Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3SgB3l6KOjbvB_dp6vGTJM9J-Pg.cer
File: 3SgB3l6KOjbvB_dp6vGTJM9J-Pg.cer (raw, json)
Hash identifier: p2lUx17FaiUQHIb9wzAzOwGG8QgoGOj7jrvJKsTvzxw=
Subject key identifier: DD:28:01:DE:5E:8A:3A:36:EF:07:F7:69:EA:F1:93:24:CF:49:F8:F8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 80D183B4BC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5f/240145-6098-4b55-8bbb-19ed7fddbdcc/1/3SgB3l6KOjbvB_dp6vGTJM9J-Pg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5f/240145-6098-4b55-8bbb-19ed7fddbdcc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Jan 2021 05:05:37 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: IP: 45.88.68.0/22
IP: 2a07:4b40::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 553270883516 (0x80d183b4bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:05:37 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=dd2801de5e8a3a36ef07f769eaf19324cf49f8f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:11:1b:59:06:3d:12:1d:8b:3f:6c:43:86:28:
72:76:20:c1:09:06:12:40:2c:2e:6d:82:b3:02:6a:
01:52:1a:e0:b1:80:b2:fe:82:a9:57:4c:1a:ad:59:
b2:35:be:32:24:1c:df:43:64:25:0c:1b:ff:66:34:
af:68:75:92:20:98:cc:90:fa:d8:5d:f4:4b:cf:3c:
78:72:51:28:07:4e:86:85:ef:77:b9:7d:2a:c4:b1:
b1:1c:95:e2:0c:77:aa:78:08:9c:a3:93:27:52:27:
67:6b:2b:8d:c8:18:90:f9:e9:f2:86:ac:5d:0a:71:
56:55:64:21:d3:d1:05:b0:e0:51:e1:83:c0:bd:a9:
ef:e0:d4:7c:1d:e8:3d:b9:6c:48:9f:ef:a5:9e:e3:
d2:d4:3b:0e:94:48:1c:bf:e4:b1:91:88:c0:70:d0:
7d:07:f1:ee:96:11:27:74:58:73:51:a2:05:cb:44:
26:51:59:08:10:ae:26:e3:87:ea:d4:e9:0e:5d:1b:
79:8e:a5:f2:8c:9b:b3:70:c1:6a:55:c0:1f:30:e7:
6d:ec:e4:f4:5b:73:1e:c1:6a:ec:37:be:4c:2e:07:
ff:ba:0f:0a:be:ea:cb:aa:8c:c8:79:00:d3:d8:d9:
02:21:ce:be:8f:cb:5e:b8:4e:69:61:4d:5b:34:b8:
05:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:28:01:DE:5E:8A:3A:36:EF:07:F7:69:EA:F1:93:24:CF:49:F8:F8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/240145-6098-4b55-8bbb-19ed7fddbdcc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/240145-6098-4b55-8bbb-19ed7fddbdcc/1/3SgB3l6KOjbvB_dp6vGTJM9J-Pg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.68.0/22
IPv6:
2a07:4b40::/29
Signature Algorithm: sha256WithRSAEncryption
aa:e5:0f:3b:1b:9e:9c:44:67:43:19:b3:cc:07:b6:80:b5:18:
8a:43:df:0b:8e:79:24:fe:62:44:46:42:39:5a:e0:51:0c:18:
d0:05:9c:91:53:47:7d:ae:a8:cf:c1:38:12:78:8b:39:78:82:
a0:c8:37:76:0f:97:e0:8d:e4:73:57:de:69:0d:9e:b4:6d:99:
f4:88:1a:6c:b3:8e:70:2a:92:62:ef:89:d2:bc:e8:d4:a0:50:
a2:de:68:2d:a5:cf:ad:c3:89:3a:58:81:15:15:4c:26:3c:c0:
8b:a7:e9:82:eb:55:7e:e7:fe:a3:99:79:d9:38:ce:ca:27:fb:
71:f8:e9:fd:76:22:7a:bb:db:d1:db:78:50:d0:1c:47:bb:4e:
3a:99:03:34:ba:30:c7:42:d4:6d:3e:dc:8c:1a:60:a6:8a:ee:
fc:a3:7c:0e:e2:2a:38:4f:47:05:6b:ed:df:2b:38:5d:01:5c:
9c:33:bf:52:1e:40:da:5c:89:bb:eb:df:15:74:6a:f8:6f:be:
89:55:20:23:4f:b0:9f:ea:28:23:65:3a:9a:98:d6:ac:cd:49:
a2:61:d6:22:75:03:1a:57:2c:73:80:0a:86:1b:b4:51:bd:3a:
6c:95:31:3a:c5:c9:0f:72:4f:c3:fa:2f:d3:a6:f1:2a:8f:a1:
e8:71:f6:1f
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIGAIDRg7S8MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjEw
MTAxMDUwNTM3WhcNMjIwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkZDI4MDFkZTVl
OGEzYTM2ZWYwN2Y3NjllYWYxOTMyNGNmNDlmOGY4MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAqxEbWQY9Eh2LP2xDhihydiDBCQYSQCwubYKzAmoBUhrg
sYCy/oKpV0warVmyNb4yJBzfQ2QlDBv/ZjSvaHWSIJjMkPrYXfRLzzx4clEoB06G
he93uX0qxLGxHJXiDHeqeAico5MnUidnayuNyBiQ+enyhqxdCnFWVWQh09EFsOBR
4YPAvanv4NR8Heg9uWxIn++lnuPS1DsOlEgcv+SxkYjAcNB9B/HulhEndFhzUaIF
y0QmUVkIEK4m44fq1OkOXRt5jqXyjJuzcMFqVcAfMOdt7OT0W3MewWrsN75MLgf/
ug8KvurLqozIeQDT2NkCIc6+j8teuE5pYU1bNLgFXwIDAQABo4ICkzCCAo8wHQYD
VR0OBBYEFN0oAd5eijo27wf3aerxkyTPSfj4MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVmLzI0MDE0NS02MDk4LTRiNTUt
OGJiYi0xOWVkN2ZkZGJkY2MvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYvMjQwMTQ1LTYwOTgtNGI1NS04
YmJiLTE5ZWQ3ZmRkYmRjYy8xLzNTZ0IzbDZLT2pidkJfZHA2dkdUSk05Si1QZy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCLVhEMA0EAgACMAcDBQMqB0tAMA0GCSqGSIb3DQEBCwUAA4IBAQCq
5Q87G56cRGdDGbPMB7aAtRiKQ98Ljnkk/mJERkI5WuBRDBjQBZyRU0d9rqjPwTgS
eIs5eIKgyDd2D5fgjeRzV95pDZ60bZn0iBpss45wKpJi74nSvOjUoFCi3mgtpc+t
w4k6WIEVFUwmPMCLp+mC61V+5/6jmXnZOM7KJ/tx+On9diJ6u9vR23hQ0BxHu046
mQM0ujDHQtRtPtyMGmCmiu78o3wO4io4T0cFa+3fKzhdAVycM79SHkDaXIm7698V
dGr4b76JVSAjT7Cf6igjZTqamNaszUmiYdYidQMaVyxzgAqGG7RRvTpslTE6xckP
ck/D+i/TpvEqj6HocfYf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:29 2023 by rpki-client on console-ams.rpki-client.org