Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3QJxcYvXLKLXLtQqhnf9uRGroHs.cer
File: 3QJxcYvXLKLXLtQqhnf9uRGroHs.cer (raw, json)
Hash identifier: 037EHDnxQJ30mJNMlOS5OArHXEH2L/D6my/fi+QRa5M=
Subject key identifier: DD:02:71:71:8B:D7:2C:A2:D7:2E:D4:2A:86:77:FD:B9:11:AB:A0:7B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 828A374AAC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b1/98589f-cd82-46a6-9e59-e9b69f7b4a96/1/3QJxcYvXLKLXLtQqhnf9uRGroHs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b1/98589f-cd82-46a6-9e59-e9b69f7b4a96/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Jan 2021 06:37:33 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: AS: 209288
IP: 151.248.16.0/22
IP: 2a05:ccc0::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 560664627884 (0x828a374aac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 06:37:33 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=dd0271718bd72ca2d72ed42a8677fdb911aba07b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:66:1d:28:53:2e:f5:82:41:07:4e:83:8b:d3:
da:49:8b:53:60:78:7c:63:2f:25:4f:40:e1:51:22:
66:db:3e:f0:ad:ae:c1:90:32:12:9a:e3:09:85:6d:
da:44:5c:93:08:a4:53:9b:31:16:a2:2a:81:7a:05:
31:a9:87:58:2e:93:73:c4:1b:d0:14:af:5e:a4:5a:
47:be:b7:a9:06:d3:3e:26:ca:5f:83:9b:9a:ff:26:
88:15:c7:5d:b2:41:d8:1c:76:23:13:95:72:ac:d9:
42:a6:86:3f:bd:f9:45:f4:8e:7c:dd:88:ed:21:09:
28:10:e8:ab:61:30:1a:54:c7:4c:de:88:d4:9c:51:
56:f1:68:46:e2:ee:66:bf:13:db:bc:36:be:37:ca:
05:0d:70:63:9b:46:e0:88:3c:02:ca:bb:b6:04:16:
6e:64:99:85:2a:22:25:3a:52:6a:cd:af:db:3c:89:
e2:68:8d:96:7a:80:1e:9a:67:79:6e:47:10:7c:dd:
ef:2d:03:ca:74:6a:6f:aa:18:72:f7:6b:46:9c:59:
be:43:fe:72:d6:a1:7c:2c:d1:b9:5b:d8:b3:23:ea:
35:98:96:50:b8:6b:44:a2:c7:75:8f:7c:97:44:49:
90:59:3b:2c:c2:1d:62:c0:51:6d:75:f2:de:6b:1c:
70:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:02:71:71:8B:D7:2C:A2:D7:2E:D4:2A:86:77:FD:B9:11:AB:A0:7B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/98589f-cd82-46a6-9e59-e9b69f7b4a96/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/98589f-cd82-46a6-9e59-e9b69f7b4a96/1/3QJxcYvXLKLXLtQqhnf9uRGroHs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.16.0/22
IPv6:
2a05:ccc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209288
Signature Algorithm: sha256WithRSAEncryption
7c:75:4a:da:01:cf:b3:7a:03:bd:ed:b6:7c:3b:1e:76:77:e1:
ef:a5:2d:d0:25:57:33:63:1d:37:38:f4:61:00:45:31:e1:99:
1d:d2:f5:1c:1b:a2:5a:9e:66:84:f3:a6:31:8f:98:b3:b1:0e:
8e:2e:b3:e1:d2:72:3d:85:ed:17:f0:e4:a6:5d:ab:1f:af:cd:
11:96:77:a0:52:d8:63:ad:6a:16:70:8f:0f:74:89:86:70:73:
c4:79:a6:e2:d1:8c:1d:10:0c:02:5e:da:e1:ba:07:90:27:6a:
e7:7f:23:5d:3f:cb:1e:b9:89:9d:50:d0:d3:97:28:17:77:0e:
f0:1f:06:23:c2:7d:f0:6b:1c:2e:88:14:6e:b6:86:06:16:10:
41:7e:10:94:e4:79:e5:a7:5a:d8:84:66:02:26:cb:24:44:20:
49:fe:47:af:39:22:d6:68:00:eb:e3:7c:61:86:3c:4c:70:08:
24:70:b1:6a:b4:5e:54:4d:88:48:b3:42:20:a3:2a:db:8d:82:
22:36:7b:d4:bb:62:f8:f0:27:ad:75:b2:76:56:a6:df:cd:15:
d2:49:da:08:2b:0b:c2:af:06:e9:60:60:9f:b5:1f:1c:8f:f4:
57:d8:d7:16:2f:6a:1d:7b:17:c8:ab:e9:1f:82:b5:fa:a0:f7:
e1:9f:56:68
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAIKKN0qsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjEw
MTAxMDYzNzMzWhcNMjIwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkZDAyNzE3MThi
ZDcyY2EyZDcyZWQ0MmE4Njc3ZmRiOTExYWJhMDdiMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAmGYdKFMu9YJBB06Di9PaSYtTYHh8Yy8lT0DhUSJm2z7w
ra7BkDISmuMJhW3aRFyTCKRTmzEWoiqBegUxqYdYLpNzxBvQFK9epFpHvrepBtM+
Jspfg5ua/yaIFcddskHYHHYjE5VyrNlCpoY/vflF9I583YjtIQkoEOirYTAaVMdM
3ojUnFFW8WhG4u5mvxPbvDa+N8oFDXBjm0bgiDwCyru2BBZuZJmFKiIlOlJqza/b
PIniaI2WeoAemmd5bkcQfN3vLQPKdGpvqhhy92tGnFm+Q/5y1qF8LNG5W9izI+o1
mJZQuGtEosd1j3yXREmQWTsswh1iwFFtdfLeaxxwuwIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFN0CcXGL1yyi1y7UKoZ3/bkRq6B7MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IxLzk4NTg5Zi1jZDgyLTQ2YTYt
OWU1OS1lOWI2OWY3YjRhOTYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEvOTg1ODlmLWNkODItNDZhNi05
ZTU5LWU5YjY5ZjdiNGE5Ni8xLzNRSnhjWXZYTEtMWEx0UXFobmY5dVJHcm9Icy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCl/gQMA0EAgACMAcDBQMqBczAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMxiDANBgkqhkiG9w0BAQsFAAOCAQEAfHVK2gHPs3oDve22fDsednfh76Ut
0CVXM2MdNzj0YQBFMeGZHdL1HBuiWp5mhPOmMY+Ys7EOji6z4dJyPYXtF/Dkpl2r
H6/NEZZ3oFLYY61qFnCPD3SJhnBzxHmm4tGMHRAMAl7a4boHkCdq538jXT/LHrmJ
nVDQ05coF3cO8B8GI8J98GscLogUbraGBhYQQX4QlOR55ada2IRmAibLJEQgSf5H
rzki1mgA6+N8YYY8THAIJHCxarReVE2ISLNCIKMq242CIjZ71Lti+PAnrXWydlam
380V0knaCCsLwq8G6WBgn7UfHI/0V9jXFi9qHXsXyKvpH4K1+qD34Z9WaA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:45 2023 by rpki-client on console-fra.rpki-client.org