Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3KFvYY5iEi8hkVMmjKizF-5NWmA.cer
File: 3KFvYY5iEi8hkVMmjKizF-5NWmA.cer (raw, json)
Hash identifier: ThH1RWy6yP7gacCC6H0n5+kQknDViMwp28DY7pcD2+I=
Subject key identifier: DC:A1:6F:61:8E:62:12:2F:21:91:53:26:8C:A8:B3:17:EE:4D:5A:60
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 806911213A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5b/ce98a9-f026-4b66-a270-fee0d81bfb63/1/3KFvYY5iEi8hkVMmjKizF-5NWmA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5b/ce98a9-f026-4b66-a270-fee0d81bfb63/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Jan 2021 04:53:08 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: AS: 2118
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 551518544186 (0x806911213a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:53:08 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=dca16f618e62122f219153268ca8b317ee4d5a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b2:4d:a6:4f:20:e2:b2:c8:9a:a1:05:41:1e:
c1:28:68:89:c3:74:ac:68:b3:8d:6e:d4:87:78:8f:
f2:4d:73:b8:33:74:e7:1b:63:4f:14:a3:34:e0:ee:
29:be:75:7c:d6:8b:89:8e:cf:62:44:9d:69:5a:99:
e9:b8:f1:23:8f:c6:b1:22:fc:c5:75:11:9a:47:da:
35:9f:3d:9e:b2:ea:71:a1:82:5c:75:35:4f:b1:40:
82:86:18:68:7a:f2:18:98:b3:00:5d:ff:9c:07:61:
19:e5:b0:87:1f:6c:3c:1d:e6:20:9e:a7:47:03:68:
43:90:69:ef:dc:c7:0e:70:a5:a4:b0:5d:de:9d:e0:
81:52:bd:c3:ec:eb:b9:e4:e8:ea:3f:12:aa:76:62:
93:c1:5c:90:4c:85:c8:de:f7:31:47:a0:25:fb:a5:
a9:9f:c0:7f:a4:7e:1c:81:3c:6a:f4:25:8a:ab:32:
15:2b:82:80:29:f7:3d:f8:dd:c2:ea:45:de:55:93:
c4:ef:df:b5:5e:98:82:84:ae:52:20:af:63:95:41:
29:02:3b:ef:e9:19:ca:1e:82:e4:d4:d9:af:41:d0:
73:fe:f1:0e:2c:46:fd:00:23:26:51:bb:c6:81:59:
21:9a:e2:ca:2c:69:fc:cc:65:98:4a:fa:5f:be:de:
5a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A1:6F:61:8E:62:12:2F:21:91:53:26:8C:A8:B3:17:EE:4D:5A:60
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ce98a9-f026-4b66-a270-fee0d81bfb63/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ce98a9-f026-4b66-a270-fee0d81bfb63/1/3KFvYY5iEi8hkVMmjKizF-5NWmA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
2118
Signature Algorithm: sha256WithRSAEncryption
6b:e6:35:7f:c0:e6:2a:eb:cd:93:f7:0a:68:7a:e0:a7:9d:54:
81:4b:12:68:3a:ca:7b:9f:75:cc:06:7d:c0:a2:53:13:9b:a2:
c5:f8:00:ee:91:42:26:bd:7b:0d:81:49:cf:24:d1:ac:f8:f5:
2b:f1:52:ac:d5:c2:17:b8:b2:6b:dc:56:7f:0f:7a:3b:b6:bd:
d9:63:4f:dd:6e:51:9d:06:9d:e4:54:f6:37:f4:b5:20:9b:fb:
ee:2f:3d:73:e9:2f:26:47:de:51:93:89:97:fe:96:15:4f:cc:
b3:10:42:0f:6c:0d:b7:dc:f5:25:23:bb:32:87:56:4d:06:88:
69:24:ad:37:18:09:51:de:27:0a:5f:b3:d4:25:5d:82:2e:7d:
d5:50:d7:31:2b:f2:50:48:57:6e:6b:42:50:7f:d2:47:19:b2:
58:22:9a:51:ac:74:9d:34:5f:3b:d9:55:76:0f:c9:c2:7d:f3:
c3:ea:7a:36:9d:bb:ca:b4:55:59:50:ea:12:03:7d:8c:9e:db:
d8:6a:38:35:24:5b:64:e7:54:04:ed:c3:cd:60:23:ff:9b:9d:
d3:71:95:67:32:f4:02:06:c2:c2:5c:cd:6c:e9:72:06:54:79:
26:f1:fc:70:ff:54:dd:bc:bb:3b:42:8a:e1:3c:62:07:40:98:
3b:c4:5f:bc
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgIGAIBpESE6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjEw
MTAxMDQ1MzA4WhcNMjIwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkY2ExNmY2MThl
NjIxMjJmMjE5MTUzMjY4Y2E4YjMxN2VlNGQ1YTYwMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEApbJNpk8g4rLImqEFQR7BKGiJw3SsaLONbtSHeI/yTXO4
M3TnG2NPFKM04O4pvnV81ouJjs9iRJ1pWpnpuPEjj8axIvzFdRGaR9o1nz2esupx
oYJcdTVPsUCChhhoevIYmLMAXf+cB2EZ5bCHH2w8HeYgnqdHA2hDkGnv3McOcKWk
sF3eneCBUr3D7Ou55OjqPxKqdmKTwVyQTIXI3vcxR6Al+6Wpn8B/pH4cgTxq9CWK
qzIVK4KAKfc9+N3C6kXeVZPE79+1XpiChK5SIK9jlUEpAjvv6RnKHoLk1NmvQdBz
/vEOLEb9ACMmUbvGgVkhmuLKLGn8zGWYSvpfvt5aZQIDAQABo4ICfjCCAnowHQYD
VR0OBBYEFNyhb2GOYhIvIZFTJoyosxfuTVpgMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzViL2NlOThhOS1mMDI2LTRiNjYt
YTI3MC1mZWUwZDgxYmZiNjMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvY2U5OGE5LWYwMjYtNGI2Ni1h
MjcwLWZlZTBkODFiZmI2My8xLzNLRnZZWTVpRWk4aGtWTW1qS2l6Ri01TldtQS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBkGCCsGAQUFBwEIAQH/BAowCKAG
MAQCAghGMA0GCSqGSIb3DQEBCwUAA4IBAQBr5jV/wOYq682T9wpoeuCnnVSBSxJo
Osp7n3XMBn3AolMTm6LF+ADukUImvXsNgUnPJNGs+PUr8VKs1cIXuLJr3FZ/D3o7
tr3ZY0/dblGdBp3kVPY39LUgm/vuLz1z6S8mR95Rk4mX/pYVT8yzEEIPbA233PUl
I7syh1ZNBohpJK03GAlR3icKX7PUJV2CLn3VUNcxK/JQSFdua0JQf9JHGbJYIppR
rHSdNF872VV2D8nCffPD6no2nbvKtFVZUOoSA32MntvYajg1JFtk51QE7cPNYCP/
m53TcZVnMvQCBsLCXM1s6XIGVHkm8fxw/1TdvLs7QorhPGIHQJg7xF+8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:29 2023 by rpki-client on console-ams.rpki-client.org