Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/utNs2vQ0mKZotVP1gczSgawajNc.cer
File: utNs2vQ0mKZotVP1gczSgawajNc.cer (raw, json)
Hash identifier: foEbULhDCFJtdOzpQcqcQER8Wa2j96cREbGUv65iklg=
Subject key identifier: BA:D3:6C:DA:F4:34:98:A6:68:B5:53:F5:81:CC:D2:81:AC:1A:8C:D7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC36EF6FDAB22B2F64CC820E0F8E07B4E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/b17479d1-95d8-4a14-8ee2-de100c66774c/0/BAD36CDAF43498A668B553F581CCD281AC1A8CD7.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/b17479d1-95d8-4a14-8ee2-de100c66774c/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 05:11:18 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 39619
AS: 41186
AS: 48028
AS: 209675
IP: 5.181.180.0/22
IP: 185.176.92.0/22
IP: 185.216.104.0/22
IP: 185.229.220.0/22
IP: 2a04:a700::/29
IP: 2a05:5480::/29
IP: 2a06:88c0::/29
IP: 2a09:dc80::/29
IP: 2a0b:b5c0::/29
IP: 2a0d:d200::/29
IP: 2a0e:a000::/29
Validation: Failed, certificate revoked on Thu 25 Jan 2024 17:11:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:6e:f6:fd:ab:22:b2:f6:4c:c8:20:e0:f8:e0:7b:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bad36cdaf43498a668b553f581ccd281ac1a8cd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c6:6c:4d:53:0f:58:40:7f:af:a3:bb:62:cf:
bc:23:64:d9:1f:72:32:59:af:4a:5e:a3:de:b6:3c:
f0:aa:c5:5f:b5:7e:be:81:1c:20:0a:44:f6:72:27:
80:be:b2:1b:7f:49:79:7d:44:0f:d5:41:92:83:09:
da:94:c9:74:a3:2d:59:4c:e2:24:c5:6e:fb:a8:95:
70:d0:a9:81:d4:e9:af:72:e0:02:90:9e:90:d0:af:
5a:19:37:8b:1d:4b:e6:34:5f:38:5d:09:34:96:84:
78:52:79:92:2e:e7:4d:ca:fb:05:63:05:d4:bc:ca:
2a:6d:80:9d:85:5b:6f:20:53:86:94:37:17:e5:5a:
6a:1f:96:59:23:c2:2a:49:a3:df:05:b6:47:23:33:
79:6d:1c:c9:84:06:9f:57:53:c1:d7:f9:fa:13:62:
83:7a:71:8d:2f:0e:0b:eb:cf:4c:4b:df:f8:91:83:
52:a2:db:93:2c:9b:b6:90:ac:f5:58:9c:1b:4e:ee:
98:23:91:2f:b6:66:6b:d0:31:2a:d1:b2:43:92:4f:
6d:ff:3a:0a:f1:aa:d2:9b:3c:8a:5e:b8:a2:86:54:
a2:df:45:45:ba:38:1e:9c:b4:2d:0a:58:d7:a9:1f:
79:0e:5e:c2:fd:1e:1a:ba:fa:da:52:51:25:e2:b6:
f0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:D3:6C:DA:F4:34:98:A6:68:B5:53:F5:81:CC:D2:81:AC:1A:8C:D7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/b17479d1-95d8-4a14-8ee2-de100c66774c/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/b17479d1-95d8-4a14-8ee2-de100c66774c/0/BAD36CDAF43498A668B553F581CCD281AC1A8CD7.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.180.0/22
185.176.92.0/22
185.216.104.0/22
185.229.220.0/22
IPv6:
2a04:a700::/29
2a05:5480::/29
2a06:88c0::/29
2a09:dc80::/29
2a0b:b5c0::/29
2a0d:d200::/29
