Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kywI9yQRBtlM17yQKcPliLgCIVs.cer
File: kywI9yQRBtlM17yQKcPliLgCIVs.cer (raw, json)
Hash identifier: RTpmT4zFCTYGZKSNTmyD/Z/f0wdu1mbU34b9GxpSa3s=
Subject key identifier: 93:2C:08:F7:24:11:06:D9:4C:D7:BC:90:29:C3:E5:88:B8:02:21:5B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856AF4E3A8B5EC87C3ECEAE39EA9B1C006
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f9/e7ec3b-29f9-4c47-b5c2-8803965a4a3e/1/kywI9yQRBtlM17yQKcPliLgCIVs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f9/e7ec3b-29f9-4c47-b5c2-8803965a4a3e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 01:31:52 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 193.3.23.0/24
IP: 2a11:17c0::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:f4:e3:a8:b5:ec:87:c3:ec:ea:e3:9e:a9:b1:c0:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:31:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=932c08f7241106d94cd7bc9029c3e588b802215b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3b:e6:18:af:c3:1a:8d:3f:31:7a:1c:62:11:
41:ad:ae:73:29:64:5c:d9:f4:30:6e:ea:87:4c:d7:
8c:3a:5c:43:70:62:6b:93:2f:92:6b:61:26:ad:2d:
4d:3e:4b:95:e6:31:d7:20:9b:46:5b:65:35:4d:63:
00:bb:fa:4f:21:03:4e:f4:75:a7:85:11:1a:17:24:
f8:42:0c:7d:bb:d3:ee:c2:c6:77:9b:15:69:1f:42:
1e:c3:1f:5c:9f:2a:b4:78:a3:d0:1d:39:2d:74:23:
a9:dd:dc:7d:d2:93:b1:3a:22:aa:9d:36:9f:e7:f0:
76:35:f4:1c:3b:f9:3c:0c:1c:c6:42:49:7a:1b:b1:
79:61:95:27:90:18:8d:4b:1c:b1:57:dd:61:2a:5e:
73:61:32:65:03:ee:8b:f7:dc:66:4f:1e:26:c6:52:
0b:4a:66:df:ef:16:5d:36:8b:39:cb:ce:eb:fc:41:
cd:9f:98:1c:8f:60:cd:fc:6d:3f:00:e2:89:ce:38:
54:57:88:fe:48:bb:1d:0d:c3:8e:c9:91:36:da:c1:
ca:73:98:f5:4e:77:b3:16:f3:f9:bc:3a:54:bc:ce:
a8:33:43:4b:79:63:97:38:fb:a1:68:34:66:bb:2f:
cf:23:71:87:a5:ec:74:02:df:b7:2a:81:9e:2a:4f:
4d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:2C:08:F7:24:11:06:D9:4C:D7:BC:90:29:C3:E5:88:B8:02:21:5B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/e7ec3b-29f9-4c47-b5c2-8803965a4a3e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/e7ec3b-29f9-4c47-b5c2-8803965a4a3e/1/kywI9yQRBtlM17yQKcPliLgCIVs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.23.0/24
IPv6:
2a11:17c0::/29
Signature Algorithm: sha256WithRSAEncryption
69:a1:ad:70:19:a4:19:82:a8:cd:3e:28:91:e0:f8:b5:86:fb:
04:ca:a7:4d:cd:1a:3a:c5:59:6a:d9:04:61:ef:22:27:0d:46:
91:12:7d:db:3a:8a:5b:28:c5:87:f3:e2:55:63:92:c2:41:eb:
72:b9:62:62:8b:47:f8:8a:0f:d3:aa:f8:88:81:b5:17:b8:e6:
91:c3:72:22:48:1a:af:38:50:50:ef:0a:b3:7d:51:62:98:db:
94:31:e0:d5:54:f2:0b:59:af:a9:b1:33:e6:b8:1f:d1:4a:4d:
51:51:b3:46:73:3f:fa:df:46:b8:31:8b:33:51:d5:67:54:1c:
d0:1b:54:0f:4d:61:bb:21:47:8c:e9:56:4b:e0:b3:8d:f4:39:
fd:d0:bf:c1:a3:83:97:c9:1a:1e:f2:5b:a1:fb:c4:f4:ce:79:
cf:4b:98:fe:b3:ef:59:3f:d6:9e:b4:60:7c:52:2b:a9:e0:c3:
3c:92:b3:d8:31:5c:3b:c6:63:9c:ea:4d:35:73:06:63:fc:29:
89:52:7c:59:91:6c:31:3f:8c:00:f7:9b:cc:4d:23:22:36:fb:
c7:d3:e9:d4:d0:99:d2:01:32:a0:1d:ca:7d:a9:34:0f:1e:32:
92:6c:19:c5:70:e0:3d:40:2b:d9:63:3a:ef:ce:8c:a9:65:0c:
3c:60:ee:95
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVq9OOoteyHw+zq456pscAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDEzMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzJjMDhmNzI0MTEwNmQ5NGNkN2JjOTAyOWMzZTU4OGI4MDIyMTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDvmGK/DGo0/MXocYhFBra5zKWRc
2fQwbuqHTNeMOlxDcGJrky+Sa2EmrS1NPkuV5jHXIJtGW2U1TWMAu/pPIQNO9HWn
hREaFyT4Qgx9u9PuwsZ3mxVpH0Iewx9cnyq0eKPQHTktdCOp3dx90pOxOiKqnTaf
5/B2NfQcO/k8DBzGQkl6G7F5YZUnkBiNSxyxV91hKl5zYTJlA+6L99xmTx4mxlIL
Smbf7xZdNos5y87r/EHNn5gcj2DN/G0/AOKJzjhUV4j+SLsdDcOOyZE22sHKc5j1
TnezFvP5vDpUvM6oM0NLeWOXOPuhaDRmuy/PI3GHpex0At+3KoGeKk9N0wIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFJMsCPckEQbZTNe8kCnD5Yi4AiFbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y5L2U3ZWMz
Yi0yOWY5LTRjNDctYjVjMi04ODAzOTY1YTRhM2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkvZTdlYzNi
LTI5ZjktNGM0Ny1iNWMyLTg4MDM5NjVhNGEzZS8xL2t5d0k5eVFSQnRsTTE3eVFL
Y1BsaUxnQ0lWcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwQMXMA0EAgACMAcDBQMqERfAMA0GCSqGSIb3
DQEBCwUAA4IBAQBpoa1wGaQZgqjNPiiR4Pi1hvsEyqdNzRo6xVlq2QRh7yInDUaR
En3bOopbKMWH8+JVY5LCQetyuWJii0f4ig/TqviIgbUXuOaRw3IiSBqvOFBQ7wqz
fVFimNuUMeDVVPILWa+psTPmuB/RSk1RUbNGcz/630a4MYszUdVnVBzQG1QPTWG7
IUeM6VZL4LON9Dn90L/Bo4OXyRoe8luh+8T0znnPS5j+s+9ZP9aetGB8Uiup4MM8
krPYMVw7xmOc6k01cwZj/CmJUnxZkWwxP4wA95vMTSMiNvvH0+nU0JnSATKgHcp9
qTQPHjKSbBnFcOA9QCvZYzrvzoypZQw8YO6V
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:57 2023 by rpki-client on console.sobornost.net