Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bfoIHF69F0mRfXSHZ2MVI0BgnWg.cer
File: bfoIHF69F0mRfXSHZ2MVI0BgnWg.cer (raw, json)
Hash identifier: wPEX7bEFuqm7RQ+bcYI5bG+8EpB253DgdI+ZcX5DRiA=
Subject key identifier: 6D:FA:08:1C:5E:BD:17:49:91:7D:74:87:67:63:15:23:40:60:9D:68
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856DF79FEC525EFF318C3D3C571CB60AF8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/25/bfd9cb-c222-43a1-a05b-144a763e25d7/1/bfoIHF69F0mRfXSHZ2MVI0BgnWg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/25/bfd9cb-c222-43a1-a05b-144a763e25d7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 15:33:43 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 109.205.187.0/24
IP: 2a12:7a00::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:f7:9f:ec:52:5e:ff:31:8c:3d:3c:57:1c:b6:0a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:33:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6dfa081c5ebd1749917d74876763152340609d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ad:f8:2e:13:f5:2f:b9:6d:e6:a2:a7:b0:af:
26:23:ca:e4:08:94:25:22:b2:2b:06:fe:cc:d3:29:
40:3a:b9:10:5f:c3:ca:a5:0b:e2:8d:ea:4e:ae:d9:
81:96:7f:da:49:f5:f8:3c:5a:6e:d6:3e:76:2a:89:
c2:3d:07:c4:cf:3d:f3:ed:0f:c2:4c:dd:79:af:86:
dd:ba:6b:fa:b8:06:15:cc:36:84:41:dc:d5:6b:99:
60:68:ec:71:74:6b:06:ff:8b:e2:f8:40:89:39:91:
14:5a:99:1b:1f:f7:f0:2e:54:9d:05:6f:79:ad:f2:
56:73:d2:5b:c1:1e:bd:cd:5a:54:fc:0c:4e:be:3b:
b1:67:a9:08:5e:70:26:36:41:76:8f:5f:e0:c6:21:
e8:33:88:46:27:43:9b:2f:08:78:d6:2b:73:82:d4:
eb:04:fe:88:28:6b:be:5d:46:7e:c4:2e:b0:17:4a:
cb:d0:4b:43:16:c6:37:6e:e9:2e:f9:53:d7:e9:62:
6b:ea:16:a9:69:46:d7:08:ce:ba:42:75:6a:23:c7:
e0:8c:f6:b5:5c:6a:47:95:40:7c:0e:ed:98:a1:1c:
a7:2e:0d:31:d3:f1:6d:6f:a8:d7:cc:1a:b8:26:77:
94:52:32:d2:62:00:c2:67:98:ec:62:e4:d5:33:9d:
31:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:FA:08:1C:5E:BD:17:49:91:7D:74:87:67:63:15:23:40:60:9D:68
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfd9cb-c222-43a1-a05b-144a763e25d7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfd9cb-c222-43a1-a05b-144a763e25d7/1/bfoIHF69F0mRfXSHZ2MVI0BgnWg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.187.0/24
IPv6:
2a12:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
19:19:43:d1:4c:dd:11:df:56:e6:b2:d2:13:33:e2:b2:b9:6e:
ed:5a:90:07:d3:4c:7a:e2:04:ed:b1:b0:b9:72:9a:bf:ab:7f:
00:4a:08:a1:ff:5d:8d:50:fd:8d:3b:c4:ce:d1:08:f8:9e:61:
61:d6:fa:a4:df:a5:d9:06:bd:08:a5:de:c8:2c:63:96:95:49:
e9:0a:23:a1:6a:96:ab:4d:3d:80:ac:9f:5e:f9:78:8f:2e:39:
3b:75:db:ff:e2:c7:ef:57:9b:5f:bb:d5:4f:a9:ca:5e:c9:52:
e1:68:d2:1e:c9:6a:f6:73:7d:c7:07:bd:02:cf:58:e3:7f:8a:
d4:f8:9c:1c:27:d4:04:00:3e:78:5c:8b:cd:e3:82:c6:78:3f:
1b:9d:3a:0c:9e:b1:89:07:d5:12:81:8c:9c:88:e8:42:56:8a:
26:3d:e2:e5:7f:05:0f:19:42:3d:ee:f4:11:70:c9:0f:03:36:
e2:f5:bb:76:1c:ef:cb:9b:59:2d:ec:77:19:87:cc:be:30:ee:
0a:cf:dd:f4:9d:a9:86:54:8b:40:f8:4f:e1:ed:43:0c:be:09:
9a:77:2f:b6:c8:46:3d:61:51:b3:26:f3:ef:43:f3:ad:be:74:
b2:0b:cf:8e:da:92:61:ea:f9:c3:fb:9c:ea:3a:18:a1:4b:e0:
50:ec:c8:2c
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVt95/sUl7/MYw9PFcctgr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTUzMzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGZhMDgxYzVlYmQxNzQ5OTE3ZDc0ODc2NzYzMTUyMzQwNjA5ZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa34LhP1L7lt5qKnsK8mI8rkCJQl
IrIrBv7M0ylAOrkQX8PKpQvijepOrtmBln/aSfX4PFpu1j52KonCPQfEzz3z7Q/C
TN15r4bdumv6uAYVzDaEQdzVa5lgaOxxdGsG/4vi+ECJOZEUWpkbH/fwLlSdBW95
rfJWc9JbwR69zVpU/AxOvjuxZ6kIXnAmNkF2j1/gxiHoM4hGJ0ObLwh41itzgtTr
BP6IKGu+XUZ+xC6wF0rL0EtDFsY3buku+VPX6WJr6hapaUbXCM66QnVqI8fgjPa1
XGpHlUB8Du2YoRynLg0x0/Ftb6jXzBq4JneUUjLSYgDCZ5jsYuTVM50xKwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFG36CBxevRdJkX10h2djFSNAYJ1oMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1L2JmZDlj
Yi1jMjIyLTQzYTEtYTA1Yi0xNDRhNzYzZTI1ZDcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvYmZkOWNi
LWMyMjItNDNhMS1hMDViLTE0NGE3NjNlMjVkNy8xL2Jmb0lIRjY5RjBtUmZYU0ha
Mk1WSTBCZ25XZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAbc27MA0EAgACMAcDBQMqEnoAMA0GCSqGSIb3
DQEBCwUAA4IBAQAZGUPRTN0R31bmstITM+KyuW7tWpAH00x64gTtsbC5cpq/q38A
Sgih/12NUP2NO8TO0Qj4nmFh1vqk36XZBr0Ipd7ILGOWlUnpCiOhaparTT2ArJ9e
+XiPLjk7ddv/4sfvV5tfu9VPqcpeyVLhaNIeyWr2c33HB70Cz1jjf4rU+JwcJ9QE
AD54XIvN44LGeD8bnToMnrGJB9USgYyciOhCVoomPeLlfwUPGUI97vQRcMkPAzbi
9bt2HO/Lm1kt7HcZh8y+MO4Kz930namGVItA+E/h7UMMvgmady+2yEY9YVGzJvPv
Q/OtvnSyC8+O2pJh6vnD+5zqOhihS+BQ7Mgs
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:09 2023 by rpki-client on console.sobornost.net