2a0e:a000::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
39619
41186
48028
209675
Signature Algorithm: sha256WithRSAEncryption
4c:c1:d2:18:02:9c:e5:1c:92:42:a5:68:5b:12:7e:ca:3b:5b:
2e:f0:cc:7d:64:59:32:97:19:f7:eb:fb:ba:3a:7a:ca:ed:5f:
ab:3d:62:83:a0:78:a8:34:51:10:23:30:54:63:32:d1:4a:fb:
6c:d8:9e:52:41:e8:18:e8:a5:03:e9:e6:41:4d:82:3b:12:c3:
c6:e4:f7:40:ad:78:34:99:c1:63:11:7f:c5:26:6c:6a:b9:c4:
5b:39:33:f6:d6:83:c3:dd:83:db:ac:d1:ec:23:dd:01:9f:2e:
3d:e7:56:7a:14:c6:cf:a4:ba:51:1a:bd:21:1b:1a:59:65:b0:
dc:85:42:f1:81:96:45:59:3e:60:2f:61:37:77:1f:33:e5:f5:
e6:ad:f2:9e:d0:67:2a:43:80:7e:b9:69:ce:a4:7c:8d:5b:41:
e5:4a:70:95:33:08:52:a5:50:96:5e:f5:0a:6e:52:e3:55:ce:
9f:d0:5b:a6:98:06:20:9e:e0:1d:81:8a:d8:84:b1:87:65:49:
0e:9b:0d:43:57:9e:5a:5e:d7:2c:a1:c9:09:b3:7b:8a:5a:fe:
a6:40:c5:c1:8c:09:66:e1:68:93:16:eb:23:75:e9:00:7e:f2:
01:9b:8a:79:ed:2b:94:19:50:05:d7:dd:61:eb:78:f3:71:13:
97:0e:19:93
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAYzDbvb9qyKy9kzIIOD44HtOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDUxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWQzNmNkYWY0MzQ5OGE2NjhiNTUzZjU4MWNjZDI4MWFjMWE4Y2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMZsTVMPWEB/r6O7Ys+8I2TZH3Iy
Wa9KXqPetjzwqsVftX6+gRwgCkT2cieAvrIbf0l5fUQP1UGSgwnalMl0oy1ZTOIk
xW77qJVw0KmB1OmvcuACkJ6Q0K9aGTeLHUvmNF84XQk0loR4UnmSLudNyvsFYwXU
vMoqbYCdhVtvIFOGlDcX5VpqH5ZZI8IqSaPfBbZHIzN5bRzJhAafV1PB1/n6E2KD
enGNLw4L689MS9/4kYNSotuTLJu2kKz1WJwbTu6YI5EvtmZr0DEq0bJDkk9t/zoK
8arSmzyKXriihlSi30VFujgenLQtCljXqR95Dl7C/R4auvraUlEl4rbwgQIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFLrTbNr0NJimaLVT9YHM0oGsGozXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2IxNzQ3
OWQxLTk1ZDgtNGExNC04ZWUyLWRlMTAwYzY2Nzc0Yy8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjE3
NDc5ZDEtOTVkOC00YTE0LThlZTItZGUxMDBjNjY3NzRjLzAvQkFEMzZDREFGNDM0
OThBNjY4QjU1M0Y1ODFDQ0QyODFBQzFBOENENy5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjBqBggrBgEFBQcBBwEB/wRbMFkwHgQCAAEwGAME
AgW1tAMEArmwXAMEArnYaAMEArnl3DA3BAIAAjAxAwUDKgSnAAMFAyoFVIADBQMq
BojAAwUDKgncgAMFAyoLtcADBQMqDdIAAwUDKg6gADApBggrBgEFBQcBCAEB/wQa
MBigFjAUAgMAmsMCAwCg4gIDALucAgMDMwswDQYJKoZIhvcNAQELBQADggEBAEzB
0hgCnOUckkKlaFsSfso7Wy7wzH1kWTKXGffr+7o6esrtX6s9YoOgeKg0URAjMFRj
MtFK+2zYnlJB6BjopQPp5kFNgjsSw8bk90CteDSZwWMRf8UmbGq5xFs5M/bWg8Pd
g9us0ewj3QGfLj3nVnoUxs+kulEavSEbGlllsNyFQvGBlkVZPmAvYTd3HzPl9eat
8p7QZypDgH65ac6kfI1bQeVKcJUzCFKlUJZe9QpuUuNVzp/QW6aYBiCe4B2BitiE
sYdlSQ6bDUNXnlpe1yyhyQmze4pa/qZAxcGMCWbhaJMW6yN16QB+8gGbinntK5QZ
UAXX3WHrePNxE5cOGZM=
-----END CERTIFICATE-----
Generated at Thu Jan 25 21:34:03 2024 by rpki-client on console-ams.rpki-client.org