Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0YXHxgQUodCIigHXSir1EmCUum8.cer
File: 0YXHxgQUodCIigHXSir1EmCUum8.cer (raw, json)
Hash identifier: +tS3ZzuM3eQyLj4XieFLHXTWR/6JU1f9bqnEqPhkKUI=
Subject key identifier: D1:85:C7:C6:04:14:A1:D0:88:8A:01:D7:4A:2A:F5:12:60:94:BA:6F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A409724014
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/41/2096e5-479f-46e2-ba65-3d6602890783/1/0YXHxgQUodCIigHXSir1EmCUum8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/41/2096e5-479f-46e2-ba65-3d6602890783/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 10:00:39 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 200542
IP: 185.100.236.0/22
IP: 2a00:aa20::/32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 704533118996 (0xa409724014)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:00:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d185c7c60414a1d0888a01d74a2af5126094ba6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c7:58:de:55:f7:53:ab:06:ba:01:e3:c4:e2:
0c:13:cb:02:ab:4f:33:2a:b0:61:c9:22:24:a2:ff:
9b:d9:c7:62:d3:65:5a:06:a9:39:ca:18:03:32:26:
07:2f:ee:46:3d:9d:d0:07:69:6c:13:9d:fb:54:a1:
78:ca:32:6f:bc:84:fa:a4:54:5c:27:50:50:6b:0c:
bb:64:4b:0f:a7:3e:e5:0c:3a:21:2d:a2:fc:28:6b:
9c:ae:0d:8a:5f:e1:0c:0f:35:54:76:76:05:23:4f:
4b:09:2b:fd:ca:9d:ec:4d:b9:47:49:f5:d5:a3:d0:
70:61:75:02:1e:99:64:a5:9a:ae:8a:45:4a:88:83:
02:12:1b:12:81:b9:8b:5b:28:6f:c9:3c:45:78:fb:
bb:b3:fa:98:7b:0b:7c:6b:00:5c:c1:a5:50:4e:6e:
85:55:95:39:ca:ca:86:aa:c7:fe:90:03:50:41:d0:
c8:e0:a4:c8:0c:42:99:41:47:24:89:94:d7:c5:52:
cf:2e:62:2f:c3:35:ef:7c:b9:64:27:43:b1:fe:89:
9b:dd:49:d5:90:31:0a:9f:8a:db:53:5b:bb:8a:55:
72:2c:cc:f6:ae:45:eb:4b:e1:fd:74:8f:20:ab:bb:
93:91:d7:3b:89:74:67:eb:22:f8:06:91:98:b0:c0:
3e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:85:C7:C6:04:14:A1:D0:88:8A:01:D7:4A:2A:F5:12:60:94:BA:6F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/2096e5-479f-46e2-ba65-3d6602890783/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/2096e5-479f-46e2-ba65-3d6602890783/1/0YXHxgQUodCIigHXSir1EmCUum8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.236.0/22
IPv6:
2a00:aa20::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200542
Signature Algorithm: sha256WithRSAEncryption
77:ca:5e:be:59:2a:c5:a8:52:48:c6:bf:79:84:31:b6:78:b8:
67:56:1c:30:f1:50:2f:ba:2d:c2:ad:da:87:96:3f:1b:75:56:
7b:96:8b:d2:6c:1a:e6:d9:2d:cf:24:24:35:a1:a3:b8:69:cf:
ee:4b:ad:f9:aa:21:85:71:f2:b6:92:4d:9c:bf:61:fe:b2:be:
51:2b:58:50:2a:48:0b:76:ab:2f:51:72:c7:3a:17:3a:d2:2f:
a4:e5:ee:0b:4b:10:09:04:0b:d5:4e:e6:96:61:b7:b3:37:38:
37:82:87:d6:21:84:b4:98:41:06:3f:04:1a:29:30:b8:a9:54:
21:82:40:8a:2a:aa:cd:5a:33:6a:92:84:15:76:85:26:74:d0:
16:4e:03:21:ff:63:5b:a9:c0:6b:ec:6c:a4:8d:b8:3f:7c:cd:
c5:98:3e:e9:34:c5:1c:d9:17:56:45:36:f5:84:3c:d2:3e:06:
a8:8b:a7:b2:dd:58:16:6c:c5:79:1c:7b:64:36:4f:2c:52:63:
8d:b0:34:9c:61:c5:f6:16:ea:7d:5e:de:00:ee:9f:76:3f:5e:
06:3b:a9:1b:fa:06:11:a0:03:95:12:9c:50:d2:e0:90:36:b8:
50:5e:5c:cb:e6:44:74:c7:b6:b1:90:22:2a:7e:2d:ec:ed:01:
b8:d8:65:0e
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAKQJckAUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTAwMDM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkMTg1YzdjNjA0
MTRhMWQwODg4YTAxZDc0YTJhZjUxMjYwOTRiYTZmMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAv8dY3lX3U6sGugHjxOIME8sCq08zKrBhySIkov+b2cdi
02VaBqk5yhgDMiYHL+5GPZ3QB2lsE537VKF4yjJvvIT6pFRcJ1BQawy7ZEsPpz7l
DDohLaL8KGucrg2KX+EMDzVUdnYFI09LCSv9yp3sTblHSfXVo9BwYXUCHplkpZqu
ikVKiIMCEhsSgbmLWyhvyTxFePu7s/qYewt8awBcwaVQTm6FVZU5ysqGqsf+kANQ
QdDI4KTIDEKZQUckiZTXxVLPLmIvwzXvfLlkJ0Ox/omb3UnVkDEKn4rbU1u7ilVy
LMz2rkXrS+H9dI8gq7uTkdc7iXRn6yL4BpGYsMA+hQIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFNGFx8YEFKHQiIoB10oq9RJglLpvMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQxLzIwOTZlNS00NzlmLTQ2ZTIt
YmE2NS0zZDY2MDI4OTA3ODMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEvMjA5NmU1LTQ3OWYtNDZlMi1i
YTY1LTNkNjYwMjg5MDc4My8xLzBZWEh4Z1FVb2RDSWlnSFhTaXIxRW1DVXVtOC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCuWTsMA0EAgACMAcDBQAqAKogMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMPXjANBgkqhkiG9w0BAQsFAAOCAQEAd8pevlkqxahSSMa/eYQxtni4Z1Yc
MPFQL7otwq3ah5Y/G3VWe5aL0mwa5tktzyQkNaGjuGnP7kut+aohhXHytpJNnL9h
/rK+UStYUCpIC3arL1FyxzoXOtIvpOXuC0sQCQQL1U7mlmG3szc4N4KH1iGEtJhB
Bj8EGikwuKlUIYJAiiqqzVozapKEFXaFJnTQFk4DIf9jW6nAa+xspI24P3zNxZg+
6TTFHNkXVkU29YQ80j4GqIunst1YFmzFeRx7ZDZPLFJjjbA0nGHF9hbqfV7eAO6f
dj9eBjupG/oGEaADlRKcUNLgkDa4UF5cy+ZEdMe2sZAiKn4t7O0BuNhlDg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:26 2023 by rpki-client on console-fra.rpki-client.org