Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-XUQZLkrsXusLEMAhO5rF0ywHm8.cer
File: 1-XUQZLkrsXusLEMAhO5rF0ywHm8.cer (raw, json)
Hash identifier: VKyYKN62ANK+y6mBRkHlXrAzHPgK8JRaciu/41z3gUo=
Subject key identifier: F9:75:10:64:B9:2B:B1:7B:AC:2C:43:00:84:EE:6B:17:4C:B0:1E:6F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9FC3FBF64C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a1/1a94bf-5d2f-46b7-8abd-ae472cfe940c/1/1-XUQZLkrsXusLEMAhO5rF0ywHm8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a1/1a94bf-5d2f-46b7-8abd-ae472cfe940c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 06:05:25 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 212559
IP: 91.243.118.0/24
IP: 2a10:78c0::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 686187869772 (0x9fc3fbf64c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 06:05:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9751064b92bb17bac2c430084ee6b174cb01e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b3:36:15:e3:4e:f1:88:a2:2d:40:5f:2a:d8:
a7:7e:07:0c:67:cc:7f:af:b4:f1:45:c5:ec:cf:6e:
af:3a:41:ad:fd:d9:17:6c:80:0e:12:43:10:b4:4a:
dc:15:5e:ff:56:16:db:98:34:95:28:42:88:fa:f1:
03:91:fd:b0:6a:c9:50:f0:ef:98:9f:ab:00:8a:90:
99:e3:e1:aa:6a:99:09:04:99:33:f6:49:bc:af:6d:
54:5e:40:3c:bb:b6:4e:53:c0:63:34:07:4e:45:a6:
18:de:a5:d3:28:a5:42:65:d8:97:11:6f:61:19:35:
35:a4:71:93:25:ea:e8:4c:83:31:f9:51:73:15:24:
fc:c5:a6:09:ed:71:a4:98:c6:68:50:71:87:4d:48:
09:5d:8a:31:d1:0b:2c:8a:3b:4a:40:33:cf:23:9d:
31:14:1e:66:e7:aa:38:eb:6f:ca:54:6b:da:a9:9e:
71:a5:df:13:a5:10:80:cd:ef:8f:36:bc:94:d6:47:
c6:ee:06:4e:a1:95:1e:77:34:d5:25:14:56:75:76:
b6:5e:b1:85:e0:82:7a:06:ad:99:c2:e7:40:5b:4d:
b0:87:4c:40:00:3b:a7:88:03:d1:80:ed:de:31:0e:
43:23:cb:7a:6e:d5:91:91:dc:60:49:56:53:df:9b:
42:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:75:10:64:B9:2B:B1:7B:AC:2C:43:00:84:EE:6B:17:4C:B0:1E:6F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/1a94bf-5d2f-46b7-8abd-ae472cfe940c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/1a94bf-5d2f-46b7-8abd-ae472cfe940c/1/1-XUQZLkrsXusLEMAhO5rF0ywHm8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.118.0/24
IPv6:
2a10:78c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
212559
Signature Algorithm: sha256WithRSAEncryption
88:2a:65:70:4a:8c:01:74:28:f1:22:ab:c0:ac:72:0f:b5:95:
37:c6:73:82:70:b8:0a:7a:2d:15:bb:86:90:9b:40:99:e4:31:
cd:ab:06:01:b7:cb:d4:98:ca:67:e9:90:cd:36:f3:35:8b:39:
2b:39:73:da:90:79:00:82:40:73:c2:54:7e:c0:4a:8e:e1:53:
a9:da:75:08:d7:27:97:0e:34:05:aa:f5:64:7c:20:7d:92:ae:
fd:6d:8d:a8:d3:64:ac:10:6f:a0:96:78:1d:bd:0e:2c:8b:ff:
b0:3e:cb:08:dd:81:7d:be:0c:3e:73:c9:be:d6:40:a5:31:7c:
58:4e:b1:32:6f:86:f1:07:23:e4:b3:b7:46:9d:8b:05:03:75:
82:30:2c:75:fc:f2:3f:a7:72:13:c8:51:41:11:57:28:52:20:
c0:14:41:4c:45:f1:70:30:72:59:60:3a:d5:05:3d:b4:76:83:
97:27:f8:55:39:c2:97:fb:62:51:8a:5a:90:f4:40:22:22:2f:
13:07:ff:11:9c:c5:9b:dd:dc:f7:53:d2:ee:8a:a4:00:1b:24:
df:d5:9b:5a:1a:12:60:8c:a2:e7:87:a9:0e:f8:91:df:67:ac:
38:2c:da:f6:27:76:ed:45:d8:84:43:f8:d3:9c:1c:7a:90:44:
b1:bc:76:2f
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIGAJ/D+/ZMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDYwNTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmOTc1MTA2NGI5
MmJiMTdiYWMyYzQzMDA4NGVlNmIxNzRjYjAxZTZmMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAurM2FeNO8YiiLUBfKtinfgcMZ8x/r7TxRcXsz26vOkGt
/dkXbIAOEkMQtErcFV7/VhbbmDSVKEKI+vEDkf2waslQ8O+Yn6sAipCZ4+GqapkJ
BJkz9km8r21UXkA8u7ZOU8BjNAdORaYY3qXTKKVCZdiXEW9hGTU1pHGTJeroTIMx
+VFzFST8xaYJ7XGkmMZoUHGHTUgJXYox0QssijtKQDPPI50xFB5m56o462/KVGva
qZ5xpd8TpRCAze+PNryU1kfG7gZOoZUedzTVJRRWdXa2XrGF4IJ6Bq2ZwudAW02w
h0xAADuniAPRgO3eMQ5DI8t6btWRkdxgSVZT35tCJQIDAQABo4ICsDCCAqwwHQYD
VR0OBBYEFPl1EGS5K7F7rCxDAITuaxdMsB5vMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ExLzFhOTRiZi01ZDJmLTQ2Yjct
OGFiZC1hZTQ3MmNmZTk0MGMvMS8wfQYIKwYBBQUHMAqGcXJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEvMWE5NGJmLTVkMmYtNDZiNy04
YWJkLWFlNDcyY2ZlOTQwYy8xLzEtWFVRWkxrcnNYdXNMRU1BaE81ckYweXdIbTgu
bWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5uZXQvbm90aWZpY2F0
aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5j
cmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0w
DAQCAAEwBgMEAFvzdjANBAIAAjAHAwUDKhB4wDAaBggrBgEFBQcBCAEB/wQLMAmg
BzAFAgMDPk8wDQYJKoZIhvcNAQELBQADggEBAIgqZXBKjAF0KPEiq8Cscg+1lTfG
c4JwuAp6LRW7hpCbQJnkMc2rBgG3y9SYymfpkM028zWLOSs5c9qQeQCCQHPCVH7A
So7hU6nadQjXJ5cONAWq9WR8IH2Srv1tjajTZKwQb6CWeB29DiyL/7A+ywjdgX2+
DD5zyb7WQKUxfFhOsTJvhvEHI+Szt0adiwUDdYIwLHX88j+nchPIUUERVyhSIMAU
QUxF8XAwcllgOtUFPbR2g5cn+FU5wpf7YlGKWpD0QCIiLxMH/xGcxZvd3PdT0u6K
pAAbJN/Vm1oaEmCMoueHqQ74kd9nrDgs2vYndu1F2IRD+NOcHHqQRLG8di8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:56 2023 by rpki-client on console-ams.rpki-client.org