Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43i9t2gvKPujpwKbHJhDHWZKhAw.cer
File: 43i9t2gvKPujpwKbHJhDHWZKhAw.cer (raw, json)
Hash identifier: +ljRgRnOIELKMz5ShAuB/Ugbygn2WhqVCSJ9Jym9bR0=
Subject key identifier: E3:78:BD:B7:68:2F:28:FB:A3:A7:02:9B:1C:98:43:1D:66:4A:84:0C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A72BDBA6D4
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/be/be3414-817a-4667-9b5b-95f2071bfcad/1/43i9t2gvKPujpwKbHJhDHWZKhAw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/be/be3414-817a-4667-9b5b-95f2071bfcad/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 12:56:50 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 209363
IP: 109.68.240.0/21
IP: 185.253.124.0/22
IP: 193.34.148.0/23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 717995353812 (0xa72bdba6d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:56:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e378bdb7682f28fba3a7029b1c98431d664a840c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:96:ad:7f:f7:fc:54:8d:9b:9f:8d:ba:8a:2b:
8a:9a:5a:bf:e2:59:b5:98:8a:c1:ca:70:ca:d3:4a:
26:77:60:80:cf:a7:a6:ca:21:8a:ce:f1:97:4a:dd:
58:e5:30:5c:eb:ae:07:57:71:3f:90:2e:07:eb:47:
5a:20:08:cf:52:3f:16:73:5f:cd:ec:79:0e:fd:7e:
c4:e3:c7:08:78:b6:99:25:31:af:22:65:65:72:6e:
62:09:f6:09:46:b6:d1:7c:af:11:02:18:20:36:ae:
12:78:ec:1e:1c:30:a9:10:0b:60:e5:ec:83:23:04:
6f:16:50:fa:49:1a:62:43:4a:30:7c:25:6f:e0:c8:
6d:2b:73:1f:cb:c0:d4:36:9b:e7:60:c6:a2:35:ef:
a9:8b:a0:f8:57:9b:39:0b:6a:23:d2:1d:d5:8b:d1:
9b:f0:de:06:a9:84:62:f4:a8:30:dd:37:13:89:94:
db:9a:21:7c:f3:ff:4a:b3:37:20:5a:de:da:68:10:
79:76:87:ce:e3:9d:01:ae:c1:6b:62:fc:32:7e:d3:
97:94:2b:ba:fe:a0:3d:ef:78:37:bf:d7:e1:a3:16:
74:7a:49:47:9b:d4:f3:46:d7:3b:b7:7e:8e:b5:21:
95:ee:c1:13:f1:64:8b:06:9c:b7:08:ee:2a:aa:5a:
09:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:78:BD:B7:68:2F:28:FB:A3:A7:02:9B:1C:98:43:1D:66:4A:84:0C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/be3414-817a-4667-9b5b-95f2071bfcad/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/be3414-817a-4667-9b5b-95f2071bfcad/1/43i9t2gvKPujpwKbHJhDHWZKhAw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.240.0/21
185.253.124.0/22
193.34.148.0/23
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209363
Signature Algorithm: sha256WithRSAEncryption
56:5d:c0:a1:c2:01:f3:7d:98:c6:78:3c:ab:cf:60:7b:79:0e:
b6:ef:28:53:7d:26:5f:62:cd:f3:a2:ab:2e:d8:fa:5d:12:2e:
ed:c8:c3:4c:29:c3:41:69:48:0b:e5:ba:01:27:f1:ce:f9:95:
e4:7a:11:d3:ce:61:29:8a:16:24:16:82:18:d6:cd:1f:9b:40:
6e:d3:b1:e8:0f:18:be:ad:f9:e9:05:27:41:76:13:61:b8:2a:
a3:7f:b0:a1:c7:d9:f2:f6:8e:ce:ed:88:6c:2c:d3:ce:68:76:
3d:ae:c0:59:6c:d0:3b:6e:7b:f8:bd:da:37:36:80:68:75:16:
7a:53:b3:14:35:11:ff:68:00:0a:02:41:4b:e3:5e:8d:b6:6b:
4a:8f:f0:4b:f6:61:27:8b:a7:1c:08:36:9d:8a:20:c1:b8:79:
f1:22:b5:2f:be:10:3c:6b:0a:7e:22:8d:ed:54:22:f5:94:5c:
2b:31:69:18:2f:82:d3:42:cb:5d:de:45:68:c3:1f:4b:c4:57:
5c:01:3a:39:a5:b2:09:ff:23:a9:78:2e:e2:61:1c:31:fb:40:
55:62:ef:89:c7:f4:aa:97:e1:36:bd:40:f2:15:b9:91:ce:58:
aa:3a:be:6e:7b:18:5a:30:dc:f9:da:51:60:56:be:e0:eb:01:
e6:e9:d8:de
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIGAKcr26bUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTI1NjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlMzc4YmRiNzY4
MmYyOGZiYTNhNzAyOWIxYzk4NDMxZDY2NGE4NDBjMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA25atf/f8VI2bn426iiuKmlq/4lm1mIrBynDK00omd2CA
z6emyiGKzvGXSt1Y5TBc664HV3E/kC4H60daIAjPUj8Wc1/N7HkO/X7E48cIeLaZ
JTGvImVlcm5iCfYJRrbRfK8RAhggNq4SeOweHDCpEAtg5eyDIwRvFlD6SRpiQ0ow
fCVv4MhtK3Mfy8DUNpvnYMaiNe+pi6D4V5s5C2oj0h3Vi9Gb8N4GqYRi9Kgw3TcT
iZTbmiF88/9KszcgWt7aaBB5dofO450BrsFrYvwyftOXlCu6/qA973g3v9fhoxZ0
eklHm9TzRtc7t36OtSGV7sET8WSLBpy3CO4qqloJKQIDAQABo4ICrDCCAqgwHQYD
VR0OBBYEFON4vbdoLyj7o6cCmxyYQx1mSoQMMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JlL2JlMzQxNC04MTdhLTQ2Njct
OWI1Yi05NWYyMDcxYmZjYWQvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUvYmUzNDE0LTgxN2EtNDY2Ny05
YjViLTk1ZjIwNzFiZmNhZC8xLzQzaTl0Mmd2S1B1anB3S2JISmhESFdaS2hBdy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAY
BAIAATASAwQDbUTwAwQCuf18AwQBwSKUMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMx0zANBgkqhkiG9w0BAQsFAAOCAQEAVl3AocIB832Yxng8q89ge3kOtu8oU30m
X2LN86KrLtj6XRIu7cjDTCnDQWlIC+W6ASfxzvmV5HoR085hKYoWJBaCGNbNH5tA
btOx6A8Yvq356QUnQXYTYbgqo3+wocfZ8vaOzu2IbCzTzmh2Pa7AWWzQO257+L3a
NzaAaHUWelOzFDUR/2gACgJBS+NejbZrSo/wS/ZhJ4unHAg2nYogwbh58SK1L74Q
PGsKfiKN7VQi9ZRcKzFpGC+C00LLXd5FaMMfS8RXXAE6OaWyCf8jqXgu4mEcMftA
VWLvicf0qpfhNr1A8hW5kc5Yqjq+bnsYWjDc+dpRYFa+4OsB5unY3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:40 2024 by rpki-client on console-ams.rpki-client.org