Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/wQHh6vnQpQHNSMPrsOFdqWIwhQQ.cer
File: wQHh6vnQpQHNSMPrsOFdqWIwhQQ.cer (raw, json)
Hash identifier: kKp88tIvIe/SJcKd+TiIzEc6EdWYOw9Cb4zRzzfkSMc=
Subject key identifier: C1:01:E1:EA:F9:D0:A5:01:CD:48:C3:EB:B0:E1:5D:A9:62:30:85:04
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856F40F932713133C1A95B31A8E822779F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a0/03598f-2a33-455c-8599-e0d7a53adfa5/1/wQHh6vnQpQHNSMPrsOFdqWIwhQQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a0/03598f-2a33-455c-8599-e0d7a53adfa5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 21:33:27 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 91.242.240.0/24
IP: 2a11:b0c0::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:40:f9:32:71:31:33:c1:a9:5b:31:a8:e8:22:77:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 21:33:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c101e1eaf9d0a501cd48c3ebb0e15da962308504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:72:41:2e:67:e0:9b:9d:18:dd:ba:a7:de:f8:
33:38:9a:0e:ab:73:e5:6b:a7:2b:07:20:c8:9f:51:
16:f1:d3:d8:18:6e:e4:da:b6:59:07:17:74:47:36:
6d:58:b3:6a:98:f0:5e:db:da:bc:86:cc:d4:d9:95:
72:a7:49:cb:b7:73:a9:22:5f:f8:e6:e9:7c:69:a9:
24:06:11:3e:fb:f0:0e:09:1f:61:c6:e5:ca:55:01:
e4:8e:a5:ee:f7:fd:e6:b5:b2:ce:da:51:45:b5:27:
ba:5a:c8:23:b8:62:87:b9:ea:f3:a8:ff:fa:48:44:
48:a1:5c:43:c4:3a:e5:94:05:10:dc:54:32:76:3b:
8c:56:1c:9e:92:b2:c0:66:11:20:0d:63:4a:9b:46:
e5:60:d8:d2:8a:61:2c:4e:6b:0f:36:cc:12:b1:b4:
2b:5a:9a:b5:41:97:f0:8f:76:ce:8b:a5:b4:b3:7f:
76:7f:2b:62:18:6c:4f:c5:3f:f8:f1:c5:10:ba:4a:
36:75:3b:cd:e5:63:48:0f:06:8d:97:5e:17:85:76:
d0:bf:e5:23:ba:a3:92:6d:c5:91:07:57:7b:be:34:
2e:b1:b2:5b:52:49:e5:8f:46:b4:61:45:10:3b:e6:
91:72:3d:dd:2d:1e:d3:aa:f9:78:67:ca:00:43:a1:
ab:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:01:E1:EA:F9:D0:A5:01:CD:48:C3:EB:B0:E1:5D:A9:62:30:85:04
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/03598f-2a33-455c-8599-e0d7a53adfa5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/03598f-2a33-455c-8599-e0d7a53adfa5/1/wQHh6vnQpQHNSMPrsOFdqWIwhQQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.240.0/24
IPv6:
2a11:b0c0::/29
Signature Algorithm: sha256WithRSAEncryption
4f:58:c9:04:ee:b9:83:89:0a:43:1e:58:db:c0:01:75:8e:26:
53:6c:79:8f:54:5f:c9:0f:f9:f6:30:31:87:71:12:ee:c9:e5:
0e:b6:cd:b8:3f:16:88:61:04:b3:c8:df:d1:42:2d:26:26:c2:
68:7f:1b:71:27:fc:56:4e:c1:90:8c:c4:a2:cb:8c:d1:aa:eb:
84:aa:c4:b2:5f:8d:63:06:18:46:96:d2:b6:67:88:30:61:b7:
b4:7e:f3:48:f8:50:62:c5:b1:0d:cb:ea:29:a3:5d:0f:77:2b:
95:8d:ce:16:2d:cb:a3:78:89:97:88:df:7c:9e:44:10:96:39:
0f:bb:9a:23:78:fc:bd:cb:b9:29:fd:3e:f7:43:f5:7c:09:fd:
35:43:71:79:cb:61:65:35:6c:17:4d:fb:95:93:27:83:ea:cb:
01:c9:7a:ab:69:4d:e0:0c:99:96:c8:59:e7:74:b9:b7:28:f3:
16:5f:9e:8a:73:8a:fd:f2:2b:55:76:77:eb:40:54:28:13:a0:
cd:95:ea:c4:dd:3f:0c:81:43:6a:56:1c:b1:7b:4b:f6:13:15:
cc:a2:ab:dd:97:4f:b2:60:8f:1b:66:16:d5:d3:be:9c:5c:4f:
45:8e:1c:c0:a4:d4:e3:8a:be:47:27:85:e5:0f:a5:7e:f1:fd:
5d:7e:ae:ac
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVvQPkycTEzwalbMajoInefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjEzMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTAxZTFlYWY5ZDBhNTAxY2Q0OGMzZWJiMGUxNWRhOTYyMzA4NTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnJBLmfgm50Y3bqn3vgzOJoOq3Pl
a6crByDIn1EW8dPYGG7k2rZZBxd0RzZtWLNqmPBe29q8hszU2ZVyp0nLt3OpIl/4
5ul8aakkBhE++/AOCR9hxuXKVQHkjqXu9/3mtbLO2lFFtSe6WsgjuGKHuerzqP/6
SERIoVxDxDrllAUQ3FQydjuMVhyekrLAZhEgDWNKm0blYNjSimEsTmsPNswSsbQr
Wpq1QZfwj3bOi6W0s392fytiGGxPxT/48cUQuko2dTvN5WNIDwaNl14XhXbQv+Uj
uqOSbcWRB1d7vjQusbJbUknlj0a0YUUQO+aRcj3dLR7Tqvl4Z8oAQ6GruwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFMEB4er50KUBzUjD67DhXaliMIUEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2EwLzAzNTk4
Zi0yYTMzLTQ1NWMtODU5OS1lMGQ3YTUzYWRmYTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAvMDM1OThm
LTJhMzMtNDU1Yy04NTk5LWUwZDdhNTNhZGZhNS8xL3dRSGg2dm5RcFFITlNNUHJz
T0ZkcVdJd2hRUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAW/LwMA0EAgACMAcDBQMqEbDAMA0GCSqGSIb3
DQEBCwUAA4IBAQBPWMkE7rmDiQpDHljbwAF1jiZTbHmPVF/JD/n2MDGHcRLuyeUO
ts24PxaIYQSzyN/RQi0mJsJofxtxJ/xWTsGQjMSiy4zRquuEqsSyX41jBhhGltK2
Z4gwYbe0fvNI+FBixbENy+opo10PdyuVjc4WLcujeImXiN98nkQQljkPu5ojePy9
y7kp/T73Q/V8Cf01Q3F5y2FlNWwXTfuVkyeD6ssByXqraU3gDJmWyFnndLm3KPMW
X56Kc4r98itVdnfrQFQoE6DNlerE3T8MgUNqVhyxe0v2ExXMoqvdl0+yYI8bZhbV
076cXE9FjhzApNTjir5HJ4XlD6V+8f1dfq6s
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:40 2023 by rpki-client on console.sobornost.net