Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zdG_laKzv9pF4QgNqfbD6FjmKRE.cer
File: zdG_laKzv9pF4QgNqfbD6FjmKRE.cer (raw, json)
Hash identifier: 0wXvVxRbHtpRg4pd1ktrD9u/kv4/aQ17+ST258y7E2c=
Subject key identifier: CD:D1:BF:95:A2:B3:BF:DA:45:E1:08:0D:A9:F6:C3:E8:58:E6:29:11
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856F4021ACA9375057C5CCBAC3C1143434
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c2/89ba06-49b1-4fe0-8b48-a80134172e10/1/zdG_laKzv9pF4QgNqfbD6FjmKRE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c2/89ba06-49b1-4fe0-8b48-a80134172e10/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 21:32:32 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 94.103.189.0/24
IP: 2a11:4540::/29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:40:21:ac:a9:37:50:57:c5:cc:ba:c3:c1:14:34:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 21:32:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdd1bf95a2b3bfda45e1080da9f6c3e858e62911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:20:e5:08:ef:d9:6b:f2:d7:d7:03:7e:84:57:
45:2b:36:a4:e4:02:33:d8:38:5f:62:ff:3a:db:6c:
39:04:e4:52:80:1f:13:1c:6e:93:e5:93:2e:c0:50:
e5:ba:c2:a3:91:c4:f1:af:f5:9d:50:76:8a:3b:3f:
f0:92:48:1e:a1:2c:4f:ff:13:ce:50:e2:4f:ad:cc:
b0:11:42:56:fe:bb:20:c3:d1:3d:6a:3a:42:5d:5d:
0d:dc:74:d8:30:27:da:76:f5:89:75:50:5a:5d:2f:
79:db:d4:f8:33:e8:0a:07:64:14:58:50:9d:74:46:
fc:d3:70:aa:bf:dd:9d:28:88:53:0e:71:14:e2:56:
06:fb:3c:92:2d:ba:3e:41:7f:db:bd:66:46:70:e7:
9d:10:b2:2a:2a:c9:e0:00:2e:68:46:ba:2f:c3:a3:
34:34:0d:81:e6:37:02:83:e7:d2:01:2a:75:97:8c:
45:53:22:2f:76:a7:f1:ec:28:2b:f4:4b:16:83:4f:
a1:7e:b7:01:0b:39:09:86:54:09:87:cf:d7:16:91:
0f:3c:14:76:51:87:8d:97:df:85:1a:b0:4a:29:b2:
38:e2:d0:d0:ab:d0:01:18:c2:3c:75:16:a4:86:38:
dd:8d:6a:81:7c:22:cd:2b:19:a8:d2:d2:54:74:e1:
ec:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D1:BF:95:A2:B3:BF:DA:45:E1:08:0D:A9:F6:C3:E8:58:E6:29:11
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/89ba06-49b1-4fe0-8b48-a80134172e10/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/89ba06-49b1-4fe0-8b48-a80134172e10/1/zdG_laKzv9pF4QgNqfbD6FjmKRE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.189.0/24
IPv6:
2a11:4540::/29
Signature Algorithm: sha256WithRSAEncryption
a5:69:5c:88:c8:6e:1a:1e:5f:19:b6:ff:9b:57:15:43:74:85:
10:35:1d:af:70:89:9d:d5:e6:15:9a:76:5e:9b:36:90:d7:ba:
c3:3b:1f:9a:0e:15:8b:68:51:62:c7:0a:86:7c:34:56:63:74:
b2:37:ec:50:4b:0e:39:20:06:a2:3a:aa:fe:0b:ee:75:6c:e7:
67:af:3b:8d:33:00:41:8f:28:48:e0:b5:ac:18:5c:8c:4b:15:
03:b0:4c:22:9f:d3:9c:6f:2d:8e:44:52:e4:a8:7c:62:b3:fa:
3b:5f:32:7e:16:eb:69:50:51:80:f3:c1:0c:f7:46:6c:27:65:
90:f4:7a:ef:ca:01:22:b2:65:da:30:1d:5c:24:4c:fe:4c:eb:
28:d5:fb:aa:15:a0:3b:93:db:36:84:d0:f5:a2:0f:50:df:e0:
c0:e2:c5:86:9f:8a:8c:d6:8c:03:7c:eb:90:51:02:40:d1:a9:
73:21:14:4b:09:4e:46:24:67:fc:87:ae:81:94:06:86:01:0d:
d4:37:aa:dd:d6:98:8f:34:2b:c7:fb:ec:da:69:b5:dc:21:d9:
b0:11:0e:0b:d1:b9:de:9d:62:0c:67:86:68:bf:92:34:b1:31:
ad:be:55:5c:92:67:bf:8b:54:ed:d8:7f:07:ed:7b:40:66:f1:
20:9c:cb:24
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVvQCGsqTdQV8XMusPBFDQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjEzMjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGQxYmY5NWEyYjNiZmRhNDVlMTA4MGRhOWY2YzNlODU4ZTYyOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCDlCO/Za/LX1wN+hFdFKzak5AIz
2DhfYv8622w5BORSgB8THG6T5ZMuwFDlusKjkcTxr/WdUHaKOz/wkkgeoSxP/xPO
UOJPrcywEUJW/rsgw9E9ajpCXV0N3HTYMCfadvWJdVBaXS9529T4M+gKB2QUWFCd
dEb803Cqv92dKIhTDnEU4lYG+zySLbo+QX/bvWZGcOedELIqKsngAC5oRrovw6M0
NA2B5jcCg+fSASp1l4xFUyIvdqfx7Cgr9EsWg0+hfrcBCzkJhlQJh8/XFpEPPBR2
UYeNl9+FGrBKKbI44tDQq9ABGMI8dRakhjjdjWqBfCLNKxmo0tJUdOHsNQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFM3Rv5Wis7/aReEIDan2w+hY5ikRMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MyLzg5YmEw
Ni00OWIxLTRmZTAtOGI0OC1hODAxMzQxNzJlMTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIvODliYTA2
LTQ5YjEtNGZlMC04YjQ4LWE4MDEzNDE3MmUxMC8xL3pkR19sYUt6djlwRjRRZ05x
ZmJENkZqbUtSRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAXme9MA0EAgACMAcDBQMqEUVAMA0GCSqGSIb3
DQEBCwUAA4IBAQClaVyIyG4aHl8Ztv+bVxVDdIUQNR2vcImd1eYVmnZemzaQ17rD
Ox+aDhWLaFFixwqGfDRWY3SyN+xQSw45IAaiOqr+C+51bOdnrzuNMwBBjyhI4LWs
GFyMSxUDsEwin9Ocby2ORFLkqHxis/o7XzJ+FutpUFGA88EM90ZsJ2WQ9HrvygEi
smXaMB1cJEz+TOso1fuqFaA7k9s2hND1og9Q3+DA4sWGn4qM1owDfOuQUQJA0alz
IRRLCU5GJGf8h66BlAaGAQ3UN6rd1piPNCvH++zaabXcIdmwEQ4L0bnenWIMZ4Zo
v5I0sTGtvlVckme/i1Tt2H8H7XtAZvEgnMsk
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:53 2023 by rpki-client on console.sobornost.net