Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2rgb5IHZPd-hv8A2kQxfXKZLR8I.cer
File: 2rgb5IHZPd-hv8A2kQxfXKZLR8I.cer (raw, json)
Hash identifier: k/PuOOpstvqne1E5VXBdXZtqzzU15XjOUCmpmdtgf3U=
Subject key identifier: DA:B8:1B:E4:81:D9:3D:DF:A1:BF:C0:36:91:0C:5F:5C:A6:4B:47:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 994AA1B8CD
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7b/c05501-5605-4386-b6a2-05f0957fb42d/1/2rgb5IHZPd-hv8A2kQxfXKZLR8I.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7b/c05501-5605-4386-b6a2-05f0957fb42d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 00:55:29 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 193.223.109.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 658382108877 (0x994aa1b8cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:55:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dab81be481d93ddfa1bfc036910c5f5ca64b47c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:88:35:58:1b:3a:61:e3:76:67:f0:50:8c:40:
60:08:15:a5:3a:ef:35:37:75:1a:44:03:b7:fa:8d:
48:e0:12:25:97:b8:d1:b0:cb:97:71:2c:23:fa:21:
85:90:86:9a:e0:2c:11:cc:aa:0d:93:2c:0e:ac:8b:
01:24:f0:27:ed:da:95:39:7e:d8:77:e2:a6:3c:5a:
7e:47:4b:a1:24:b2:f9:c4:6e:f9:2f:d9:dd:94:4a:
9f:7f:47:2b:a1:6e:02:09:1a:8b:c1:b0:c0:8a:15:
01:3d:6a:cd:43:62:93:e9:37:98:ee:a6:3d:3e:9a:
8f:94:38:a6:62:81:23:9e:2c:ed:72:d1:ad:08:63:
8a:47:27:03:37:3f:94:e5:20:42:b3:cb:f8:9a:a7:
a7:b6:1f:dd:f0:82:76:4e:84:9f:2d:8b:1c:d0:23:
e5:4b:ea:09:cf:9b:66:f3:13:3d:5b:c9:27:65:8c:
1e:78:84:30:a8:3b:53:5f:cf:5d:d6:60:ae:66:6e:
24:1b:28:94:58:a4:f2:99:12:e7:14:3d:38:ed:dd:
27:69:f3:75:96:9f:a2:3b:c9:5f:56:64:7b:49:2f:
c0:2e:db:f1:36:54:77:d7:ce:f8:d2:88:67:c4:07:
f7:6b:8f:cd:7d:cd:ff:de:cb:cb:a7:be:92:a1:dd:
5c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B8:1B:E4:81:D9:3D:DF:A1:BF:C0:36:91:0C:5F:5C:A6:4B:47:C2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/c05501-5605-4386-b6a2-05f0957fb42d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/c05501-5605-4386-b6a2-05f0957fb42d/1/2rgb5IHZPd-hv8A2kQxfXKZLR8I.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.223.109.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:c5:18:e8:c2:e9:e8:60:2f:56:bc:97:04:7f:70:a0:0f:28:
e1:5e:ec:69:42:b9:80:41:27:17:83:60:d6:33:f2:14:35:38:
81:d0:7b:c2:58:73:d1:a9:fe:d8:7e:48:35:e6:4b:f1:43:1c:
b9:40:7a:29:c7:e8:74:ce:52:24:07:ea:1a:1f:7a:c7:f6:77:
0e:f0:88:b5:93:ce:18:ff:33:ba:5b:88:fe:5c:56:95:aa:7d:
f6:e4:ae:9f:b2:08:0f:c3:dc:6b:3b:2b:0e:df:49:87:f1:82:
72:47:fc:0d:25:9b:fb:ed:53:16:c6:7d:ae:b4:4f:84:22:22:
8c:48:65:69:7c:10:7f:bb:42:c2:dc:1f:8b:80:f2:22:64:b6:
bf:cd:6a:45:ea:2a:7e:04:46:e3:02:f3:a7:ab:91:7d:6a:b2:
33:af:39:47:e6:f1:50:fe:79:99:16:85:d7:f7:6c:7e:bd:62:
f6:c6:e8:67:85:8a:c5:20:bd:12:5b:49:4e:d3:2c:70:df:a3:
46:0e:77:70:ac:99:34:74:0e:db:fa:c3:49:ba:58:50:51:40:
a2:d5:54:f3:51:75:51:06:15:95:3b:31:ae:50:ae:83:7e:cf:
da:79:f8:f6:d6:87:87:36:b5:e1:1f:d6:e1:11:6e:4d:c3:be:
f4:3e:c8:a5
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAJlKobjNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDA1NTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkYWI4MWJlNDgx
ZDkzZGRmYTFiZmMwMzY5MTBjNWY1Y2E2NGI0N2MyMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAm4g1WBs6YeN2Z/BQjEBgCBWlOu81N3UaRAO3+o1I4BIl
l7jRsMuXcSwj+iGFkIaa4CwRzKoNkywOrIsBJPAn7dqVOX7Yd+KmPFp+R0uhJLL5
xG75L9ndlEqff0croW4CCRqLwbDAihUBPWrNQ2KT6TeY7qY9PpqPlDimYoEjnizt
ctGtCGOKRycDNz+U5SBCs8v4mqenth/d8IJ2ToSfLYsc0CPlS+oJz5tm8xM9W8kn
ZYweeIQwqDtTX89d1mCuZm4kGyiUWKTymRLnFD047d0nafN1lp+iO8lfVmR7SS/A
LtvxNlR318740ohnxAf3a4/Nfc3/3svLp76Sod1cQwIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFNq4G+SB2T3fob/ANpEMX1ymS0fCMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdiL2MwNTUwMS01NjA1LTQzODYt
YjZhMi0wNWYwOTU3ZmI0MmQvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYzA1NTAxLTU2MDUtNDM4Ni1i
NmEyLTA1ZjA5NTdmYjQyZC8xLzJyZ2I1SUhaUGQtaHY4QTJrUXhmWEtaTFI4SS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAwd9tMA0GCSqGSIb3DQEBCwUAA4IBAQCuxRjowunoYC9WvJcEf3Cg
DyjhXuxpQrmAQScXg2DWM/IUNTiB0HvCWHPRqf7Yfkg15kvxQxy5QHopx+h0zlIk
B+oaH3rH9ncO8Ii1k84Y/zO6W4j+XFaVqn325K6fsggPw9xrOysO30mH8YJyR/wN
JZv77VMWxn2utE+EIiKMSGVpfBB/u0LC3B+LgPIiZLa/zWpF6ip+BEbjAvOnq5F9
arIzrzlH5vFQ/nmZFoXX92x+vWL2xuhnhYrFIL0SW0lO0yxw36NGDndwrJk0dA7b
+sNJulhQUUCi1VTzUXVRBhWVOzGuUK6Dfs/aefj21oeHNrXhH9bhEW5Nw770Psil
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:18 2024 by rpki-client on console-ams.rpki-client.org