Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/x9kdLHaCZNsoVsFcLx3aOgeEOaY.cer
File: x9kdLHaCZNsoVsFcLx3aOgeEOaY.cer (raw, json)
Hash identifier: URo2gi+w98+CkgyxlEVyWEM7qi3r9UbKhf8e258X6Y8=
Subject key identifier: C7:D9:1D:2C:76:82:64:DB:28:56:C1:5C:2F:1D:DA:3A:07:84:39:A6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0193AC48684ED345FD69FE9D82F0ECA4DCE2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/dc/2dd9b3-8404-4356-b9ba-d1425ccf8d2f/1/x9kdLHaCZNsoVsFcLx3aOgeEOaY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/dc/2dd9b3-8404-4356-b9ba-d1425ccf8d2f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 09 Dec 2024 16:37:26 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 33820
AS: 206024
Validation: Failed, certificate revoked on Fri 13 Dec 2024 13:44:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ac:48:68:4e:d3:45:fd:69:fe:9d:82:f0:ec:a4:dc:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Dec 9 16:37:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7d91d2c768264db2856c15c2f1dda3a078439a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0e:08:7e:dc:fc:39:9a:51:cc:af:89:11:07:
ad:ab:6b:73:01:8e:c1:bf:e8:8f:dd:ec:47:7d:d2:
98:88:72:b1:72:6a:77:1f:b7:be:9f:15:3e:67:19:
3e:b8:a6:bf:8b:9a:a7:3c:35:bf:b3:d4:82:54:6d:
48:d0:a9:80:99:67:84:b6:80:58:1c:9b:2a:f8:55:
54:79:2a:58:84:04:61:12:64:ab:d1:dc:cd:74:e7:
5c:ad:5f:c5:fc:00:d7:69:19:3a:43:72:bf:40:bc:
ee:b7:95:25:16:9d:6b:03:66:15:89:f3:36:57:f5:
75:9b:1b:78:17:c0:9e:9f:01:b3:85:49:86:3d:ce:
b2:a5:3d:bd:da:55:10:2e:d0:65:46:9c:5f:cc:d8:
56:31:0b:59:37:1c:8c:f8:7f:60:88:6f:c3:b7:5a:
01:47:00:a7:bb:4e:86:ba:56:0e:74:45:1d:65:83:
32:39:37:6e:8a:7e:8a:93:39:34:7b:63:7b:69:60:
11:57:b7:71:d0:f2:2b:91:4a:39:bb:93:42:cc:8f:
5a:dc:11:fb:f0:a8:1f:cd:33:4a:07:5b:ff:1f:b1:
0b:67:b3:0c:79:17:f8:67:1b:26:8c:fb:8a:4b:56:
ba:9b:ec:54:36:71:ef:10:dc:06:88:31:16:49:0b:
1b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D9:1D:2C:76:82:64:DB:28:56:C1:5C:2F:1D:DA:3A:07:84:39:A6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2dd9b3-8404-4356-b9ba-d1425ccf8d2f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2dd9b3-8404-4356-b9ba-d1425ccf8d2f/1/x9kdLHaCZNsoVsFcLx3aOgeEOaY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
33820
206024
Signature Algorithm: sha256WithRSAEncryption
07:c8:f7:87:f9:a2:d5:a6:a5:b9:3c:77:e7:e5:33:06:3a:48:
a1:3e:5a:c4:93:dd:d6:db:97:58:82:60:00:9e:84:26:d0:90:
4a:6d:da:d3:96:c7:5f:60:a1:a1:b0:50:b4:45:82:5b:d5:af:
12:bf:55:2d:4a:46:b6:6b:27:8a:c2:e6:2b:cf:03:e5:50:05:
c8:77:c5:c1:1a:f7:f1:41:6b:e4:d2:d0:22:77:3c:d2:f9:6e:
45:8c:d9:68:1b:6b:e1:eb:46:7d:ff:9e:ef:66:88:86:42:fd:
1c:1f:16:02:99:97:70:e3:b8:66:b4:b9:3d:3b:2f:fb:0b:2b:
18:10:5b:b4:67:cb:d8:62:aa:fd:a3:66:3b:05:77:86:9b:92:
a0:e3:39:73:3d:59:b3:fa:dc:3f:69:b6:d0:9d:8c:42:8d:9f:
86:fd:97:6e:d4:ba:a9:3b:af:85:10:42:7d:51:80:9e:d2:79:
6a:14:c4:8a:11:b6:45:3b:b1:45:fb:9d:2e:e5:45:eb:f6:97:
e2:27:41:c3:8a:59:1b:09:b9:f5:da:76:4c:47:76:3f:37:d4:
c7:3b:f3:3e:46:05:46:16:d7:50:87:9e:90:bd:74:9b:79:9d:
80:b0:8e:eb:6b:c7:74:9e:6e:14:05:80:04:e0:48:59:74:4f:
0f:c9:4f:6a
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZOsSGhO00X9af6dgvDspNziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMjA5MTYzNzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Q5MWQyYzc2ODI2NGRiMjg1NmMxNWMyZjFkZGEzYTA3ODQzOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7A4Iftz8OZpRzK+JEQetq2tzAY7B
v+iP3exHfdKYiHKxcmp3H7e+nxU+Zxk+uKa/i5qnPDW/s9SCVG1I0KmAmWeEtoBY
HJsq+FVUeSpYhARhEmSr0dzNdOdcrV/F/ADXaRk6Q3K/QLzut5UlFp1rA2YVifM2
V/V1mxt4F8CenwGzhUmGPc6ypT292lUQLtBlRpxfzNhWMQtZNxyM+H9giG/Dt1oB
RwCnu06GulYOdEUdZYMyOTduin6Kkzk0e2N7aWARV7dx0PIrkUo5u5NCzI9a3BH7
8KgfzTNKB1v/H7ELZ7MMeRf4ZxsmjPuKS1a6m+xUNnHvENwGiDEWSQsbFwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFMfZHSx2gmTbKFbBXC8d2joHhDmmMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RjLzJkZDli
My04NDA0LTQzNTYtYjliYS1kMTQyNWNjZjhkMmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMvMmRkOWIz
LTg0MDQtNDM1Ni1iOWJhLWQxNDI1Y2NmOGQyZi8xL3g5a2RMSGFDWk5zb1ZzRmNM
eDNhT2dlRU9hWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEIAQH/BBAwDqAMMAoCAwCEHAIDAyTIMA0GCSqGSIb3DQEBCwUAA4IBAQAHyPeH
+aLVpqW5PHfn5TMGOkihPlrEk93W25dYgmAAnoQm0JBKbdrTlsdfYKGhsFC0RYJb
1a8Sv1UtSka2ayeKwuYrzwPlUAXId8XBGvfxQWvk0tAidzzS+W5FjNloG2vh60Z9
/57vZoiGQv0cHxYCmZdw47hmtLk9Oy/7CysYEFu0Z8vYYqr9o2Y7BXeGm5Kg4zlz
PVmz+tw/abbQnYxCjZ+G/Zdu1LqpO6+FEEJ9UYCe0nlqFMSKEbZFO7FF+50u5UXr
9pfiJ0HDilkbCbn12nZMR3Y/N9THO/M+RgVGFtdQh56QvXSbeZ2AsI7ra8d0nm4U
BYAE4EhZdE8PyU9q
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:56:12 2025 by rpki-client