Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3Ky7aY5VeWf8k7iWKR2RHUmnWzA.cer
File: 3Ky7aY5VeWf8k7iWKR2RHUmnWzA.cer (raw, json)
Hash identifier: V9+vfag2D4MByeNFVWisa9C0sPy5Yerf99hOSmXhW2Y=
Subject key identifier: DC:AC:BB:69:8E:55:79:67:FC:93:B8:96:29:1D:91:1D:49:A7:5B:30
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 81FC7204E7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c8/bbfdc1-828a-4fcc-8475-08c528e56edf/1/3Ky7aY5VeWf8k7iWKR2RHUmnWzA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c8/bbfdc1-828a-4fcc-8475-08c528e56edf/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Jan 2021 05:47:57 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: AS: 39486
IP: 45.153.100.0/22
IP: 2a0f:7700::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 558286111975 (0x81fc7204e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:47:57 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=dcacbb698e557967fc93b896291d911d49a75b30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ae:c3:00:ac:2f:8c:ad:cf:2c:27:a3:e2:44:
e3:80:3b:96:39:35:df:52:76:33:03:c8:ed:78:02:
c8:e2:4a:de:75:7e:40:df:1c:d1:55:b2:71:84:2f:
6e:65:04:8c:bb:5a:38:b5:79:a7:1d:0f:1b:1c:b0:
00:6d:ce:f1:82:78:d7:73:b4:a4:91:6e:b0:63:ba:
e1:e0:a4:c8:28:47:63:01:bd:7a:b4:eb:06:4f:a9:
77:37:f8:b9:b3:da:b4:4b:e5:66:b3:14:fe:9c:db:
a0:49:18:c1:c5:7d:86:de:9f:74:0e:67:00:84:d8:
3c:98:03:1a:2a:61:ec:22:0a:d1:dd:1f:48:38:7d:
0e:44:f7:9c:77:a6:3d:7a:cb:c0:46:59:c0:8b:02:
df:1d:b7:d2:ed:06:66:b4:75:27:f6:95:c3:74:8e:
92:1f:94:e1:2a:4b:6f:67:ca:5c:8f:d0:80:c2:f8:
6f:2c:50:a5:97:4b:dd:f2:ac:79:4f:94:34:cc:06:
a8:95:47:f1:1a:da:13:14:10:86:ef:b4:03:4b:f5:
d1:00:e9:45:4f:d9:ad:99:ad:b4:6f:b8:80:e9:82:
a3:a9:2c:e1:2d:77:97:90:fd:f8:77:3d:96:45:f1:
7f:df:3e:80:c9:6b:0b:f4:fe:f6:10:f4:b1:a2:67:
e4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AC:BB:69:8E:55:79:67:FC:93:B8:96:29:1D:91:1D:49:A7:5B:30
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bbfdc1-828a-4fcc-8475-08c528e56edf/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bbfdc1-828a-4fcc-8475-08c528e56edf/1/3Ky7aY5VeWf8k7iWKR2RHUmnWzA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.100.0/22
IPv6:
2a0f:7700::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
39486
Signature Algorithm: sha256WithRSAEncryption
7a:20:45:53:59:ac:85:66:1d:78:9d:33:30:5e:78:1a:64:8a:
54:7c:a0:ec:25:37:b6:18:6a:67:41:1d:e6:fa:e0:e9:10:64:
6e:85:5a:22:34:8a:f3:3e:e1:27:6b:46:b4:57:d6:2d:db:64:
aa:71:44:5a:2e:11:aa:83:f8:26:96:74:e8:53:e6:14:75:4a:
1a:1c:94:c9:f9:6b:58:0c:56:05:c0:b7:c9:56:dd:b2:d6:36:
4a:e0:09:3d:a2:c4:5d:cf:aa:3e:fd:17:1e:c1:4f:df:c6:5e:
c9:9d:d4:3b:a3:a5:20:7b:93:5e:81:4c:1d:84:21:7c:28:88:
e5:8e:fc:7e:d3:5e:f1:a0:28:b0:e0:f2:d0:d6:1a:1f:1c:c7:
a6:e9:e6:d4:86:0b:3f:72:e8:11:99:c8:b8:65:9d:3f:22:11:
39:af:23:76:c0:5a:98:68:28:ef:3a:1c:eb:1d:5a:00:47:ba:
8e:70:b0:16:61:ae:8c:c0:0d:67:db:59:5f:6b:db:04:80:d5:
c1:04:d7:55:fb:68:41:4d:96:dd:6c:6a:45:94:f5:56:bf:e8:
9c:fb:9b:b1:c8:9b:7b:be:38:d2:bd:fc:55:ea:fc:93:65:69:
39:31:ce:f8:32:4f:4b:ca:d9:7a:01:6b:a7:8b:cc:07:30:82:
95:25:5d:b6
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAIH8cgTnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjEw
MTAxMDU0NzU3WhcNMjIwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkY2FjYmI2OThl
NTU3OTY3ZmM5M2I4OTYyOTFkOTExZDQ5YTc1YjMwMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAva7DAKwvjK3PLCej4kTjgDuWOTXfUnYzA8jteALI4kre
dX5A3xzRVbJxhC9uZQSMu1o4tXmnHQ8bHLAAbc7xgnjXc7SkkW6wY7rh4KTIKEdj
Ab16tOsGT6l3N/i5s9q0S+VmsxT+nNugSRjBxX2G3p90DmcAhNg8mAMaKmHsIgrR
3R9IOH0ORPecd6Y9esvARlnAiwLfHbfS7QZmtHUn9pXDdI6SH5ThKktvZ8pcj9CA
wvhvLFCll0vd8qx5T5Q0zAaolUfxGtoTFBCG77QDS/XRAOlFT9mtma20b7iA6YKj
qSzhLXeXkP34dz2WRfF/3z6AyWsL9P72EPSxomfkswIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFNysu2mOVXln/JO4likdkR1Jp1swMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M4L2JiZmRjMS04MjhhLTRmY2Mt
ODQ3NS0wOGM1MjhlNTZlZGYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgvYmJmZGMxLTgyOGEtNGZjYy04
NDc1LTA4YzUyOGU1NmVkZi8xLzNLeTdhWTVWZVdmOGs3aVdLUjJSSFVtbld6QS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCLZlkMA0EAgACMAcDBQMqD3cAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwCaPjANBgkqhkiG9w0BAQsFAAOCAQEAeiBFU1mshWYdeJ0zMF54GmSKVHyg
7CU3thhqZ0Ed5vrg6RBkboVaIjSK8z7hJ2tGtFfWLdtkqnFEWi4RqoP4JpZ06FPm
FHVKGhyUyflrWAxWBcC3yVbdstY2SuAJPaLEXc+qPv0XHsFP38ZeyZ3UO6OlIHuT
XoFMHYQhfCiI5Y78ftNe8aAosODy0NYaHxzHpunm1IYLP3LoEZnIuGWdPyIROa8j
dsBamGgo7zoc6x1aAEe6jnCwFmGujMANZ9tZX2vbBIDVwQTXVftoQU2W3WxqRZT1
Vr/onPubscibe7440r38Ver8k2VpOTHO+DJPS8rZegFrp4vMBzCClSVdtg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:45 2023 by rpki-client on console-fra.rpki-client.org