Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ykMHRXqvqcitCtpUixRdnbYU2Uk.cer
File: ykMHRXqvqcitCtpUixRdnbYU2Uk.cer (raw, json)
Hash identifier: N08qzxV31eJgY+BL5ct5ReEsbzxxQKkyy5Lu4WMYcYA=
Subject key identifier: CA:43:07:45:7A:AF:A9:C8:AD:0A:DA:54:8B:14:5D:9D:B6:14:D9:49
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: B193664113
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a8/e9ee4e-c73a-4c2e-a75f-4d7059219ca8/1/ykMHRXqvqcitCtpUixRdnbYU2Uk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a8/e9ee4e-c73a-4c2e-a75f-4d7059219ca8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 11 May 2022 15:10:52 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 171.22.8.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 762682163475 (0xb193664113)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 11 15:10:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca4307457aafa9c8ad0ada548b145d9db614d949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7d:c7:d0:21:81:6b:03:3a:bd:02:6f:29:06:
92:2c:af:21:41:fe:39:4f:91:34:7e:93:3d:ad:66:
b6:df:39:b7:56:5b:73:ab:6d:cd:ff:62:15:80:28:
c3:9d:41:30:17:3c:74:4f:0e:6e:86:0e:5d:4b:82:
e2:49:90:09:ef:14:fd:6b:71:99:48:f6:97:c3:6b:
44:0f:22:6e:ac:05:b7:8a:f7:50:6b:7e:25:68:f5:
8f:f5:b9:5d:34:97:19:4d:14:31:87:c1:68:9a:22:
09:3d:fc:1a:aa:0d:82:fe:1f:72:4f:7a:a9:af:bc:
f9:c8:65:40:0c:15:48:34:33:12:0c:d3:c8:13:5a:
a9:59:59:13:96:83:36:64:70:19:be:9c:8a:2c:60:
18:73:68:d9:11:8f:0a:df:7c:62:e4:12:9e:d8:eb:
93:be:06:e5:13:11:ce:ca:a7:51:b0:17:38:e5:d8:
39:b1:4d:92:c3:c0:bc:1a:e1:48:ae:66:57:f4:41:
10:a3:e3:b0:bf:00:d8:ff:c5:28:43:b0:3a:bb:ca:
99:0f:33:13:50:a1:12:71:8d:51:80:78:d8:8d:62:
be:f1:5a:b3:74:29:00:4c:fa:3a:e1:55:f4:10:b9:
21:ce:cf:07:80:a7:32:30:c5:fc:ed:69:2f:06:18:
92:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:43:07:45:7A:AF:A9:C8:AD:0A:DA:54:8B:14:5D:9D:B6:14:D9:49
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e9ee4e-c73a-4c2e-a75f-4d7059219ca8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e9ee4e-c73a-4c2e-a75f-4d7059219ca8/1/ykMHRXqvqcitCtpUixRdnbYU2Uk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.8.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:67:2b:f2:79:a9:28:3f:a6:a2:b7:c8:65:63:f7:99:a5:5e:
90:f2:99:84:94:80:ea:da:c5:eb:24:0a:96:ae:19:33:75:d2:
d8:11:c6:d0:bb:12:a1:65:7d:07:f9:8a:0a:70:9e:7c:40:f8:
f9:ca:ea:2f:b7:7e:53:7f:11:b9:52:96:58:35:20:e5:30:1e:
70:ce:77:e3:30:9d:f0:7d:7f:31:4d:9f:b3:3d:ae:cd:be:9d:
17:74:40:a5:9d:71:73:cf:c8:55:1c:38:03:d7:0a:7b:e2:71:
3c:ea:f0:59:f6:f5:0b:2a:a8:fd:cc:6d:36:46:08:86:31:8b:
e3:33:50:e2:3b:65:54:6e:13:2a:a8:5c:0e:8e:eb:b0:2b:eb:
3d:44:6d:13:76:44:7b:40:0b:bf:c3:ac:f9:1e:23:52:8b:99:
e5:46:38:1f:7f:81:90:2b:72:43:3b:96:0b:82:64:7b:00:07:
47:fd:c4:51:47:3c:7d:4d:c4:9c:1f:7b:50:da:41:65:32:e5:
b6:0b:f1:f2:ff:f3:57:a8:54:a6:9c:cc:11:fc:76:55:b1:7e:
72:10:9c:17:0a:ee:4d:42:62:1d:f2:b6:9b:ec:b6:61:16:d2:
29:b8:8c:61:9f:d5:71:b7:bb:17:e0:43:b4:d0:48:e6:76:a6:
8c:be:d5:04
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGALGTZkETMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
NTExMTUxMDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjYTQzMDc0NTdh
YWZhOWM4YWQwYWRhNTQ4YjE0NWQ5ZGI2MTRkOTQ5MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAy33H0CGBawM6vQJvKQaSLK8hQf45T5E0fpM9rWa23zm3
Vltzq23N/2IVgCjDnUEwFzx0Tw5uhg5dS4LiSZAJ7xT9a3GZSPaXw2tEDyJurAW3
ivdQa34laPWP9bldNJcZTRQxh8FomiIJPfwaqg2C/h9yT3qpr7z5yGVADBVINDMS
DNPIE1qpWVkTloM2ZHAZvpyKLGAYc2jZEY8K33xi5BKe2OuTvgblExHOyqdRsBc4
5dg5sU2Sw8C8GuFIrmZX9EEQo+OwvwDY/8UoQ7A6u8qZDzMTUKEScY1RgHjYjWK+
8VqzdCkATPo64VX0ELkhzs8HgKcyMMX87WkvBhiSaQIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFMpDB0V6r6nIrQraVIsUXZ22FNlJMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E4L2U5ZWU0ZS1jNzNhLTRjMmUt
YTc1Zi00ZDcwNTkyMTljYTgvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgvZTllZTRlLWM3M2EtNGMyZS1h
NzVmLTRkNzA1OTIxOWNhOC8xL3lrTUhSWHF2cWNpdEN0cFVpeFJkbmJZVTJVay5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCqxYIMA0GCSqGSIb3DQEBCwUAA4IBAQBdZyvyeakoP6ait8hlY/eZ
pV6Q8pmElIDq2sXrJAqWrhkzddLYEcbQuxKhZX0H+YoKcJ58QPj5yuovt35TfxG5
UpZYNSDlMB5wznfjMJ3wfX8xTZ+zPa7Nvp0XdEClnXFzz8hVHDgD1wp74nE86vBZ
9vULKqj9zG02RgiGMYvjM1DiO2VUbhMqqFwOjuuwK+s9RG0TdkR7QAu/w6z5HiNS
i5nlRjgff4GQK3JDO5YLgmR7AAdH/cRRRzx9TcScH3tQ2kFlMuW2C/Hy//NXqFSm
nMwR/HZVsX5yEJwXCu5NQmId8rab7LZhFtIpuIxhn9Vxt7sX4EO00EjmdqaMvtUE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:11 2024 by rpki-client on console-fra.rpki-client.org