Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TYst-IJfUn0IzdahI_HSHKtX5F0.cer
File: TYst-IJfUn0IzdahI_HSHKtX5F0.cer (raw, json)
Hash identifier: s27h/f9kV3xu4Hvh2mMDovjINpwRmmfz8wIp1h7F8H8=
Subject key identifier: 4D:8B:2D:F8:82:5F:52:7D:08:CD:D6:A1:23:F1:D2:1C:AB:57:E4:5D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 7543D486F4
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://nostromo.heficed.net/repo/1123671/0/4D8B2DF8825F527D08CDD6A123F1D21CAB57E45D.mft
caRepository: rsync://nostromo.heficed.net/repo/1123671/0/
Notify URL: https://nostromo.heficed.net/rrdp/notification.xml
Certificate not before: Fri 01 Jan 2021 00:02:23 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: AS: 206150
IP: 185.172.64.0/22
IP: 2a0b:500::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 503649175284 (0x7543d486f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:02:23 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=4d8b2df8825f527d08cdd6a123f1d21cab57e45d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:98:d7:4d:c1:6c:b0:47:7e:6e:00:80:07:4f:
ad:c8:51:3a:12:51:3b:64:40:5f:95:3e:fe:38:ef:
50:7e:fe:59:41:80:0b:96:f1:a9:a9:18:ff:f0:ff:
f0:e1:fe:73:91:2f:04:13:b4:b2:9d:55:5f:eb:74:
ca:c3:7c:eb:08:63:78:11:88:1e:29:02:d4:48:ff:
1b:9c:8b:73:a7:38:9d:eb:2a:65:32:39:ee:7c:24:
ca:af:22:63:92:a5:5b:d8:69:5a:24:47:19:89:90:
25:dd:7b:18:0a:7f:1d:e6:1c:02:20:ce:d2:09:71:
4a:7c:fd:35:11:23:85:c4:1d:ac:d2:a3:eb:64:94:
71:8c:19:24:f1:48:b4:7a:41:ad:a5:84:e0:3d:cf:
ff:e7:d1:65:26:18:61:f9:4f:3f:ba:72:fc:8d:07:
3f:d0:f4:ad:f8:04:e3:97:86:64:5f:c3:2c:d3:5c:
3a:5e:57:ac:c8:42:0f:43:49:17:c9:42:90:38:d9:
98:e2:ea:cd:50:42:c8:81:3f:29:79:79:a2:86:57:
11:c0:99:80:c5:f2:94:75:4d:1e:55:77:b4:bc:32:
a1:8c:74:79:2b:fc:b8:72:b7:3a:08:bf:62:9a:3b:
e5:a6:bd:3d:a2:36:a7:8f:b3:44:27:79:9e:6e:90:
e9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:8B:2D:F8:82:5F:52:7D:08:CD:D6:A1:23:F1:D2:1C:AB:57:E4:5D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://nostromo.heficed.net/repo/1123671/0/
RPKI Manifest - URI:rsync://nostromo.heficed.net/repo/1123671/0/4D8B2DF8825F527D08CDD6A123F1D21CAB57E45D.mft
RPKI Notify - URI:https://nostromo.heficed.net/rrdp/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.64.0/22
IPv6:
2a0b:500::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206150
Signature Algorithm: sha256WithRSAEncryption
35:55:37:0a:a3:6f:2c:71:86:d3:56:db:cb:48:a5:21:51:4a:
