Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2AvGdoNAZ07m7ZH0ZmHxqkF7YAM.cer
File: 2AvGdoNAZ07m7ZH0ZmHxqkF7YAM.cer (raw, json)
Hash identifier: AbomtqRVgmDtdnfqDiZEyM2Mkd/LTd+LwiHr15hzht0=
Subject key identifier: D8:0B:C6:76:83:40:67:4E:E6:ED:91:F4:66:61:F1:AA:41:7B:60:03
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 802DA09875
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b1/54daa2-0ba9-4b70-956f-496384b04a80/1/2AvGdoNAZ07m7ZH0ZmHxqkF7YAM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b1/54daa2-0ba9-4b70-956f-496384b04a80/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Jan 2021 04:43:30 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: IP: 139.28.104.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 550521313397 (0x802da09875)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:43:30 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=d80bc6768340674ee6ed91f46661f1aa417b6003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c6:29:33:4e:69:0a:62:7a:27:91:9b:bc:bb:
5f:90:cc:74:73:04:1b:c4:75:a9:a6:8c:1f:a6:58:
1b:81:5f:d1:ea:ce:a1:a0:14:ae:74:cf:98:f3:02:
72:3c:4c:33:7d:21:60:c3:56:a2:e9:b6:bb:9e:05:
79:4c:ee:c3:c5:69:df:3e:58:86:6c:97:bc:7b:66:
f2:a8:b2:4c:e1:53:e8:38:2d:c1:a5:06:c8:b6:17:
9d:2e:25:31:1c:7e:02:f2:05:ee:d1:cc:54:d7:b8:
0d:b2:6e:db:3a:a2:d1:24:55:78:17:c7:f8:ae:9d:
81:6f:a3:39:cb:c9:cb:9c:2d:d1:53:46:47:38:6c:
32:57:28:ce:23:b9:43:05:2a:39:e9:e6:d6:be:bd:
cc:cf:51:8f:b9:12:a0:72:38:ed:44:e2:c9:24:24:
7c:83:c5:1c:1e:b0:39:f8:68:72:24:59:e9:7f:c5:
6b:bb:e8:ec:d4:f6:8d:43:95:e7:44:9e:18:f2:d3:
44:05:51:88:31:9a:66:82:1b:23:98:a2:39:cc:9e:
70:99:6d:63:e5:52:dd:52:a5:fc:b1:f4:65:b6:7e:
2b:8b:57:b0:27:16:22:2f:c4:57:b4:4d:8e:f6:06:
b4:53:6d:ed:89:4c:6b:e9:e0:c8:fe:20:16:9a:81:
70:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:0B:C6:76:83:40:67:4E:E6:ED:91:F4:66:61:F1:AA:41:7B:60:03
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/54daa2-0ba9-4b70-956f-496384b04a80/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/54daa2-0ba9-4b70-956f-496384b04a80/1/2AvGdoNAZ07m7ZH0ZmHxqkF7YAM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.104.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:a5:80:87:60:97:c9:ef:5f:ed:26:83:74:30:e5:26:22:49:
3e:77:44:30:86:fe:8f:40:30:8f:5e:83:35:e3:fc:bf:e7:0b:
79:09:f6:b6:36:83:2f:6c:fe:13:e1:80:71:d2:c8:8d:52:38:
f5:c5:ad:00:19:a0:1a:d8:7c:b8:d7:9f:df:27:01:f6:c1:6d:
a5:d7:6e:12:2f:46:5f:c5:5d:c2:44:e2:5c:bc:d3:04:2f:ca:
09:a4:3e:89:d2:56:fe:63:48:e1:8d:f8:7e:0d:64:32:e1:df:
25:75:26:2c:a6:e9:31:76:6b:2f:47:c9:88:41:33:80:d5:f7:
9a:4d:e0:de:d2:8e:b6:f1:3a:96:ff:b4:03:a9:80:1d:b6:4a:
a8:e2:b2:72:f5:d5:0c:22:b9:a6:cc:e5:78:60:f9:79:ec:7c:
b6:f6:35:4a:34:bc:5c:66:1f:71:3f:ef:62:22:ae:e7:05:32:
3f:0c:bd:91:63:bf:f4:6f:24:a0:33:20:fb:04:b6:f7:a0:23:
75:6c:80:29:e2:43:32:1f:fd:0b:6d:59:88:a4:40:07:90:cc:
36:92:e8:0f:18:4b:73:de:fb:7d:fc:13:44:ae:d4:95:cf:c3:
6e:fe:49:e2:fb:97:b5:40:8e:66:c1:76:ce:6a:d7:a0:06:0e:
c4:9a:e6:8d
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAIAtoJh1MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjEw
MTAxMDQ0MzMwWhcNMjIwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkODBiYzY3Njgz
NDA2NzRlZTZlZDkxZjQ2NjYxZjFhYTQxN2I2MDAzMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAtcYpM05pCmJ6J5GbvLtfkMx0cwQbxHWppowfplgbgV/R
6s6hoBSudM+Y8wJyPEwzfSFgw1ai6ba7ngV5TO7DxWnfPliGbJe8e2byqLJM4VPo
OC3BpQbIthedLiUxHH4C8gXu0cxU17gNsm7bOqLRJFV4F8f4rp2Bb6M5y8nLnC3R
U0ZHOGwyVyjOI7lDBSo56ebWvr3Mz1GPuRKgcjjtROLJJCR8g8UcHrA5+GhyJFnp
f8Vru+js1PaNQ5XnRJ4Y8tNEBVGIMZpmghsjmKI5zJ5wmW1j5VLdUqX8sfRltn4r
i1ewJxYiL8RXtE2O9ga0U23tiUxr6eDI/iAWmoFwWQIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFNgLxnaDQGdO5u2R9GZh8apBe2ADMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IxLzU0ZGFhMi0wYmE5LTRiNzAt
OTU2Zi00OTYzODRiMDRhODAvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEvNTRkYWEyLTBiYTktNGI3MC05
NTZmLTQ5NjM4NGIwNGE4MC8xLzJBdkdkb05BWjA3bTdaSDBabUh4cWtGN1lBTS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCixxoMA0GCSqGSIb3DQEBCwUAA4IBAQCnpYCHYJfJ71/tJoN0MOUm
Ikk+d0Qwhv6PQDCPXoM14/y/5wt5Cfa2NoMvbP4T4YBx0siNUjj1xa0AGaAa2Hy4
15/fJwH2wW2l124SL0ZfxV3CROJcvNMEL8oJpD6J0lb+Y0jhjfh+DWQy4d8ldSYs
pukxdmsvR8mIQTOA1feaTeDe0o628TqW/7QDqYAdtkqo4rJy9dUMIrmmzOV4YPl5
7Hy29jVKNLxcZh9xP+9iIq7nBTI/DL2RY7/0bySgMyD7BLb3oCN1bIAp4kMyH/0L
bVmIpEAHkMw2kugPGEtz3vt9/BNErtSVz8Nu/kni+5e1QI5mwXbOategBg7EmuaN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:40 2023 by rpki-client on console-fra.rpki-client.org