Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xT_rKsYPoxP5pzAOTF7jO0Oog0E.cer
File: xT_rKsYPoxP5pzAOTF7jO0Oog0E.cer (raw, json)
Hash identifier: q5MtEoXSVlybzyMZaz63q7Mez29zvtBY4YfU+ChMWsI=
Subject key identifier: C5:3F:EB:2A:C6:0F:A3:13:F9:A7:30:0E:4C:5E:E3:3B:43:A8:83:41
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC3494FAE8D091CD08F2CCAAC74A18D4B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/xT_rKsYPoxP5pzAOTF7jO0Oog0E.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:30:10 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 95.181.220.0/22
IP: 185.39.216.0/22
IP: 2a04:800::/29
Validation: Failed, certificate revoked on Thu 28 Mar 2024 06:54:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4f:ae:8d:09:1c:d0:8f:2c:ca:ac:74:a1:8d:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c53feb2ac60fa313f9a7300e4c5ee33b43a88341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:32:8f:b5:24:ad:11:7a:2a:b5:ec:99:43:c9:
36:57:38:bf:ba:34:ec:d3:5a:cf:1e:e1:de:22:3c:
23:64:62:05:ea:5f:70:9b:0c:3a:d6:3a:aa:d4:f5:
9e:34:9c:4e:d9:d3:15:8c:fa:55:97:ff:09:50:ca:
5f:41:06:11:c7:d0:b3:44:47:cd:59:89:f1:64:4c:
4f:7d:71:de:dc:e4:ec:06:aa:6b:17:cf:09:8f:07:
47:2e:f5:8c:39:f0:94:c5:29:f2:08:31:06:7c:8c:
46:d3:a5:70:ca:7d:6b:91:b1:4c:88:c7:84:36:75:
c6:d3:44:9e:b0:20:c6:59:a5:e6:f4:4b:e1:36:30:
95:d2:93:2d:28:68:06:8b:b4:5c:e9:0e:1d:86:ad:
d4:5a:06:42:28:e4:13:c6:a9:ac:c3:e8:fd:db:52:
d3:c0:c2:a5:55:e8:fc:90:b0:59:38:f7:a3:fe:54:
32:af:ea:cb:9c:cd:dd:67:2a:d8:3b:86:3a:df:33:
22:cc:e0:7e:da:c7:b1:cf:8e:42:05:72:82:2c:a4:
b3:fa:fa:10:39:49:a2:60:fd:46:41:73:a7:b8:8a:
37:52:fb:cc:0b:b6:23:c3:a3:7d:e8:dd:43:66:de:
fc:e9:18:0e:f4:8a:1d:f4:6f:5e:11:6e:46:14:cd:
cc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:3F:EB:2A:C6:0F:A3:13:F9:A7:30:0E:4C:5E:E3:3B:43:A8:83:41
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/xT_rKsYPoxP5pzAOTF7jO0Oog0E.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.220.0/22
185.39.216.0/22
IPv6:
2a04:800::/29
Signature Algorithm: sha256WithRSAEncryption
68:eb:0a:8e:d3:cf:72:70:20:e4:39:8b:52:dd:9a:1b:d9:ee:
48:a6:b4:7a:bf:f4:3a:c6:9c:2d:9e:6c:50:74:1e:ed:bb:90:
ea:2d:8c:78:a3:b6:a7:b4:44:97:ec:2e:77:1b:11:d9:78:5c:
c4:a1:e8:ed:99:81:83:81:8d:94:cd:e3:42:4a:bb:f4:55:41:
7e:34:a3:f7:17:22:dd:33:20:b4:a2:cf:74:8b:77:00:fc:dd:
bf:ae:02:fa:6d:95:f4:17:7e:7d:93:1d:81:b5:1b:5d:ac:fd:
98:c1:86:5c:41:bf:a8:87:d1:e8:8d:82:e3:52:44:5c:4d:07:
54:94:0a:35:83:22:fb:a6:ce:86:b7:71:bd:76:35:5d:e4:86:
51:85:d7:70:b8:b5:2a:a1:f2:56:e0:07:61:d8:46:95:23:2b:
5e:52:76:fc:ed:73:67:05:95:d9:fa:46:07:7b:a5:34:99:81:
78:c3:0e:85:79:36:fa:70:00:57:6f:72:7b:03:56:e8:a5:fb:
ae:70:a8:4e:04:30:f8:48:be:d6:60:dd:9d:30:dc:3f:39:e8:
6f:4a:d1:46:bd:ca:b8:23:53:94:90:3b:74:88:71:fd:6c:12:
81:bf:05:b7:48:49:2a:c2:9d:4e:fb:cf:bf:c7:af:5c:e4:d9:
09:f9:08:aa
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYzDSU+ujQkc0I8syqx0oY1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTNmZWIyYWM2MGZhMzEzZjlhNzMwMGU0YzVlZTMzYjQzYTg4MzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDKPtSStEXoqteyZQ8k2Vzi/ujTs
01rPHuHeIjwjZGIF6l9wmww61jqq1PWeNJxO2dMVjPpVl/8JUMpfQQYRx9CzREfN
WYnxZExPfXHe3OTsBqprF88JjwdHLvWMOfCUxSnyCDEGfIxG06Vwyn1rkbFMiMeE
NnXG00SesCDGWaXm9EvhNjCV0pMtKGgGi7Rc6Q4dhq3UWgZCKOQTxqmsw+j921LT
wMKlVej8kLBZOPej/lQyr+rLnM3dZyrYO4Y63zMizOB+2sexz45CBXKCLKSz+voQ
OUmiYP1GQXOnuIo3UvvMC7Yjw6N96N1DZt786RgO9Iod9G9eEW5GFM3MXwIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFMU/6yrGD6MT+acwDkxe4ztDqINBMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZiLzM3ZWZk
NS00MjY2LTQxNDYtOGUyMS02N2ZkNzE3YzZjYTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIvMzdlZmQ1
LTQyNjYtNDE0Ni04ZTIxLTY3ZmQ3MTdjNmNhNy8xL3hUX3JLc1lQb3hQNXB6QU9U
RjdqTzBPb2cwRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCX7XcAwQCuSfYMA0EAgACMAcDBQMqBAgAMA0G
CSqGSIb3DQEBCwUAA4IBAQBo6wqO089ycCDkOYtS3Zob2e5IprR6v/Q6xpwtnmxQ
dB7tu5DqLYx4o7antESX7C53GxHZeFzEoejtmYGDgY2UzeNCSrv0VUF+NKP3FyLd
MyC0os90i3cA/N2/rgL6bZX0F359kx2BtRtdrP2YwYZcQb+oh9HojYLjUkRcTQdU
lAo1gyL7ps6Gt3G9djVd5IZRhddwuLUqofJW4Adh2EaVIyteUnb87XNnBZXZ+kYH
e6U0mYF4ww6FeTb6cABXb3J7A1bopfuucKhOBDD4SL7WYN2dMNw/OehvStFGvcq4
I1OUkDt0iHH9bBKBvwW3SEkqwp1O+8+/x69c5NkJ+Qiq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:00 2024 by rpki-client on console-fra.rpki-client.org