Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2qsUu0O5LtVTnxeoiTcYXOANc2c.cer
File: 2qsUu0O5LtVTnxeoiTcYXOANc2c.cer (raw, json)
Hash identifier: 5A2LgSFrTSvFE41zz8fv2WErgCNO3r1W41mPom1Y9JQ=
Subject key identifier: DA:AB:14:BB:43:B9:2E:D5:53:9F:17:A8:89:37:18:5C:E0:0D:73:67
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 7905031BE1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/39/82fc3b-f3a6-433c-b401-e0a5fc51a671/1/2qsUu0O5LtVTnxeoiTcYXOANc2c.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/39/82fc3b-f3a6-433c-b401-e0a5fc51a671/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Jan 2021 01:44:33 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: AS: 42358
IP: 46.255.96.0/21
IP: 77.72.136.0/21
IP: 2a01:680::/32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 519775132641 (0x7905031be1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:44:33 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=daab14bb43b92ed5539f17a88937185ce00d7367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:39:d4:e0:8b:c8:ce:5b:28:99:64:af:11:42:
0d:45:d3:ad:90:5e:d5:38:14:76:83:56:fe:60:3d:
18:8a:20:55:dd:e2:5b:32:c6:a1:e1:16:54:e0:aa:
f7:78:a2:04:21:f2:2a:c3:7f:7d:d8:65:d3:0e:06:
d4:f2:a2:53:77:80:30:f4:ef:ca:01:a8:81:c5:ea:
ee:7e:ff:0a:0c:41:60:9c:de:59:ce:7b:61:a6:cc:
c5:31:f6:69:de:23:3b:a9:91:63:15:e4:70:ac:3b:
40:38:25:00:ce:4a:ad:af:35:ce:e3:80:cc:48:b6:
40:42:50:13:87:47:b2:f9:b7:9b:e1:ed:a9:fc:75:
e5:6f:9c:61:65:d1:ca:93:99:49:2a:4e:a6:a0:74:
1a:e8:4b:70:83:14:43:36:05:8f:42:12:cc:57:17:
1a:63:11:5f:74:ad:58:86:18:0a:09:df:b3:ad:e6:
fa:92:26:31:f7:2f:98:6e:c6:aa:87:0e:d2:1f:7c:
38:4c:08:84:e4:7e:d5:18:a0:ba:48:fe:8e:f2:33:
6c:99:93:3d:51:71:2e:02:91:5b:16:cf:f3:8c:0c:
23:5f:e4:82:8c:1b:b0:bd:45:17:da:02:b2:61:72:
58:f1:40:c4:e8:ab:be:d5:c2:4b:64:90:bd:b4:80:
20:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AB:14:BB:43:B9:2E:D5:53:9F:17:A8:89:37:18:5C:E0:0D:73:67
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/82fc3b-f3a6-433c-b401-e0a5fc51a671/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/82fc3b-f3a6-433c-b401-e0a5fc51a671/1/2qsUu0O5LtVTnxeoiTcYXOANc2c.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.96.0/21
77.72.136.0/21
IPv6:
2a01:680::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42358
Signature Algorithm: sha256WithRSAEncryption
0a:8f:24:4d:80:80:7c:d0:64:5e:d7:56:7b:79:ec:ae:5d:32:
d6:58:75:cb:b5:df:86:18:0b:70:79:93:c5:6b:1b:ca:34:51:
