Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pYYMx3zUi1IZfPW_e5SSDAIUS9U.cer
File: pYYMx3zUi1IZfPW_e5SSDAIUS9U.cer (raw, json)
Hash identifier: OzBjs4n0ZWqy7TiPbkZ2MkjQLcbjblZHGBSB3VYASOY=
Subject key identifier: A5:86:0C:C7:7C:D4:8B:52:19:7C:F5:BF:7B:94:92:0C:02:14:4B:D5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856E65A74BC55E5505CDC7A8E3395DADF3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/80/c2f028-4643-4fa4-bbb2-28924b056c59/1/pYYMx3zUi1IZfPW_e5SSDAIUS9U.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/80/c2f028-4643-4fa4-bbb2-28924b056c59/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 17:33:53 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 37.72.136.0/24
IP: 2a11:2ec0::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:65:a7:4b:c5:5e:55:05:cd:c7:a8:e3:39:5d:ad:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:33:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5860cc77cd48b52197cf5bf7b94920c02144bd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:35:c9:cf:55:84:db:08:08:d8:57:2d:0a:aa:
87:bc:5c:f6:0f:e3:b6:a5:29:37:f6:5d:15:a2:d7:
ea:8f:44:d3:f2:de:1f:2d:2c:18:cd:4f:20:5f:1c:
8c:7c:f8:5c:33:5c:45:62:d2:af:5b:19:01:12:6c:
70:b2:41:6d:dd:2d:ed:a9:47:0a:17:24:a9:f9:bb:
c7:6d:9c:3c:ef:4a:4c:32:5b:f5:da:1f:45:2b:f3:
24:a8:78:79:5c:62:3c:d7:8e:ad:7c:44:b4:48:01:
5c:2b:98:6f:f2:2d:3e:a9:59:f9:8d:92:82:44:30:
b8:13:ca:b3:b0:cf:b2:5c:82:08:ff:77:a7:58:7d:
32:03:1d:77:d5:e8:4c:50:63:b0:f2:d8:6e:bf:b7:
d8:02:1d:05:e5:b0:79:94:0b:02:1d:aa:6f:0b:f1:
31:02:b8:5a:cd:54:93:03:35:e9:5f:1c:1a:43:3c:
05:57:0a:8d:55:87:5f:a1:09:98:8a:b6:81:cd:41:
db:b2:a3:cc:d2:32:f5:6d:a0:fc:76:4e:be:ec:3a:
fd:4b:94:25:35:50:59:3d:40:3e:ba:82:0f:54:64:
63:b9:82:d2:90:b9:43:84:23:34:e3:6e:81:04:70:
0d:73:84:41:b0:81:59:21:ad:a1:3b:3f:e4:c5:ae:
d2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:86:0C:C7:7C:D4:8B:52:19:7C:F5:BF:7B:94:92:0C:02:14:4B:D5
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/c2f028-4643-4fa4-bbb2-28924b056c59/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/c2f028-4643-4fa4-bbb2-28924b056c59/1/pYYMx3zUi1IZfPW_e5SSDAIUS9U.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.136.0/24
IPv6:
2a11:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:4e:4d:3b:e5:b2:e1:16:b0:36:33:77:42:ff:eb:39:1e:69:
ef:fb:6d:49:9e:dd:bc:41:6f:b1:7f:04:98:23:41:4b:f9:0e:
8f:c0:7e:43:a3:d8:fc:97:88:a0:e0:42:db:de:84:14:05:fb:
88:f2:88:7b:64:2d:f6:24:ac:43:94:d8:d3:dc:67:18:28:93:
39:2d:f2:c9:03:27:d7:84:44:fa:62:f4:e2:a4:00:13:4b:08:
88:74:72:86:0d:dc:b5:ea:9e:99:2d:3c:2f:0f:62:ad:58:19:
2d:3e:61:13:37:fd:5f:34:60:b2:35:04:54:27:28:79:15:2e:
41:a5:cf:b3:88:d6:c5:8d:4d:26:87:81:8a:45:be:a5:87:b4:
ff:2c:93:73:ae:b8:c2:d1:d4:e3:64:89:c5:45:9a:b6:d2:ed:
97:a1:c0:8f:eb:68:84:52:d4:44:08:97:15:11:13:c3:c8:06:
3f:43:e5:d1:eb:87:be:4f:4e:07:28:09:b0:aa:03:9e:bb:63:
dd:3f:31:8c:b2:f2:7b:92:54:3d:f7:e0:83:af:08:52:19:6c:
4f:5a:cc:25:d9:0b:73:32:a3:f9:53:12:d1:36:ab:5f:1d:cb:
d3:38:3e:25:07:5a:c6:cc:07:9b:99:af:b0:ca:88:8c:af:35:
7d:32:74:03
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVuZadLxV5VBc3HqOM5Xa3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTczMzUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg2MGNjNzdjZDQ4YjUyMTk3Y2Y1YmY3Yjk0OTIwYzAyMTQ0YmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zXJz1WE2wgI2FctCqqHvFz2D+O2
pSk39l0Votfqj0TT8t4fLSwYzU8gXxyMfPhcM1xFYtKvWxkBEmxwskFt3S3tqUcK
FySp+bvHbZw870pMMlv12h9FK/MkqHh5XGI8146tfES0SAFcK5hv8i0+qVn5jZKC
RDC4E8qzsM+yXIII/3enWH0yAx131ehMUGOw8thuv7fYAh0F5bB5lAsCHapvC/Ex
ArhazVSTAzXpXxwaQzwFVwqNVYdfoQmYiraBzUHbsqPM0jL1baD8dk6+7Dr9S5Ql
NVBZPUA+uoIPVGRjuYLSkLlDhCM0426BBHANc4RBsIFZIa2hOz/kxa7S+wIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFKWGDMd81ItSGXz1v3uUkgwCFEvVMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgwL2MyZjAy
OC00NjQzLTRmYTQtYmJiMi0yODkyNGIwNTZjNTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvYzJmMDI4
LTQ2NDMtNGZhNC1iYmIyLTI4OTI0YjA1NmM1OS8xL3BZWU14M3pVaTFJWmZQV19l
NVNTREFJVVM5VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAJUiIMA0EAgACMAcDBQMqES7AMA0GCSqGSIb3
DQEBCwUAA4IBAQAtTk075bLhFrA2M3dC/+s5Hmnv+21Jnt28QW+xfwSYI0FL+Q6P
wH5Do9j8l4ig4ELb3oQUBfuI8oh7ZC32JKxDlNjT3GcYKJM5LfLJAyfXhET6YvTi
pAATSwiIdHKGDdy16p6ZLTwvD2KtWBktPmETN/1fNGCyNQRUJyh5FS5Bpc+ziNbF
jU0mh4GKRb6lh7T/LJNzrrjC0dTjZInFRZq20u2XocCP62iEUtRECJcVERPDyAY/
Q+XR64e+T04HKAmwqgOeu2PdPzGMsvJ7klQ99+CDrwhSGWxPWswl2QtzMqP5UxLR
NqtfHcvTOD4lB1rGzAebma+wyoiMrzV9MnQD
Generated at Tue Oct 31 15:54:07 2023 by rpki-client on console-fra.rpki-client.org