Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xAHY5L67PUyIJTdhGFnBYs8M9Tk.cer
File: xAHY5L67PUyIJTdhGFnBYs8M9Tk.cer (raw, json)
Hash identifier: /LiETfe8+g/TnahOR8RI4HSjHXRvNR/EC8S4TJUro9c=
Subject key identifier: C4:01:D8:E4:BE:BB:3D:4C:88:25:37:61:18:59:C1:62:CF:0C:F5:39
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0192D3E4380B1E591A6A2CAA798DE37DE37C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/17/21044b-191b-40f4-a1e7-24e463f840d1/1/xAHY5L67PUyIJTdhGFnBYs8M9Tk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/17/21044b-191b-40f4-a1e7-24e463f840d1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 28 Oct 2024 16:10:02 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 214128
Validation: Failed, certificate revoked on Tue 29 Oct 2024 05:34:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d3:e4:38:0b:1e:59:1a:6a:2c:aa:79:8d:e3:7d:e3:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Oct 28 16:10:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c401d8e4bebb3d4c882537611859c162cf0cf539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8d:6a:40:66:f8:4d:91:2a:4b:6c:50:52:71:
45:14:c4:1a:ab:fa:b8:c2:e2:1e:dd:d5:e3:20:58:
9d:89:8c:32:0f:47:a6:9d:20:2f:e2:cc:77:db:95:
e3:b9:f0:3b:17:a7:ef:ce:79:2e:05:ae:ea:06:b7:
dc:c3:c5:1b:66:c9:51:2b:5f:14:56:c1:4e:3e:f7:
96:68:7b:89:86:4d:d0:e1:b5:d6:c8:ee:43:e5:6f:
78:c2:58:8d:53:cd:76:c7:7d:b7:a6:ea:7e:cf:0f:
89:7c:df:5e:1f:03:73:56:f2:da:30:a8:19:9b:a1:
de:be:13:d9:91:31:03:e0:15:de:84:42:9e:20:15:
ad:ac:40:6f:ba:a4:3c:7d:fc:82:d5:87:fa:22:30:
fa:78:dc:b4:04:6a:23:ce:19:0f:d1:49:3e:c4:33:
7e:9c:f0:93:95:3c:a4:50:22:c7:11:a8:f8:a1:61:
b4:c5:d6:bb:69:54:96:56:9a:0f:1b:66:28:8f:7f:
41:52:49:05:0b:c3:00:e3:1a:bb:02:d5:75:a0:63:
df:d6:3d:a7:63:65:2b:70:9f:cc:9b:3b:03:a7:16:
9b:79:0c:33:24:c8:4a:3a:78:c5:2b:51:c9:21:c0:
77:cd:c2:27:a5:8e:9d:ce:ec:78:9a:33:2e:52:a4:
3e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:01:D8:E4:BE:BB:3D:4C:88:25:37:61:18:59:C1:62:CF:0C:F5:39
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/21044b-191b-40f4-a1e7-24e463f840d1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/21044b-191b-40f4-a1e7-24e463f840d1/1/xAHY5L67PUyIJTdhGFnBYs8M9Tk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
214128
Signature Algorithm: sha256WithRSAEncryption
6d:11:4f:26:29:7d:bc:bc:37:35:65:03:7a:0c:79:86:66:68:
7b:54:24:ed:4b:80:c9:5e:97:a3:e5:2f:54:a7:41:b8:35:e3:
bd:29:1b:3a:1e:37:56:13:cc:5d:05:aa:11:df:ee:74:0c:11:
c3:73:54:cf:02:23:5e:a5:e6:13:82:bb:ba:4d:a8:3e:86:45:
4a:6c:a5:80:93:ea:34:3b:f8:70:f3:e0:70:bc:75:6f:81:b0:
30:6f:50:e7:34:24:76:93:59:44:f5:d2:71:1c:70:8f:25:15:
3c:43:41:9d:70:09:0d:1a:42:d9:e6:53:42:39:bb:28:e1:fe:
41:2c:fb:05:e2:04:85:b8:8a:af:ab:0f:d7:2c:3b:fe:95:fb:
16:31:f7:1d:69:47:1f:d4:a8:6d:bf:54:bd:7f:b5:f1:6b:f5:
45:8e:c7:c5:d9:2c:36:d5:84:b3:ca:e2:f9:f6:58:f9:26:25:
25:50:b5:ba:a3:aa:48:f1:62:f3:6e:e2:a2:df:ed:8c:bb:4f:
0e:81:cf:6a:d3:8a:fe:9b:5a:ea:dd:f1:20:47:18:18:f6:d7:
12:9f:28:7e:39:77:37:11:cc:6f:10:d9:a8:40:e7:fd:eb:8d:
bf:94:0f:c0:a3:81:59:d1:00:d8:15:3f:65:c6:61:14:c7:23:
24:da:0e:be
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZLT5DgLHlkaaiyqeY3jfeN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMDI4MTYxMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDAxZDhlNGJlYmIzZDRjODgyNTM3NjExODU5YzE2MmNmMGNmNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlo1qQGb4TZEqS2xQUnFFFMQaq/q4
wuIe3dXjIFidiYwyD0emnSAv4sx325XjufA7F6fvznkuBa7qBrfcw8UbZslRK18U
VsFOPveWaHuJhk3Q4bXWyO5D5W94wliNU812x323pup+zw+JfN9eHwNzVvLaMKgZ
m6HevhPZkTED4BXehEKeIBWtrEBvuqQ8ffyC1Yf6IjD6eNy0BGojzhkP0Uk+xDN+
nPCTlTykUCLHEaj4oWG0xda7aVSWVpoPG2Yoj39BUkkFC8MA4xq7AtV1oGPf1j2n
Y2UrcJ/MmzsDpxabeQwzJMhKOnjFK1HJIcB3zcInpY6dzux4mjMuUqQ+iwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFMQB2OS+uz1MiCU3YRhZwWLPDPU5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE3LzIxMDQ0
Yi0xOTFiLTQwZjQtYTFlNy0yNGU0NjNmODQwZDEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcvMjEwNDRi
LTE5MWItNDBmNC1hMWU3LTI0ZTQ2M2Y4NDBkMS8xL3hBSFk1TDY3UFV5SUpUZGhH
Rm5CWXM4TTlUay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNEcDANBgkqhkiG9w0BAQsFAAOCAQEAbRFPJil9vLw3
NWUDegx5hmZoe1Qk7UuAyV6Xo+UvVKdBuDXjvSkbOh43VhPMXQWqEd/udAwRw3NU
zwIjXqXmE4K7uk2oPoZFSmylgJPqNDv4cPPgcLx1b4GwMG9Q5zQkdpNZRPXScRxw
jyUVPENBnXAJDRpC2eZTQjm7KOH+QSz7BeIEhbiKr6sP1yw7/pX7FjH3HWlHH9So
bb9UvX+18Wv1RY7HxdksNtWEs8ri+fZY+SYlJVC1uqOqSPFi827iot/tjLtPDoHP
atOK/pta6t3xIEcYGPbXEp8ofjl3NxHMbxDZqEDn/euNv5QPwKOBWdEA2BU/ZcZh
FMcjJNoOvg==
Generated at Tue Oct 29 07:38:38 2024 by rpki-client on console-fra.rpki-client.org