a1:be:74:60:87:23:3a:e2:14:27:7d:4d:a0:70:bf:9a:93:c4:
48:62:b7:00:81:92:d8:e5:20:e9:1a:8e:f8:30:cb:de:12:13:
7d:c1:49:74:b0:71:17:7b:dc:a9:4a:ff:4c:b6:d9:ee:56:89:
1f:ff:b2:50:fc:d4:09:a0:c1:60:1b:11:86:36:c6:80:39:42:
2e:21:6b:1a:02:d3:53:89:83:42:65:28:50:2a:52:26:15:32:
43:16:a4:36:37:6f:a1:a1:61:cd:41:11:fe:1a:c6:5c:19:ad:
11:26:59:4b:42:f9:ad:58:e6:cf:f2:6e:10:15:3b:f1:69:be:
02:1e:13:b9:28:b8:ea:30:65:18:8c:c0:51:39:1a:55:c8:a9:
44:78:cf:2a:22:96:79:50:ac:01:5c:d4:6a:47:47:51:62:2c:
db:4b:a3:0b:7b:d9:57:49:16:68:a1:d8:f1:2a:33:b8:f7:f1:
46:fc:0a:53:ca:67:54:e3:2c:84:af:0b:c3:75:5f:f2:9f:ff:
23:b4:f4:dd:4a:f5:8a:a8:c8:73:95:e3:9c:d1:ce:08:f6:c2:
14:65:14:91:5a:ed:10:67:2e:16:18:72:95:eb:4d:d2:32:71:
ff:f4:c1:18
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgIFdUPUhvQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMTAx
MDEwMDAyMjNaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRkOGIyZGY4ODI1
ZjUyN2QwOGNkZDZhMTIzZjFkMjFjYWI1N2U0NWQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2mNdNwWywR35uAIAHT63IUToSUTtkQF+VPv4471B+/llB
gAuW8ampGP/w//Dh/nORLwQTtLKdVV/rdMrDfOsIY3gRiB4pAtRI/xuci3OnOJ3r
KmUyOe58JMqvImOSpVvYaVokRxmJkCXdexgKfx3mHAIgztIJcUp8/TURI4XEHazS
o+tklHGMGSTxSLR6Qa2lhOA9z//n0WUmGGH5Tz+6cvyNBz/Q9K34BOOXhmRfwyzT
XDpeV6zIQg9DSRfJQpA42Zji6s1QQsiBPyl5eaKGVxHAmYDF8pR1TR5Vd7S8MqGM
dHkr/LhytzoIv2KaO+WmvT2iNqePs0QneZ5ukOnjAgMBAAGjggJ7MIICdzAdBgNV
HQ4EFgQUTYst+IJfUn0IzdahI/HSHKtX5F0wHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCB
8AYIKwYBBQUHAQsEgeMwgeAwOAYIKwYBBQUHMAWGLHJzeW5jOi8vbm9zdHJvbW8u
aGVmaWNlZC5uZXQvcmVwby8xMTIzNjcxLzAvMGQGCCsGAQUFBzAKhlhyc3luYzov
L25vc3Ryb21vLmhlZmljZWQubmV0L3JlcG8vMTEyMzY3MS8wLzREOEIyREY4ODI1
RjUyN0QwOENERDZBMTIzRjFEMjFDQUI1N0U0NUQubWZ0MD4GCCsGAQUFBzANhjJo
dHRwczovL25vc3Ryb21vLmhlZmljZWQubmV0L3JyZHAvbm90aWZpY2F0aW9uLnht
bDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEw
BgMEArmsQDANBAIAAjAHAwUDKgsFADAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMD
JUYwDQYJKoZIhvcNAQELBQADggEBADVVNwqjbyxxhtNW28tIpSFRSqG+dGCHIzri
FCd9TaBwv5qTxEhitwCBktjlIOkajvgwy94SE33BSXSwcRd73KlK/0y22e5WiR//
slD81AmgwWAbEYY2xoA5Qi4haxoC01OJg0JlKFAqUiYVMkMWpDY3b6GhYc1BEf4a
xlwZrREmWUtC+a1Y5s/ybhAVO/FpvgIeE7kouOowZRiMwFE5GlXIqUR4zyoilnlQ
rAFc1GpHR1FiLNtLowt72VdJFmih2PEqM7j38Ub8ClPKZ1TjLISvC8N1X/Kf/yO0
9N1K9YqoyHOV45zRzgj2whRlFJFa7RBnLhYYcpXrTdIycf/0wRg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:07 2023 by rpki-client on console-fra.rpki-client.org