20.0/22
IP: 193.56.212.0/22
IP: 193.223.64.0/22
IP: 194.33.88.0/22
IP: 2a12:cdc0::/29
Validation: Failed, certificate revoked on Tue 28 Mar 2023 14:08:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8a:24:0d:19:43:b1:7f:73:e0:4c:5a:14:62:6b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:32:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d845f409ab2ff2c8147fc1c9a8d00ddf1286117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a5:b6:b7:fd:8e:b5:d1:dd:db:1b:4a:a3:c7:
b1:e4:6c:02:0d:c1:da:06:c5:37:4b:18:69:13:7a:
95:ee:99:31:75:b6:23:7d:4c:34:63:63:6f:29:a3:
7f:c4:a3:23:28:6d:1b:c8:9c:77:eb:c5:ff:a9:34:
b6:59:fe:47:dc:47:3a:7d:03:91:7a:17:ad:48:2a:
91:e8:48:9d:d5:c3:ea:b2:11:2b:79:4f:69:85:08:
7c:05:fa:37:63:95:1e:2c:92:82:98:ee:22:8d:4e:
11:36:71:9f:c5:c2:b6:76:eb:0f:4b:ed:d4:fd:de:
e9:49:db:ed:e7:8c:58:70:58:26:90:df:1b:28:19:
3d:76:2a:01:38:72:5a:30:f7:83:d7:e0:60:fa:f6:
08:fd:5c:50:bf:da:31:31:9b:c6:db:e8:1c:a7:2c:
36:b3:36:c3:0b:7e:ad:4f:9e:ce:ff:f7:e5:cc:8d:
8d:8c:5e:49:1c:c9:0b:6e:75:29:c2:31:86:ec:e1:
2b:de:ed:9c:9b:ba:91:6c:b5:93:ae:2a:39:bf:f4:
38:44:2e:c0:c2:e8:b3:21:cb:bf:8d:45:ef:e2:b2:
3a:c8:54:a7:6a:22:49:95:ac:66:09:9e:24:bd:e2:
cb:aa:08:73:ea:da:98:ea:20:b5:be:84:26:92:13:
1c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:84:5F:40:9A:B2:FF:2C:81:47:FC:1C:9A:8D:00:DD:F1:28:61:17
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e8af1d-8537-4b2d-b9df-52b8cd5a9d88/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e8af1d-8537-4b2d-b9df-52b8cd5a9d88/1/nYRfQJqy_yyBR_wcmo0A3fEoYRc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.248.0/22
91.197.200.0/22
185.54.24.0/22
185.92.172.0/22
185.95.188.0/22
185.145.136.0/22
185.226.68.0/22
185.227.40.0/22
185.227.248.0/22
185.231.248.0/22
185.233.224.0/22
185.240.192.0/22
185.241.12.0/22
185.242.240.0/22
185.243.196.0/22
185.244.88.0/22
185.245.216.0/22
185.246.108.0/22
185.246.136.0/22
185.246.244.0/22
185.247.72.0/22
185.248.232.0/22
185.249.128.0/22
185.249.244.0-185.249.251.255
185.251.156.0/22
185.251.168.0/22
185.252.104.0/22
185.254.184.0/22
185.255.224.0/22
192.145.224.0/22
193.43.20.0/22
193.56.212.0/22
193.223.64.0/22
194.33.88.0/22
IPv6:
2a12:cdc0::/29
Signature Algorithm: sha256WithRSAEncryption
72:48:e2:e8:82:a9:a1:ff:f2:57:2d:99:b1:98:3e:26:51:b3:
1d:e9:d2:86:88:12:06:44:d1:42:cd:a5:91:40:b0:c2:cb:07:
94:d6:15:69:fe:30:b9:f3:18:ee:65:63:4e:2e:8a:4d:2f:7f:
