Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
File: qB6zpes99jRVGpByK8Y61-AiysQ.cer (raw, json)
Hash identifier: k2Tj5RPZGse+F8q9eurDedGUJvp25bUmv2FU35OjNts=
Subject key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC492866C4A5E9D49D7EB4A380965C234
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.mft
caRepository: rsync://rsync.krill.cloud/repo/nlnetlabs/1/
Notify URL: https://rrdp.krill.cloud/notification.xml
Certificate not before: Mon 01 Jan 2024 10:29:46 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 204325
AS: 211321
IP: 185.49.140.0/22
IP: 2a04:b900::/29
Validation: Failed, certificate revoked on Mon 10 Jun 2024 10:18:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:86:6c:4a:5e:9d:49:d7:eb:4a:38:09:65:c2:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5b:bb:49:6f:4c:91:32:52:93:01:0b:52:78:
0d:d0:89:c6:f6:da:04:77:63:78:c8:c4:66:f9:be:
4e:67:a6:cf:0c:a2:e1:c1:ea:ce:09:b3:32:12:0e:
ab:78:ec:85:dc:3b:c0:f0:a2:5c:f1:85:6a:97:55:
32:b0:5b:06:bd:88:72:2e:ca:b4:5b:d9:13:58:61:
17:96:b7:54:e0:2d:a8:38:e8:8d:c4:1e:8c:aa:99:
60:79:d2:9a:33:90:5f:b0:96:e4:9e:29:3f:4f:ce:
fe:2f:6c:12:e5:9c:04:45:0d:eb:c7:69:e5:be:7a:
c4:5c:54:b3:df:8c:97:33:b3:1b:87:86:90:92:1a:
66:f1:a2:ef:6f:84:f3:48:75:4c:6b:b8:ae:fc:c7:
07:44:0d:08:82:3a:8c:fd:f5:f3:a4:33:5f:d1:e5:
3a:33:29:8d:8d:30:1f:f6:fa:2f:67:cf:e4:27:d1:
66:0b:d6:31:37:3d:de:d8:a5:1b:b7:84:de:1b:ed:
22:3e:82:db:5a:51:f0:81:2d:5c:97:23:da:46:88:
40:67:ce:b1:b3:58:5e:48:57:94:5f:fe:5b:83:8c:
ff:9e:c1:17:dd:9d:d3:3a:4d:b0:55:a4:3e:88:2a:
45:f5:86:57:93:97:e6:5c:0e:47:b0:74:27:71:46:
19:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/
RPKI Manifest - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.mft
RPKI Notify - URI:https://rrdp.krill.cloud/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.140.0/22
IPv6:
2a04:b900::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204325
211321
Signature Algorithm: sha256WithRSAEncryption
3c:e5:36:18:cc:e8:4c:bc:bc:cd:5f:a7:eb:a6:7e:2c:b6:cf:
3e:1e:59:29:42:3b:dd:b8:29:d9:ba:97:3d:f2:8d:e3:f9:44:
8e:4f:0f:14:ea:07:b0:20:d3:d0:69:f4:49:46:50:f1:a5:c5:
96:5e:3e:f2:21:f1:b2:5d:04:58:32:00:ac:5a:28:e6:08:fa:
e1:3f:dd:1a:6f:61:6b:61:cb:04:4d:5a:a7:fd:e6:eb:14:3a:
26:70:81:39:e2:2a:d9:14:ff:a8:2c:06:e9:67:3e:5e:86:ac:
8b:11:70:f6:cd:df:c3:f8:33:db:36:b4:b7:67:9d:f7:7a:6d:
ef:39:b3:b2:92:86:0c:8f:ff:0d:74:c2:60:ed:13:bc:3b:64:
01:90:17:1e:6a:ad:7f:97:86:ee:57:e8:46:61:ab:df:87:7b:
4e:c4:d5:29:46:f5:39:d7:8c:ca:b9:33:fa:f8:d9:4f:7b:3c:
d6:9d:f9:e5:a7:3d:97:19:6c:11:68:76:b9:6e:2d:81:af:d1:
b1:19:14:ea:10:d7:64:e0:85:a8:72:94:22:a2:ea:24:35:12:
92:82:79:83:20:ab:03:bf:1a:5c:9b:43:ed:d2:21:9b:41:f4:
ac:96:ce:b1:cc:11:33:f8:de:a1:a2:8a:05:13:9d:6c:7d:11:
27:cd:c5:5b
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYzEkoZsSl6dSdfrSjgJZcI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODFlYjNhNWViM2RmNjM0NTUxYTkwNzIyYmM2M2FkN2UwMjJjYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFu7SW9MkTJSkwELUngN0InG9toE
d2N4yMRm+b5OZ6bPDKLhwerOCbMyEg6reOyF3DvA8KJc8YVql1UysFsGvYhyLsq0
W9kTWGEXlrdU4C2oOOiNxB6MqplgedKaM5BfsJbknik/T87+L2wS5ZwERQ3rx2nl
vnrEXFSz34yXM7Mbh4aQkhpm8aLvb4TzSHVMa7iu/McHRA0IgjqM/fXzpDNf0eU6
MymNjTAf9vovZ8/kJ9FmC9YxNz3e2KUbt4TeG+0iPoLbWlHwgS1clyPaRohAZ86x
s1heSFeUX/5bg4z/nsEX3Z3TOk2wVaQ+iCpF9YZXk5fmXA5HsHQncUYZCQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFKges6XrPfY0VRqQcivGOtfgIsrEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgeUGCCsGAQUFBwELBIHYMIHVMDcGCCsGAQUFBzAFhityc3lu
YzovL3JzeW5jLmtyaWxsLmNsb3VkL3JlcG8vbmxuZXRsYWJzLzEvMGMGCCsGAQUF
BzAKhldyc3luYzovL3JzeW5jLmtyaWxsLmNsb3VkL3JlcG8vbmxuZXRsYWJzLzEv
QTgxRUIzQTVFQjNERjYzNDU1MUE5MDcyMkJDNjNBRDdFMDIyQ0FDNC5tZnQwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5rcmlsbC5jbG91ZC9ub3RpZmljYXRpb24u
eG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNybDAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIA
ATAGAwQCuTGMMA0EAgACMAcDBQMqBLkAMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoC
AwMeJQIDAzl5MA0GCSqGSIb3DQEBCwUAA4IBAQA85TYYzOhMvLzNX6frpn4sts8+
HlkpQjvduCnZupc98o3j+USOTw8U6gewINPQafRJRlDxpcWWXj7yIfGyXQRYMgCs
WijmCPrhP90ab2FrYcsETVqn/ebrFDomcIE54irZFP+oLAbpZz5ehqyLEXD2zd/D
+DPbNrS3Z533em3vObOykoYMj/8NdMJg7RO8O2QBkBceaq1/l4buV+hGYavfh3tO
xNUpRvU514zKuTP6+NlPezzWnfnlpz2XGWwRaHa5bi2Br9GxGRTqENdk4IWocpQi
ouokNRKSgnmDIKsDvxpcm0Pt0iGbQfSsls6xzBEz+N6hoooFE51sfREnzcVb
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:02:08 2024 by rpki-client on console-fra.rpki-client.org