Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pmndEhuLXetRKfP9uuunzj1jJco.cer
File: pmndEhuLXetRKfP9uuunzj1jJco.cer (raw, json)
Hash identifier: voPN+JGhtpgQwiZes/MgUtMhtjJxNAPyUvZgz0M8Rf8=
Subject key identifier: A6:69:DD:12:1B:8B:5D:EB:51:29:F3:FD:BA:EB:A7:CE:3D:63:25:CA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0185708AA06FD7EBCD3A2F407766C2F40511
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b5/843f8a-dfa4-4bb8-9b07-dfc1930bbf84/1/pmndEhuLXetRKfP9uuunzj1jJco.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b5/843f8a-dfa4-4bb8-9b07-dfc1930bbf84/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 03:33:31 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 62.3.2.0/24
IP: 2a12:ae00::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8a:a0:6f:d7:eb:cd:3a:2f:40:77:66:c2:f4:05:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:33:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a669dd121b8b5deb5129f3fdbaeba7ce3d6325ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:25:cc:f0:1b:21:37:b4:60:89:50:b4:d3:8c:
d7:84:10:1a:8f:00:6a:d9:f7:53:77:35:e8:40:a9:
ab:0e:5f:4e:02:b1:64:4c:d8:6c:6b:bc:49:45:03:
dd:50:d3:21:f3:ee:fa:dd:99:df:ce:10:ba:23:c9:
7d:76:34:92:73:f4:81:66:11:1b:10:89:ee:0e:e0:
e2:90:86:96:72:8e:b0:d9:95:18:cd:a8:f9:8d:61:
99:be:89:1c:0a:ef:df:50:59:ab:69:a6:7d:d5:6d:
59:85:7b:f9:b2:54:a7:8e:98:9f:87:73:d5:a2:5a:
f7:a7:3d:19:19:f4:91:8d:9d:13:be:43:1f:24:86:
8a:e4:e9:e3:12:9f:39:89:3e:f0:03:c4:88:1d:d0:
f4:5b:b2:0f:1e:fe:c2:41:99:87:d6:ac:db:a5:48:
92:f2:47:58:49:d1:b1:ce:1b:09:35:f3:a3:de:ca:
61:ca:02:0b:55:6e:5e:47:e4:55:26:90:ac:db:8c:
b5:ec:70:30:cf:6f:58:e8:c3:ab:65:0f:72:23:67:
86:40:cd:8e:34:81:fa:d1:46:4b:7b:0d:b4:b1:17:
a6:61:a6:00:b8:34:bf:47:5e:f7:c7:25:f3:70:e0:
29:aa:cc:de:bf:74:7e:a4:75:53:5e:26:be:27:3f:
d8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:69:DD:12:1B:8B:5D:EB:51:29:F3:FD:BA:EB:A7:CE:3D:63:25:CA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/843f8a-dfa4-4bb8-9b07-dfc1930bbf84/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/843f8a-dfa4-4bb8-9b07-dfc1930bbf84/1/pmndEhuLXetRKfP9uuunzj1jJco.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.2.0/24
IPv6:
2a12:ae00::/29
Signature Algorithm: sha256WithRSAEncryption
64:16:95:ec:db:54:10:b0:b5:aa:15:71:7e:d3:f6:ab:11:29:
a8:60:a4:8f:46:02:d2:32:64:87:8f:fd:2c:28:b2:e6:6f:b2:
d9:3b:a6:a4:a4:66:92:ea:ac:f4:fc:1c:b8:ba:e6:f6:9d:4d:
41:98:c5:73:0e:48:fc:e8:37:a3:4f:ee:c4:6e:0a:99:28:53:
de:59:d9:02:68:e2:9d:05:28:8e:ab:78:17:ce:bf:9d:bf:1a:
f7:c7:2e:10:2a:db:73:60:7a:0a:cd:be:4f:ed:d2:ba:1c:83:
0e:3d:85:5d:90:7a:d3:eb:57:cf:bc:2b:75:53:9f:f5:a8:ba:
16:e2:42:87:14:6a:3f:89:c8:be:86:40:cf:44:37:c9:54:b7:
3e:38:d2:9a:38:c6:00:2f:f8:ea:9f:c5:31:dc:ee:8d:27:c1:
17:ec:a0:6a:1c:d3:9c:3b:8d:c9:df:13:04:11:01:7f:33:03:
86:b3:8d:9b:54:e3:77:71:2f:44:bb:d9:9f:07:a1:5c:a0:75:
b9:ef:f7:a9:e1:cc:a4:e5:38:75:db:5f:66:67:12:61:bd:c8:
a0:48:90:5b:02:0b:d6:4d:c2:45:97:af:49:1c:53:9d:da:3a:
94:42:32:44:a0:2c:0d:1f:96:84:c7:29:7f:fa:2f:9d:b6:8e:
eb:de:f2:06
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVwiqBv1+vNOi9Ad2bC9AURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDMzMzMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjY5ZGQxMjFiOGI1ZGViNTEyOWYzZmRiYWViYTdjZTNkNjMyNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyXM8BshN7RgiVC004zXhBAajwBq
2fdTdzXoQKmrDl9OArFkTNhsa7xJRQPdUNMh8+763ZnfzhC6I8l9djSSc/SBZhEb
EInuDuDikIaWco6w2ZUYzaj5jWGZvokcCu/fUFmraaZ91W1ZhXv5slSnjpifh3PV
olr3pz0ZGfSRjZ0TvkMfJIaK5OnjEp85iT7wA8SIHdD0W7IPHv7CQZmH1qzbpUiS
8kdYSdGxzhsJNfOj3sphygILVW5eR+RVJpCs24y17HAwz29Y6MOrZQ9yI2eGQM2O
NIH60UZLew20sRemYaYAuDS/R173xyXzcOApqszev3R+pHVTXia+Jz/YhQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFKZp3RIbi13rUSnz/brrp849YyXKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I1Lzg0M2Y4
YS1kZmE0LTRiYjgtOWIwNy1kZmMxOTMwYmJmODQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUvODQzZjhh
LWRmYTQtNGJiOC05YjA3LWRmYzE5MzBiYmY4NC8xL3BtbmRFaHVMWGV0UktmUDl1
dXVuemoxakpjby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAPgMCMA0EAgACMAcDBQMqEq4AMA0GCSqGSIb3
DQEBCwUAA4IBAQBkFpXs21QQsLWqFXF+0/arESmoYKSPRgLSMmSHj/0sKLLmb7LZ
O6akpGaS6qz0/By4uub2nU1BmMVzDkj86DejT+7EbgqZKFPeWdkCaOKdBSiOq3gX
zr+dvxr3xy4QKttzYHoKzb5P7dK6HIMOPYVdkHrT61fPvCt1U5/1qLoW4kKHFGo/
ici+hkDPRDfJVLc+ONKaOMYAL/jqn8Ux3O6NJ8EX7KBqHNOcO43J3xMEEQF/MwOG
s42bVON3cS9Eu9mfB6FcoHW57/ep4cyk5Th1219mZxJhvcigSJBbAgvWTcJFl69J
HFOd2jqUQjJEoCwNH5aExyl/+i+dto7r3vIG
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:16 2023 by rpki-client on console.sobornost.net