f1:da:e6:5b:b0:ab:5f:c3:f8:90:5e:2e:fc:8c:d1:85:60:ba:
6e:dd:50:56:8f:31:95:1a:60:b5:1b:4b:b8:d1:8b:c5:71:f8:
c6:47:03:f0:d5:54:7c:57:94:79:27:e2:4e:13:cf:05:2f:6e:
15:72:ad:95:71:09:a9:2f:47:d0:9a:16:7a:80:51:5c:87:94:
e1:a4:57:17:a5:57:dc:34:2e:cd:21:1b:95:b6:90:39:06:57:
cb:d2:a4:70:7d:e5:76:1f:38:cb:14:35:b0:5d:6d:43:16:46:
7b:00:bd:26:32:da:ef:5f:6d:7d:fd:6a:92:36:e2:58:c9:50:
05:60:19:1a:9a:f5:1f:e1:19:98:cc:fb:96:58:6c:26:9a:20:
b4:c6:9a:58:6f:f4:61:45:d1:69:b2:c2:f2:86:7b:c0:f8:6e:
24:5a:b5:27:b5:1b:d2:b1:ff:b2:9c:42:1a:6d:78:f5:d2:dd:
57:de:e7:29:40:7c:51:e4:54:b4:30:73:b4:3b:2d:37:f6:86:
13:b0:04:7c
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgISAYVwiiQNGUOxf3PgTFoUYmsSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDMzMjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDg0NWY0MDlhYjJmZjJjODE0N2ZjMWM5YThkMDBkZGYxMjg2MTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6W2t/2OtdHd2xtKo8ex5GwCDcHa
BsU3SxhpE3qV7pkxdbYjfUw0Y2NvKaN/xKMjKG0byJx368X/qTS2Wf5H3Ec6fQOR
ehetSCqR6Eid1cPqshEreU9phQh8Bfo3Y5UeLJKCmO4ijU4RNnGfxcK2dusPS+3U
/d7pSdvt54xYcFgmkN8bKBk9dioBOHJaMPeD1+Bg+vYI/VxQv9oxMZvG2+gcpyw2
szbDC36tT57O//flzI2NjF5JHMkLbnUpwjGG7OEr3u2cm7qRbLWTrio5v/Q4RC7A
wuizIcu/jUXv4rI6yFSnaiJJlaxmCZ4kveLLqghz6tqY6iC1voQmkhMcwwIDAQAB
o4IDZzCCA2MwHQYDVR0OBBYEFJ2EX0Casv8sgUf8HJqNAN3xKGEXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAzL2U4YWYx
ZC04NTM3LTRiMmQtYjlkZi01MmI4Y2Q1YTlkODgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMvZThhZjFk
LTg1MzctNGIyZC1iOWRmLTUyYjhjZDVhOWQ4OC8xL25ZUmZRSnF5X3l5QlJfd2Nt
bzBBM2ZFb1lSYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBAAYIKwYB
BQUHAQcBAf8EgfAwge0wgdsEAgABMIHUAwQCW8H4AwQCW8XIAwQCuTYYAwQCuVys
AwQCuV+8AwQCuZGIAwQCueJEAwQCueMoAwQCueP4AwQCuef4AwQCuengAwQCufDA
AwQCufEMAwQCufLwAwQCufPEAwQCufRYAwQCufXYAwQCufZsAwQCufaIAwQCufb0
AwQCufdIAwQCufjoAwQCufmAMAwDBAK5+fQDBAK5+fgDBAK5+5wDBAK5+6gDBAK5
/GgDBAK5/rgDBAK5/+ADBALAkeADBALBKxQDBALBONQDBALB30ADBALCIVgwDQQC
AAIwBwMFAyoSzcAwDQYJKoZIhvcNAQELBQADggEBAHJI4uiCqaH/8lctmbGYPiZR
sx3p0oaIEgZE0ULNpZFAsMLLB5TWFWn+MLnzGO5lY04uik0vf/Ha5luwq1/D+JBe
LvyM0YVgum7dUFaPMZUaYLUbS7jRi8Vx+MZHA/DVVHxXlHkn4k4TzwUvbhVyrZVx
CakvR9CaFnqAUVyHlOGkVxelV9w0Ls0hG5W2kDkGV8vSpHB95XYfOMsUNbBdbUMW
RnsAvSYy2u9fbX39apI24ljJUAVgGRqa9R/hGZjM+5ZYbCaaILTGmlhv9GFF0Wmy
wvKGe8D4biRatSe1G9Kx/7KcQhptePXS3Vfe5ylAfFHkVLQwc7Q7LTf2hhOwBHw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:56:33 2024 by rpki-client on console-ams.rpki-client.org