Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0Z8SS9jocMbqvlJHFFI49BekQNs.cer
File: 0Z8SS9jocMbqvlJHFFI49BekQNs.cer (raw, json)
Hash identifier: Q86powLlcyquK7kHJXJQBCJZej5t4RjpvZWYIb4hrdU=
Subject key identifier: D1:9F:12:4B:D8:E8:70:C6:EA:BE:52:47:14:52:38:F4:17:A4:40:DB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856AF5323B4155BB34CD9E8FD0F4986BD4
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d3/c304cf-4604-4818-a9ea-7aee5c1522d9/1/0Z8SS9jocMbqvlJHFFI49BekQNs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d3/c304cf-4604-4818-a9ea-7aee5c1522d9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 01:32:12 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.229.40.0/22
IP: 2a0d:6a00::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:f5:32:3b:41:55:bb:34:cd:9e:8f:d0:f4:98:6b:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:32:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d19f124bd8e870c6eabe5247145238f417a440db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a2:97:e6:e6:e1:5c:b8:6f:50:19:96:a9:41:
5b:13:e9:6e:c3:f8:7c:42:da:d3:01:cd:4d:1e:3e:
d1:cf:53:a0:de:47:a9:14:c3:ec:2f:89:4d:eb:ef:
4b:f5:46:37:45:f2:72:d4:cb:c5:91:18:f6:64:cb:
c0:16:0b:3a:53:2a:16:e6:5a:68:81:72:e1:ba:6b:
a1:34:75:88:e0:5f:cd:0e:fd:83:05:12:07:f4:6a:
f7:44:64:c7:ad:e1:dc:51:f6:93:1d:88:41:a1:fc:
61:54:62:ce:08:ea:8a:a5:d8:e4:61:74:5d:03:29:
89:79:e5:e6:b4:2f:d1:e0:81:b1:b7:02:61:fe:c9:
61:80:c4:8b:85:a2:3c:de:e9:c4:1e:54:9b:bd:ea:
c4:e6:57:9f:71:e9:c9:cb:c6:42:0e:5a:59:8e:4a:
89:8b:51:2b:04:27:8e:e2:0c:3a:21:f2:b6:4b:d9:
f5:3e:dd:69:69:c1:34:16:c4:ed:ca:d7:fe:3d:b0:
15:fc:e6:3e:fe:22:03:94:62:31:01:a6:05:26:ed:
e2:fd:7e:8a:aa:ef:d6:29:3f:26:47:f6:14:6f:95:
a9:37:99:dd:29:04:c5:69:94:18:1e:a5:02:5e:ea:
9d:91:ed:1a:c9:4e:46:fb:39:53:f1:9e:8b:c0:07:
c5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:9F:12:4B:D8:E8:70:C6:EA:BE:52:47:14:52:38:F4:17:A4:40:DB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c304cf-4604-4818-a9ea-7aee5c1522d9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c304cf-4604-4818-a9ea-7aee5c1522d9/1/0Z8SS9jocMbqvlJHFFI49BekQNs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.40.0/22
IPv6:
2a0d:6a00::/29
Signature Algorithm: sha256WithRSAEncryption
05:36:80:db:4c:90:aa:c8:1b:7d:c5:05:c9:e3:c4:3b:ab:de:
16:b8:5a:77:bf:7b:3d:2b:4a:ba:ca:a0:f9:24:8d:19:26:59:
02:0d:12:78:f1:d5:f8:a6:91:ac:a3:24:6c:02:f1:3c:7f:99:
52:85:45:74:9c:bf:99:cb:5b:ff:d4:c2:8b:4d:38:78:c6:87:
7a:f7:35:b1:e8:74:3f:03:a1:07:d5:d0:68:7a:60:d8:da:fc:
19:09:65:bd:08:e0:81:aa:1f:72:a9:22:18:fc:b9:d7:25:d5:
7f:5e:f2:5c:f4:5c:5a:51:53:1a:06:77:0c:17:c5:a2:c8:07:
4c:ea:94:7c:6d:f1:00:f4:07:ac:ff:92:21:d5:52:e5:11:dd:
04:8f:78:9d:6f:c9:52:3d:0d:df:d7:e5:c1:a2:ed:a0:a2:a5:
3d:b1:71:cf:b7:4d:89:bb:72:b6:d5:a1:bd:9c:20:91:63:19:
bf:d0:99:64:e9:47:7d:5d:15:ce:9b:34:d5:74:a1:3e:3b:a0:
38:b5:0b:8f:a5:09:95:2b:08:0d:93:01:98:28:c0:47:da:6f:
43:b4:1e:18:3b:43:24:e3:10:26:15:86:f3:a5:8b:33:d0:13:
30:29:66:68:2e:fa:f4:64:72:6f:31:f3:c7:85:19:16:61:b9:
e4:49:52:3b
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVq9TI7QVW7NM2ej9D0mGvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDEzMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTlmMTI0YmQ4ZTg3MGM2ZWFiZTUyNDcxNDUyMzhmNDE3YTQ0MGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKKX5ubhXLhvUBmWqUFbE+luw/h8
QtrTAc1NHj7Rz1Og3kepFMPsL4lN6+9L9UY3RfJy1MvFkRj2ZMvAFgs6UyoW5lpo
gXLhumuhNHWI4F/NDv2DBRIH9Gr3RGTHreHcUfaTHYhBofxhVGLOCOqKpdjkYXRd
AymJeeXmtC/R4IGxtwJh/slhgMSLhaI83unEHlSbverE5lefcenJy8ZCDlpZjkqJ
i1ErBCeO4gw6IfK2S9n1Pt1pacE0FsTtytf+PbAV/OY+/iIDlGIxAaYFJu3i/X6K
qu/WKT8mR/YUb5WpN5ndKQTFaZQYHqUCXuqdke0ayU5G+zlT8Z6LwAfFCwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFNGfEkvY6HDG6r5SRxRSOPQXpEDbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QzL2MzMDRj
Zi00NjA0LTQ4MTgtYTllYS03YWVlNWMxNTIyZDkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMvYzMwNGNm
LTQ2MDQtNDgxOC1hOWVhLTdhZWU1YzE1MjJkOS8xLzBaOFNTOWpvY01icXZsSkhG
Rkk0OUJla1FOcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCueUoMA0EAgACMAcDBQMqDWoAMA0GCSqGSIb3
DQEBCwUAA4IBAQAFNoDbTJCqyBt9xQXJ48Q7q94WuFp3v3s9K0q6yqD5JI0ZJlkC
DRJ48dX4ppGsoyRsAvE8f5lShUV0nL+Zy1v/1MKLTTh4xod69zWx6HQ/A6EH1dBo
emDY2vwZCWW9COCBqh9yqSIY/LnXJdV/XvJc9FxaUVMaBncMF8WiyAdM6pR8bfEA
9Aes/5Ih1VLlEd0Ej3idb8lSPQ3f1+XBou2goqU9sXHPt02Ju3K21aG9nCCRYxm/
0Jlk6Ud9XRXOmzTVdKE+O6A4tQuPpQmVKwgNkwGYKMBH2m9DtB4YO0Mk4xAmFYbz
pYsz0BMwKWZoLvr0ZHJvMfPHhRkWYbnkSVI7
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:22 2023 by rpki-client on console.sobornost.net