bd:f8:19:e6:bd:bc:9c:b1:d4:1c:3c:9d:93:26:ce:f1:40:9f:
ef:b5:b8:11:d6:b6:a2:2a:e7:71:66:13:e5:d7:43:82:a5:a7:
10:df:35:25:a3:98:84:d4:12:22:49:93:31:dd:3b:c3:a9:09:
ac:b8:de:f8:cd:45:85:f2:aa:dc:5d:96:39:69:09:63:9b:94:
a1:bb:ec:b8:3a:5b:36:3a:d8:f3:72:bb:51:b1:83:f9:35:05:
ba:7b:1c:33:fd:7f:96:b1:91:09:31:a4:00:dd:7f:32:37:df:
f6:cb:95:61:b7:09:e9:bd:cf:a5:3c:b3:1d:b5:1a:05:22:e8:
16:92:09:4c:cf:10:a9:8e:e5:be:3d:67:cb:14:18:b7:28:ba:
16:e3:45:7a:f7:07:32:40:53:42:29:af:42:78:84:8f:61:a9:
55:da:24:ce:78:ae:e7:88:23:1d:9c:2e:c6:8d:99:c6:31:77:
55:ad:1d:78:10:97:ef:cb:63:76:f6:a9:d1:a0:c7:69:09:27:
0c:d6:95:99:75:c4:20:b4:fd:7d:5f:81:d1:f1:f8:02:af:2e:
d2:c3:25:ec
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIFeQUDG+EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMTAx
MDEwMTQ0MzNaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGRhYWIxNGJiNDNi
OTJlZDU1MzlmMTdhODg5MzcxODVjZTAwZDczNjcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcOdTgi8jOWyiZZK8RQg1F062QXtU4FHaDVv5gPRiKIFXd
4lsyxqHhFlTgqvd4ogQh8irDf33YZdMOBtTyolN3gDD078oBqIHF6u5+/woMQWCc
3lnOe2GmzMUx9mneIzupkWMV5HCsO0A4JQDOSq2vNc7jgMxItkBCUBOHR7L5t5vh
7an8deVvnGFl0cqTmUkqTqagdBroS3CDFEM2BY9CEsxXFxpjEV90rViGGAoJ37Ot
5vqSJjH3L5huxqqHDtIffDhMCITkftUYoLpI/o7yM2yZkz1RcS4CkVsWz/OMDCNf
5IKMG7C9RRfaArJhcljxQMToq77VwktkkL20gCBdAgMBAAGjggK1MIICsTAdBgNV
HQ4EFgQU2qsUu0O5LtVTnxeoiTcYXOANc2cwHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCC
ASMGCCsGAQUFBwELBIIBFTCCAREwXQYIKwYBBQUHMAWGUXJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkvODJmYzNiLWYzYTYtNDMzYy1i
NDAxLWUwYTVmYzUxYTY3MS8xLzB8BggrBgEFBQcwCoZwcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84MmZjM2ItZjNhNi00MzNjLWI0
MDEtZTBhNWZjNTFhNjcxLzEvMnFzVXUwTzVMdFZUbnhlb2lUY1lYT0FOYzJjLm1m
dDAyBggrBgEFBQcwDYYmaHR0cHM6Ly9ycmRwLnJpcGUubmV0L25vdGlmaWNhdGlv
bi54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3Js
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIE
AgABMAwDBAMu/2ADBANNSIgwDQQCAAIwBwMFACoBBoAwGgYIKwYBBQUHAQgBAf8E
CzAJoAcwBQIDAKV2MA0GCSqGSIb3DQEBCwUAA4IBAQAKjyRNgIB80GRe11Z7eeyu
XTLWWHXLtd+GGAtweZPFaxvKNFG9+BnmvbycsdQcPJ2TJs7xQJ/vtbgR1raiKudx
ZhPl10OCpacQ3zUlo5iE1BIiSZMx3TvDqQmsuN74zUWF8qrcXZY5aQljm5Shu+y4
Ols2OtjzcrtRsYP5NQW6exwz/X+WsZEJMaQA3X8yN9/2y5Vhtwnpvc+lPLMdtRoF
IugWkglMzxCpjuW+PWfLFBi3KLoW40V69wcyQFNCKa9CeISPYalV2iTOeK7niCMd
nC7GjZnGMXdVrR14EJfvy2N29qnRoMdpCScM1pWZdcQgtP19X4HR8fgCry7SwyXs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:50 2023 by rpki-client on console-ams.rpki-client.org