Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3zcH5pR7iJ1CcUsGm5gyD1XY13s.cer
File: 3zcH5pR7iJ1CcUsGm5gyD1XY13s.cer (raw, json)
Hash identifier: sa5297v/X1P8khUK1/Xta3Uj51gs9EoJ0WN8hwAyX1A=
Subject key identifier: DF:37:07:E6:94:7B:88:9D:42:71:4B:06:9B:98:32:0F:55:D8:D7:7B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0185708A28801D59593F94E0A398B8E9F07A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/34/494af5-1bda-487e-aa6c-d8ea0ca3ce8b/1/3zcH5pR7iJ1CcUsGm5gyD1XY13s.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/34/494af5-1bda-487e-aa6c-d8ea0ca3ce8b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 03:33:00 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 46.16.36.0/24
IP: 2a11:8300::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8a:28:80:1d:59:59:3f:94:e0:a3:98:b8:e9:f0:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:33:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df3707e6947b889d42714b069b98320f55d8d77b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:93:b8:bf:5e:36:75:68:7b:9a:60:19:20:91:
91:f8:2a:42:3e:1f:e0:b6:1f:3a:35:a3:3b:e4:47:
d6:ac:f8:2b:9f:5a:b4:1a:ae:9c:ad:31:ee:b4:8b:
18:f7:cc:dc:70:42:91:d9:69:09:20:ad:86:ce:8e:
2a:b1:e3:22:dc:e8:53:e4:11:15:2b:e5:a0:10:68:
da:f7:90:d6:24:b2:f9:16:00:8e:85:fb:96:7d:d2:
a3:15:98:09:f2:aa:4e:fd:a7:5e:dc:86:62:cc:4f:
3b:00:33:dc:4b:36:27:cc:ef:ec:74:7d:11:a5:07:
da:3e:95:75:9b:8a:16:a3:61:50:40:ff:33:5a:86:
e0:66:41:76:ce:6a:17:0f:96:05:eb:0b:c6:58:fe:
39:34:4b:51:e7:c5:3a:c6:02:1d:0f:75:ea:03:33:
dc:f9:73:70:39:69:42:65:1b:2e:c9:46:ab:3d:ef:
6d:20:c5:a9:4f:d4:4b:fa:e2:3a:2c:4f:3e:b1:bd:
58:3d:db:b8:06:a3:84:39:98:1d:52:fe:b0:ed:e0:
7a:12:1a:a4:61:7b:9c:a2:8b:3f:a7:1b:fc:6c:44:
c9:b7:90:a3:93:0c:c9:f8:ab:bb:6f:db:7a:4d:79:
8b:06:89:ad:bc:1a:d8:37:72:25:a9:e3:4d:a4:0f:
62:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:37:07:E6:94:7B:88:9D:42:71:4B:06:9B:98:32:0F:55:D8:D7:7B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/494af5-1bda-487e-aa6c-d8ea0ca3ce8b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/494af5-1bda-487e-aa6c-d8ea0ca3ce8b/1/3zcH5pR7iJ1CcUsGm5gyD1XY13s.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.36.0/24
IPv6:
2a11:8300::/29
Signature Algorithm: sha256WithRSAEncryption
09:3f:9d:d8:2f:9e:81:8d:df:64:40:5b:aa:ee:64:3b:00:c1:
55:bf:d1:36:40:11:ea:b7:8a:ef:aa:81:2e:29:79:d4:68:1e:
af:fa:ae:16:76:b1:f8:49:95:d6:26:44:bc:bb:77:b2:bd:d5:
8e:9a:e4:6a:a3:39:9f:0e:25:4a:55:59:e2:a6:ef:06:61:5c:
19:e5:40:b0:62:fe:40:c8:01:31:c7:2c:de:a4:05:d1:c2:1d:
a8:ac:26:fe:99:9f:f5:11:41:a0:dc:b6:61:eb:77:cf:29:2d:
75:dc:02:16:be:94:58:46:8a:78:8d:11:c9:b0:d9:63:0a:c4:
7c:44:a7:a8:f6:01:b3:a7:92:14:f7:f4:54:29:e4:a9:c7:fb:
13:a5:b0:95:e7:06:41:5d:96:b3:d3:67:82:dd:90:3d:a2:52:
42:3d:21:16:01:0d:74:10:32:92:d0:be:cd:da:d4:d1:b5:cf:
04:d8:df:5a:97:ce:46:f9:f8:06:20:c5:fe:6d:0a:a1:b6:5b:
81:e0:f1:d4:bc:cd:2f:03:64:a2:6c:dd:00:f3:42:72:df:37:
5f:2d:87:93:c5:19:6a:1a:d3:14:ff:eb:ce:cc:7c:e4:77:e8:
4b:50:05:a0:16:c6:38:89:f2:03:46:d8:ee:ce:42:32:62:8f:
4e:b1:44:d0
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVwiiiAHVlZP5Tgo5i46fB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDMzMzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjM3MDdlNjk0N2I4ODlkNDI3MTRiMDY5Yjk4MzIwZjU1ZDhkNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpO4v142dWh7mmAZIJGR+CpCPh/g
th86NaM75EfWrPgrn1q0Gq6crTHutIsY98zccEKR2WkJIK2Gzo4qseMi3OhT5BEV
K+WgEGja95DWJLL5FgCOhfuWfdKjFZgJ8qpO/ade3IZizE87ADPcSzYnzO/sdH0R
pQfaPpV1m4oWo2FQQP8zWobgZkF2zmoXD5YF6wvGWP45NEtR58U6xgIdD3XqAzPc
+XNwOWlCZRsuyUarPe9tIMWpT9RL+uI6LE8+sb1YPdu4BqOEOZgdUv6w7eB6Ehqk
YXucoos/pxv8bETJt5CjkwzJ+Ku7b9t6TXmLBomtvBrYN3IlqeNNpA9iOQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFN83B+aUe4idQnFLBpuYMg9V2Nd7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0LzQ5NGFm
NS0xYmRhLTQ4N2UtYWE2Yy1kOGVhMGNhM2NlOGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvNDk0YWY1
LTFiZGEtNDg3ZS1hYTZjLWQ4ZWEwY2EzY2U4Yi8xLzN6Y0g1cFI3aUoxQ2NVc0dt
NWd5RDFYWTEzcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQALhAkMA0EAgACMAcDBQMqEYMAMA0GCSqGSIb3
DQEBCwUAA4IBAQAJP53YL56Bjd9kQFuq7mQ7AMFVv9E2QBHqt4rvqoEuKXnUaB6v
+q4WdrH4SZXWJkS8u3eyvdWOmuRqozmfDiVKVVnipu8GYVwZ5UCwYv5AyAExxyze
pAXRwh2orCb+mZ/1EUGg3LZh63fPKS113AIWvpRYRop4jRHJsNljCsR8RKeo9gGz
p5IU9/RUKeSpx/sTpbCV5wZBXZaz02eC3ZA9olJCPSEWAQ10EDKS0L7N2tTRtc8E
2N9al85G+fgGIMX+bQqhtluB4PHUvM0vA2SibN0A80Jy3zdfLYeTxRlqGtMU/+vO
zHzkd+hLUAWgFsY4ifIDRtjuzkIyYo9OsUTQ
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:15 2023 by rpki-client on console.sobornost.net