Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nTFcvKZU2A-y8mkl1afk4Y5ajbo.cer
File: nTFcvKZU2A-y8mkl1afk4Y5ajbo.cer (raw, json)
Hash identifier: 6awaJLLlNR3SgMWVVzopatjtSr42i74Vneotzu6wTIE=
Subject key identifier: 9D:31:5C:BC:A6:54:D8:0F:B2:F2:69:25:D5:A7:E4:E1:8E:5A:8D:BA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856D1B5B14AE96C55208DD3EF117EE5A6D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cf/f301cd-9f4e-4113-a5fc-66018f715b03/1/nTFcvKZU2A-y8mkl1afk4Y5ajbo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cf/f301cd-9f4e-4113-a5fc-66018f715b03/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 11:33:07 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.234.113.0/24
IP: 2a10:e080::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:1b:5b:14:ae:96:c5:52:08:dd:3e:f1:17:ee:5a:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:33:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d315cbca654d80fb2f26925d5a7e4e18e5a8dba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:de:8a:6f:04:f5:07:3c:0d:db:34:d6:b5:a1:
9a:84:67:4e:45:1e:17:ec:2d:44:28:34:cb:4b:c7:
ce:f4:74:ce:79:df:19:70:49:3b:ef:f4:6c:64:07:
e0:47:80:b1:a0:c7:89:79:78:7a:27:35:c8:78:8b:
d2:18:85:e2:ce:c9:9e:dd:44:ae:b2:f5:57:66:5e:
89:94:fa:8f:50:49:bd:7d:58:f4:43:24:d0:f6:64:
68:c9:83:36:8a:90:41:97:4c:9d:6c:b8:9d:22:ed:
5b:71:d2:0a:17:d9:b2:3b:0d:c7:dc:93:43:68:e8:
68:54:32:c8:e6:3b:d3:68:79:ac:94:6c:94:b5:58:
3e:65:4f:37:ed:6e:d5:0a:5c:24:1c:4f:76:79:6c:
0d:06:0c:3b:30:1b:4f:9b:1a:e5:4a:20:93:23:0a:
eb:6f:98:83:be:47:25:97:65:8a:48:65:03:d2:69:
17:81:e5:69:75:bd:34:62:8a:16:b9:bc:a0:8e:4c:
10:8e:82:9f:4b:18:85:e1:ed:a5:98:e5:07:43:db:
01:4f:ac:be:28:11:45:3b:25:4a:5d:cb:89:5c:4e:
90:30:38:e4:40:d7:08:cf:a3:c6:ca:71:4d:03:5b:
c8:c7:ae:34:ea:52:92:fc:22:c4:23:1a:ed:78:8c:
c1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:31:5C:BC:A6:54:D8:0F:B2:F2:69:25:D5:A7:E4:E1:8E:5A:8D:BA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f301cd-9f4e-4113-a5fc-66018f715b03/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f301cd-9f4e-4113-a5fc-66018f715b03/1/nTFcvKZU2A-y8mkl1afk4Y5ajbo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.113.0/24
IPv6:
2a10:e080::/29
Signature Algorithm: sha256WithRSAEncryption
2d:6a:a7:2b:dc:0d:cc:36:76:d3:66:0f:17:95:79:30:37:bf:
0f:d8:b7:b6:8e:d1:e1:a3:eb:93:de:87:39:80:7e:f5:50:89:
fe:63:6b:ba:5b:1f:51:92:5a:a7:5c:50:9b:3a:f3:f7:c0:e3:
d5:a7:6b:5b:de:f0:30:1f:ed:dc:b2:6a:09:d7:d3:ef:bf:25:
1f:e7:60:a3:86:3c:a5:da:aa:af:16:9d:be:90:2d:60:15:30:
ee:0e:38:96:ab:84:41:05:1d:1b:ac:ab:89:fb:78:da:ec:7e:
9d:cb:3e:17:5e:de:7a:d6:f5:27:03:ef:5b:ac:cd:ac:1b:c3:
d2:0b:f4:a3:26:ea:00:bc:7d:2f:c9:98:5d:fd:42:3a:9f:00:
2e:13:98:e0:de:ce:0e:52:f8:a4:1d:2b:9a:19:6d:36:ee:26:
28:6e:3c:b2:25:d3:be:21:6a:22:7b:08:d3:48:80:26:2c:e7:
94:14:57:03:33:07:f6:02:8f:91:10:61:ce:4b:5f:47:a0:4e:
d7:ab:d6:d4:e7:02:52:55:eb:64:eb:0b:d0:53:89:63:13:d0:
aa:42:e4:00:49:5c:96:fd:14:d4:f2:8e:0e:6e:b7:6e:72:8c:
8c:d8:ef:45:80:57:e8:6f:51:99:a9:13:0d:c6:10:b1:4e:b1:
ff:3f:33:02
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVtG1sUrpbFUgjdPvEX7lptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTEzMzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDMxNWNiY2E2NTRkODBmYjJmMjY5MjVkNWE3ZTRlMThlNWE4ZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhN6KbwT1BzwN2zTWtaGahGdORR4X
7C1EKDTLS8fO9HTOed8ZcEk77/RsZAfgR4CxoMeJeXh6JzXIeIvSGIXizsme3USu
svVXZl6JlPqPUEm9fVj0QyTQ9mRoyYM2ipBBl0ydbLidIu1bcdIKF9myOw3H3JND
aOhoVDLI5jvTaHmslGyUtVg+ZU837W7VClwkHE92eWwNBgw7MBtPmxrlSiCTIwrr
b5iDvkcll2WKSGUD0mkXgeVpdb00YooWubygjkwQjoKfSxiF4e2lmOUHQ9sBT6y+
KBFFOyVKXcuJXE6QMDjkQNcIz6PGynFNA1vIx6406lKS/CLEIxrteIzBpQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFJ0xXLymVNgPsvJpJdWn5OGOWo26MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NmL2YzMDFj
ZC05ZjRlLTQxMTMtYTVmYy02NjAxOGY3MTViMDMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2YvZjMwMWNk
LTlmNGUtNDExMy1hNWZjLTY2MDE4ZjcxNWIwMy8xL25URmN2S1pVMkEteThta2wx
YWZrNFk1YWpiby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAuepxMA0EAgACMAcDBQMqEOCAMA0GCSqGSIb3
DQEBCwUAA4IBAQAtaqcr3A3MNnbTZg8XlXkwN78P2Le2jtHho+uT3oc5gH71UIn+
Y2u6Wx9RklqnXFCbOvP3wOPVp2tb3vAwH+3csmoJ19PvvyUf52Cjhjyl2qqvFp2+
kC1gFTDuDjiWq4RBBR0brKuJ+3ja7H6dyz4XXt561vUnA+9brM2sG8PSC/SjJuoA
vH0vyZhd/UI6nwAuE5jg3s4OUvikHSuaGW027iYobjyyJdO+IWoiewjTSIAmLOeU
FFcDMwf2Ao+REGHOS19HoE7Xq9bU5wJSVetk6wvQU4ljE9CqQuQASVyW/RTU8o4O
brducoyM2O9FgFfob1GZqRMNxhCxTrH/PzMC
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:07 2023 by rpki-client on console.sobornost.net